From patchwork Fri Jan 31 20:19:30 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chuck Lever <cel@kernel.org>
X-Patchwork-Id: 13955731
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id ADABF15D5B6
	for <kdevops@lists.linux.dev>; Fri, 31 Jan 2025 20:19:37 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1738354777; cv=none;
 b=GipuQ+++tu7RwO0FGcvi4HL1T8tRDCno/OOuUB6IyMRazKktIZ7YuAigLU0LRJWIQ9+C0hq2O2i2j/wHtLvSjL8FSaqsRPs+wm6fVJpbdvikN3HO7JqLDQtl0BAgJ/4ApiMsbstMTz5TziObFROPd+8qnCJDT8HoLf1PVw8rpYs=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1738354777; c=relaxed/simple;
	bh=905WGgIZzeSbKQnIF+DI6dvqAF3TPeEJu0g1SPmmmsg=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=ttHTKMNxCKcBC7Z/uJL2pHwn3tdl/DBSsQa4SeRJhlf1S14J6pjZmsr9QX6+F1NbGUd9chercrTHt+uLBsF46RXPQG9LFfclGwlnozcFBe6netAHwaNaMXKGmSKM215rIyd2R4Nnn7hRlr4ungMXB/u4H5f7DBOxE5Yev6PUaD8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=Zz9/dnGe; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="Zz9/dnGe"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4A070C4CED1;
	Fri, 31 Jan 2025 20:19:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1738354777;
	bh=905WGgIZzeSbKQnIF+DI6dvqAF3TPeEJu0g1SPmmmsg=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=Zz9/dnGeIiTWuwkdNvBaKVn3h2iVYxRFiK6s+z0Yax6qZ1fZta3DNwhJ0BUMXqDgF
	 7V4iO0ou1adsQGM0/srbzAg/SSHsv8ShnQEoEk7CCQyD7kVy0TonBp+E4Pzt4IME7e
	 dkY4+hmxTz1f3ZGGUPMTciUmPlsl5opJWY+gxYRQ9BOXn67rNkS8PKnggdntJHZ8ff
	 l7P0POCnsGDkCaOWv99ha/LEwDySvdjYRvVCFSYqD8jhwKG8Ifq5vzLIVG531syyPH
	 EtMsfzptBsLA7Tk73+FPo9E6mCj5ujOLSD+yCMZVcIEKMAf7iZI4UJccxVUWYdGTk6
	 Nnncnu8q2BU0Q==
From: cel@kernel.org
To: <kdevops@lists.linux.dev>
Cc: Chuck Lever <chuck.lever@oracle.com>
Subject: [RFC PATCH 2/4] update_ssh_config: Add always-run ssh clean-up steps
Date: Fri, 31 Jan 2025 15:19:30 -0500
Message-ID: <20250131201932.449083-3-cel@kernel.org>
X-Mailer: git-send-email 2.48.1
In-Reply-To: <20250131201932.449083-1-cel@kernel.org>
References: <20250131201932.449083-1-cel@kernel.org>
Precedence: bulk
X-Mailing-List: kdevops@lists.linux.dev
List-Id: <kdevops.lists.linux.dev>
List-Subscribe: <mailto:kdevops+subscribe@lists.linux.dev>
List-Unsubscribe: <mailto:kdevops+unsubscribe@lists.linux.dev>
MIME-Version: 1.0

From: Chuck Lever <chuck.lever@oracle.com>

This common bit of logic is by the "make destroy" target, so it
affects all virtualization methods.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 .../roles/update_ssh_config/tasks/main.yml    | 44 +++++++++++++++++++
 scripts/bringup.Makefile                      |  7 +++
 scripts/destroy_guestfs.sh                    |  6 ---
 scripts/guestfs.Makefile                      |  1 -
 scripts/terraform.Makefile                    |  1 -
 5 files changed, 51 insertions(+), 8 deletions(-)

diff --git a/playbooks/roles/update_ssh_config/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml
index 583d006c85c3..1ccbf1563269 100644
--- a/playbooks/roles/update_ssh_config/tasks/main.yml
+++ b/playbooks/roles/update_ssh_config/tasks/main.yml
@@ -5,6 +5,22 @@
   tags:
     - vars
 
+- name: Set the pathname of the ephemeral ssh config file
+  ansible.builtin.set_fact:
+   kdevops_ssh_config: "{{ sshdir }}/config_kdevops_{{ topdir_path_sha256sum }}"
+  when:
+    - topdir_path_sha256sum is defined
+  tags:
+    - vars
+
+- name: Set the pathname of the ephemeral ssh config file
+  ansible.builtin.set_fact:
+    kdevops_ssh_config: "{{ sshdir }}/config_kdevops_{{ kdevops_host_prefix }}"
+  when:
+    - topdir_path_sha256sum is not defined
+  tags:
+    - vars
+
 - name: Check that the user's ssh config file exists
   delegate_to: localhost
   run_once: true
@@ -104,3 +120,31 @@
       Include ~/.ssh/config_kdevops_*
   tags:
     - deps
+
+- name: Remove saved keys for the target nodes
+  delegate_to: localhost
+  throttle: 1
+  ansible.builtin.command:
+    argv:
+      - "ssh-keygen"
+      - "-q"
+      - "-f"
+      - "{{ sshdir }}/known_hosts"
+      - "-R"
+      - "{{ inventory_hostname }}"
+  register: result
+  failed_when: false
+  changed_when:
+    - result is success
+    - not "not found in" in result.stderr
+  tags:
+    - clean
+
+- name: Remove the ephemeral ssh config file on the control host
+  delegate_to: localhost
+  run_once: true
+  ansible.builtin.file:
+    path: "{{ kdevops_ssh_config }}"
+    state: absent
+  tags:
+    - clean
diff --git a/scripts/bringup.Makefile b/scripts/bringup.Makefile
index 148547c0644a..1d1f916eaf63 100644
--- a/scripts/bringup.Makefile
+++ b/scripts/bringup.Makefile
@@ -23,6 +23,13 @@ endif
 bringup: $(KDEVOPS_BRING_UP_DEPS)
 
 destroy: $(KDEVOPS_DESTROY_DEPS)
+	$(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \
+		-i hosts \
+		playbooks/update_ssh_config.yml \
+		--extra-vars=@./extra_vars.yaml \
+		-e 'ansible_python_interpreter=/usr/bin/python3' \
+		--tags vars,clean
+	$(Q)rm -f $(KDEVOPS_PROVISIONED_SSH) $(KDEVOPS_PROVISIONED_DEVCONFIG)
 
 bringup-help-menu:
 	@echo "Bringup targets:"
diff --git a/scripts/destroy_guestfs.sh b/scripts/destroy_guestfs.sh
index ae31b0cc251e..e40dea9361f0 100755
--- a/scripts/destroy_guestfs.sh
+++ b/scripts/destroy_guestfs.sh
@@ -23,14 +23,8 @@ if [ -f "$GUESTFSDIR/kdevops_nodes.yaml" ]; then
 		fi
 		rm -rf "$GUESTFSDIR/$name"
 		rm -rf "$STORAGEDIR/$name"
-		ssh-keygen -q -f ~/.ssh/known_hosts -R $name 1> /dev/null 2>&1
 	done
 fi
 
-if [[ "$CONFIG_TOPDIR_PATH_HAS_SHA256SUM" == "y" ]]; then
-	rm -f ~/.ssh/config_kdevops_$CONFIG_TOPDIR_PATH_SHA256SUM
-else
-	rm -f ~/.ssh/config_kdevops_$CONFIG_KDEVOPS_HOSTS_PREFIX
-fi
 rm -f $GUESTFSDIR/.provisioned_once
 rm -f $GUESTFSDIR/kdevops_nodes.yaml
diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile
index 8d3f01c35758..dd78c1c8d4aa 100644
--- a/scripts/guestfs.Makefile
+++ b/scripts/guestfs.Makefile
@@ -85,7 +85,6 @@ PHONY += bringup_guestfs
 
 destroy_guestfs:
 	$(Q)$(TOPDIR)/scripts/destroy_guestfs.sh
-	$(Q)rm -f $(KDEVOPS_PROVISIONED_SSH) $(KDEVOPS_PROVISIONED_DEVCONFIG)
 
 PHONY += destroy_guestfs
 
diff --git a/scripts/terraform.Makefile b/scripts/terraform.Makefile
index a2a2f8f73961..58eadd9cd9a0 100644
--- a/scripts/terraform.Makefile
+++ b/scripts/terraform.Makefile
@@ -166,7 +166,6 @@ bringup_terraform:
 
 destroy_terraform:
 	$(Q)$(TOPDIR)/scripts/destroy_terraform.sh
-	$(Q)rm -f $(KDEVOPS_PROVISIONED_DEVCONFIG)
 
 $(KDEVOPS_TFVARS): $(KDEVOPS_TFVARS_TEMPLATE) .config
 	$(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \