From patchwork Wed Feb 5 15:52:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961406 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E65AE1519BD for ; Wed, 5 Feb 2025 15:52:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770776; cv=none; b=ZfX/Mt1xYNzVNavCCowBQ3FZmsmDa+OUSN1F6J6ay6v7FQUSzi/x/ficgPCJSrnac5Y/IT09THNU0/cqx8RJzSWhOX7kwDCotvirbsRMjEWLz+2JlTTlhEMnJkdFEkDR5MhQVA+Sr+kJYRM6ckRHV+P1szKbaKDFnkgClAPlkGk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770776; c=relaxed/simple; bh=GfzI0XVw+lQE71zhcecWZ+LVqFVvcIEUuKqkzzwr/Q8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YctwcNQv61sksjmVRIdHogfqRTGrcio5QXAprJ0q5fdKDhMt3A7dYuQCwcWORN8P0VFaxUE3M2F3vNTXCs9ZeCW0JMCwjCXW0AQL087QTqWQfpGkVJaczLMeMGG+dydJXA6guHXorNKGsMY9AtypxuBAeVeCiIr3LZGmS5f9a2o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=X0i9XuSy; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="X0i9XuSy" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2AC13C4CEE2; Wed, 5 Feb 2025 15:52:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770775; bh=GfzI0XVw+lQE71zhcecWZ+LVqFVvcIEUuKqkzzwr/Q8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=X0i9XuSyGiTskXV7hNFJ3ea05BgVsHk+RjTE/bNwgvYRM/RTS8qL1X+NJbOasSjuB 5NAD1YSV+5xE6Ry3+V9cLpdbadmc7qKoJFYgqOQ+4nf59QkukOiSia+OF7RSYLvs4Y 2jomFO5y2VMkDWTFoHckkwAQcIHjJ8mV1UOsvjZNTm2XYB+2JKrrS8r7GIGaQteRkT N3OYBmsqOcFWwVd/HxRn+U9ldUOMcxke99G7wBxwmiI1rXzmMwfSNOgRKw13CNE7yk LXUd6lRcgoLalPuaMUT63j+/JyBNDxQjjDZ03S0cuJ3bgYONFk9APrUdbvXly0tyHt INMStakRR+mBg== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 01/12] guestfs: Rename the update_ssh_config_guestfs role Date: Wed, 5 Feb 2025 10:52:41 -0500 Message-ID: <20250205155252.1317763-2-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever The plan is to use this same mechanism for terraform as well. Rename the role with a generic name. Signed-off-by: Chuck Lever --- .../tasks/main.yml | 0 playbooks/update_ssh_config.yml | 4 ++++ playbooks/update_ssh_config_guestfs.yml | 4 ---- scripts/guestfs.Makefile | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) rename playbooks/roles/{update_ssh_config_guestfs => update_ssh_config}/tasks/main.yml (100%) create mode 100644 playbooks/update_ssh_config.yml delete mode 100644 playbooks/update_ssh_config_guestfs.yml diff --git a/playbooks/roles/update_ssh_config_guestfs/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml similarity index 100% rename from playbooks/roles/update_ssh_config_guestfs/tasks/main.yml rename to playbooks/roles/update_ssh_config/tasks/main.yml diff --git a/playbooks/update_ssh_config.yml b/playbooks/update_ssh_config.yml new file mode 100644 index 000000000000..4c0315c24725 --- /dev/null +++ b/playbooks/update_ssh_config.yml @@ -0,0 +1,4 @@ +--- +- hosts: localhost + roles: + - role: update_ssh_config diff --git a/playbooks/update_ssh_config_guestfs.yml b/playbooks/update_ssh_config_guestfs.yml deleted file mode 100644 index 346b90245637..000000000000 --- a/playbooks/update_ssh_config_guestfs.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: localhost - roles: - - role: update_ssh_config_guestfs diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index 52397d54b89b..fb47bf21ab2f 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -64,7 +64,7 @@ $(KDEVOPS_PROVISIONED_SSH): $(Q)if [[ "$(CONFIG_KDEVOPS_SSH_CONFIG_UPDATE)" == "y" ]]; then \ ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ --inventory localhost, \ - playbooks/update_ssh_config_guestfs.yml \ + playbooks/update_ssh_config.yml \ --extra-vars=@./extra_vars.yaml \ -e 'ansible_python_interpreter=/usr/bin/python3' ;\ LIBVIRT_DEFAULT_URI=$(CONFIG_LIBVIRT_URI) $(TOPDIR)/scripts/update_ssh_config_guestfs.py; \ From patchwork Wed Feb 5 15:52:42 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961407 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 18DDD18FDA5 for ; Wed, 5 Feb 2025 15:52:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770776; cv=none; b=pmjUdXjvhh7dIi4/81TpKPpxTAuBE5CwZqVL6Tmrs4GSqZSRFK9tfI/Z4fzwpdq7z+eGVAOG7x9pi6W8jZNRHHYV6rPz5/AgCJa+5wRaYOt1RXVDYGuHzDjGjzX1En3P35pZX9z02rkr0fojjftMfbK25P6O5vZ9Mui7nYqvNF0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770776; c=relaxed/simple; bh=WW8f0pXVp45nhgDuK3os6gNZ61V+QFcbZBHLwQO11Uw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=h07K1Fc6oSF8BK+UM5SyQlcQczQZ0xhGSdtv6VsJHFozz5P8tiu94zzAW5cW2LRhWwl6aSSR2wJdTWj3BT+L5Cmkvu/3sWMyx+BPvGIADYYFFA45JuDmts8stJ3CRcBcJvGsRHg7fqlaJPbOW4KrhNcrRACag9I9rX5dPNztJ6Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=E4dMy8dM; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="E4dMy8dM" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A7B11C4CED6; Wed, 5 Feb 2025 15:52:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770776; bh=WW8f0pXVp45nhgDuK3os6gNZ61V+QFcbZBHLwQO11Uw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=E4dMy8dM0iV9bMjyODLLpnOksWFdKD7J8jJfrRv1l25K7kuupLPEHKBWk5Cv49UBD dvgDkmh/NlWunk0GhNhUTEFmFXOcTXGzPXZRw3tknfZCUXbckV4BTGrnI1jWYRjh4S Ji1G3F1viAaxw6gEeaIBemofWjG1J8mclOk1Jj967mRyw2OtlC8ypx486fEkReobzR zj1Z+8vaRA90SeJtTifAo2ayloAa9BLD/4rmc+5lf+zjC/sUtscJhSK6GRRbCRNmaS h+BVbs9hNNW2vVc3e3rqz66jOrXcUgKLKt64txjYehlQ/YzvPaAYUrgycWa2MfehZD pMiqb6Ve22byg== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 02/12] update_ssh_config: Use {{ sshconfig }} instead of raw path Date: Wed, 5 Feb 2025 10:52:42 -0500 Message-ID: <20250205155252.1317763-3-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever The sshconfig variable is set by Kconfig. The update_ssh_config role needs to follow that setting, but was using a fixed "~/.ssh/config" string instead. Signed-off-by: Chuck Lever --- .../roles/update_ssh_config/tasks/main.yml | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/playbooks/roles/update_ssh_config/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml index 98c86f164612..01fac9fbb69e 100644 --- a/playbooks/roles/update_ssh_config/tasks/main.yml +++ b/playbooks/roles/update_ssh_config/tasks/main.yml @@ -1,12 +1,12 @@ -- name: Check if the ssh config file exists +- name: Check that the controller's ssh config file exists stat: - path: "~/.ssh/config" + path: "{{ sshconfig }}" register: ssh_config # Check if the include directive is already presetn - name: Check if the kdevops include directive was used lineinfile: - path: ~/.ssh/config + path: "{{ sshconfig }}" regexp: "Include ~/.ssh/config_kdevops_*" state: absent check_mode: yes @@ -17,7 +17,7 @@ # Check if the the kdevops_version was added in a comment - name: Check if the new include directive was used with a kdevops_version comment lineinfile: - path: ~/.ssh/config + path: "{{ sshconfig }}" regexp: "^#(.*)kdevops_version(.*)" state: absent check_mode: yes @@ -34,34 +34,31 @@ - kdevops_ssh_include.found - fixed_ssh_entry.found -# If we're still running it means the correct include directive following a new -# line was not found. So remove old stale include directives which may be -# buggy. -- name: Remove buggy stale include directive to ~/.ssh/config without a new line +- name: Remove the stale Include directive lineinfile: - path: ~/.ssh/config + path: "{{ sshconfig }}" line: "Include ~/.ssh/config_kdevops_*" state: absent when: ssh_config.stat.exists - name: Remove any stale kdevops comments lineinfile: - path: ~/.ssh/config + path: "{{ sshconfig }}" regexp: "^#(.*)kdevops(.*)" state: absent when: ssh_config.stat.exists - name: Remove any extra new lines replace: - path: ~/.ssh/config + path: "{{ sshconfig }}" regexp: '(^\s*$)' replace: '' when: ssh_config.stat.exists # ssh include directives must follow a new line. -- name: Add Include directive to ~/.ssh/config +- name: Add a proper Include directive to {{ sshconfig }} blockinfile: - path: ~/.ssh/config + path: "{{ sshconfig }}" insertbefore: BOF marker: "{mark}" marker_begin: "# Automatically added by kdevops\n# kdevops_version: {{ kdevops_version }}" From patchwork Wed Feb 5 15:52:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961408 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9312F18FDA5 for ; Wed, 5 Feb 2025 15:52:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770776; cv=none; b=uIB9cggBMq0l0jKfHbCCcyokVYQVh1rwYiWadTrdWP/yQ6b7Jr+FYljP7Ea8Yj+W8YV0Lk40Kyq143oZ4PSdjkFReRtx1ZlnKjHbpjLCx73d+Cw/kF2pp7crhLFxY0Achgqo4CLCFbpw0b0W6fPuy6VW/Ld2JT7S9tqF1jyEdqQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770776; c=relaxed/simple; bh=Rm6i1W27PhO18122HmKFeAfjFYIof0eiQ5stGiogyZs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=L4B/B4RBHeDcXa8AJ+awg/3ROjX3bKjYQBCLFbLvtUogFJtHab57Nzd41CbzvsSW9dsSiVgNWXQxGmoSg7MLXGbzWQV8HQuDTFFrak9sNUzDD0tGVbicKgXGmqKwpKrvQ4tJFMZiAxdYKlLiefcKGULaw+mFlC9XJjRXUyYJCmk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=oWMis2A7; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="oWMis2A7" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 31AFFC4CEDD; Wed, 5 Feb 2025 15:52:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770776; bh=Rm6i1W27PhO18122HmKFeAfjFYIof0eiQ5stGiogyZs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=oWMis2A7q5PvnTN3UPTACbPYyV9HJESwNPraYQZT+oz49lIy5ER87mc4xHF+UpmfG l7n/krnQOI04Gt1gHPwcHBsDyRz/+2CzNbSTv0v1amZqF1I8az1RclZ01htxyX6Jp5 aw9pGayQ8Kc5vSxQsfLZ7f2pvODsyXJhvjuAGqRhqiYoH9hP8Z+IEFC8/hqNHgVK2L 0l1nIuXpacMwjKtkmIzPRfda9Th9HtBvW6GHdoId7REZ4giB2zj6N2O1uFdyrE4h7A QB6sYVbd1S2oJFN1Xq+6AvaaCX+hjQEFTS8czyPjNIVR7ZTc9QZ+nWTEsb9nn0Gk71 hVWOCzqx/gMFA== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 03/12] update_ssh_config: Fix ansible-lint nits Date: Wed, 5 Feb 2025 10:52:43 -0500 Message-ID: <20250205155252.1317763-4-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever ansible-lint called out a few nits: - Use FQDN for module names - Update truthy values to true/false - Add a "mode:" parameter to blockinfile As an additional clean-up, remove comments that more-or-less repeat what is already in the "- name:" of a step. Signed-off-by: Chuck Lever --- .../roles/update_ssh_config/tasks/main.yml | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/playbooks/roles/update_ssh_config/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml index 01fac9fbb69e..6a7b58d8a556 100644 --- a/playbooks/roles/update_ssh_config/tasks/main.yml +++ b/playbooks/roles/update_ssh_config/tasks/main.yml @@ -1,26 +1,25 @@ +--- - name: Check that the controller's ssh config file exists - stat: + ansible.builtin.stat: path: "{{ sshconfig }}" register: ssh_config -# Check if the include directive is already presetn -- name: Check if the kdevops include directive was used - lineinfile: +- name: Check that the kdevops Include directive is present + ansible.builtin.lineinfile: path: "{{ sshconfig }}" regexp: "Include ~/.ssh/config_kdevops_*" state: absent - check_mode: yes + check_mode: true changed_when: false register: kdevops_ssh_include when: ssh_config.stat.exists -# Check if the the kdevops_version was added in a comment -- name: Check if the new include directive was used with a kdevops_version comment - lineinfile: +- name: Check that the Include directive has a kdevops_version comment + ansible.builtin.lineinfile: path: "{{ sshconfig }}" regexp: "^#(.*)kdevops_version(.*)" state: absent - check_mode: yes + check_mode: true changed_when: false register: fixed_ssh_entry when: ssh_config.stat.exists @@ -28,28 +27,28 @@ # If both the include directive was found and kdevops version comment was found # we bail right away to avoid updating the ssh config file always. - name: Check if the new fixed include directive was used - meta: end_play + ansible.builtin.meta: end_play when: - ssh_config.stat.exists - kdevops_ssh_include.found - fixed_ssh_entry.found - name: Remove the stale Include directive - lineinfile: + ansible.builtin.lineinfile: path: "{{ sshconfig }}" line: "Include ~/.ssh/config_kdevops_*" state: absent when: ssh_config.stat.exists -- name: Remove any stale kdevops comments - lineinfile: +- name: Remove stale kdevops comments + ansible.builtin.lineinfile: path: "{{ sshconfig }}" regexp: "^#(.*)kdevops(.*)" state: absent when: ssh_config.stat.exists -- name: Remove any extra new lines - replace: +- name: Remove extraneous extra new lines + ansible.builtin.replace: path: "{{ sshconfig }}" regexp: '(^\s*$)' replace: '' @@ -57,12 +56,13 @@ # ssh include directives must follow a new line. - name: Add a proper Include directive to {{ sshconfig }} - blockinfile: + ansible.builtin.blockinfile: path: "{{ sshconfig }}" insertbefore: BOF marker: "{mark}" marker_begin: "# Automatically added by kdevops\n# kdevops_version: {{ kdevops_version }}" marker_end: "" create: true + mode: "u=rw,g=r,o=r" block: | Include ~/.ssh/config_kdevops_* From patchwork Wed Feb 5 15:52:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961409 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 29EA918FDA5 for ; Wed, 5 Feb 2025 15:52:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770777; cv=none; b=OhXJwiCn8JREgtzccMwgPrBKFP77E/vD6jBVLlIijkaEfwx0rDimbS0Zw0BAts1MMSdcW249sEBVK0n2R/HemntyXMq2RYeMTcbF5CzimfqhDkCqE3GtnAQ6JJXjMfIUlaUtaRPyKr3xifWC2Im2qmwyXT2X/JflTz5ih5/QP5A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770777; c=relaxed/simple; bh=6M8oV2RpvQx7gYqdVc979UWWHa9fSF0FIgtwIFbWmNc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=f/eDnlJ3nJcY3ULPwUf8CLFuQE1HGIv8uU0s9TdorMSkA6QW0KRifAHs3x5jz6FJXcoDuRLQh1Sao2tyBMce1u/KvB0XeY97bVacKlnkNIDGo+0TqBiw0MLIhyfvcKRfh2cUREVB0isd5pd9nj89YEhGigOxRGWoGB9XkaxIrKY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=pLeaC1/N; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="pLeaC1/N" Received: by smtp.kernel.org (Postfix) with ESMTPSA id AE83DC4CED6; Wed, 5 Feb 2025 15:52:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770777; bh=6M8oV2RpvQx7gYqdVc979UWWHa9fSF0FIgtwIFbWmNc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=pLeaC1/NE8RF84hZj9uTiTZD6aAyJHF7YeiLZ+cvUSM3nBDtS/V4+CYiCyVCXD25W yDhWiktmueBq6oyQvkBvk7LEAZ3T7yFx37PkCXgJsxmMYYEVukCu6j56pE3gLxewx9 RyQx/OowMZqNhwyoUrGnq6afu9wBr+dlnNZ3J/bPsKCbiyhscVrzmR4t1J8uQ0+w0P VEQAa8jI38IPBOjuWykfWnbAiSDKu8eLstEtikcpx1+TRsZy0VkC7aPcbYkdF7md6g XKnRpr3nCVTFQ67TiSIBFjiaISYrJEDG/IQXntCYSAO/uwqxf9YQQwFB9mXeHjEk2H oIIR6b6HE2FXg== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 04/12] update_ssh_config: Run update_ssh_config during "make deps" Date: Wed, 5 Feb 2025 10:52:44 -0500 Message-ID: <20250205155252.1317763-5-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever This situates the Include directive into the controller's .ssh/config for all virtualization methods. Signed-off-by: Chuck Lever --- scripts/guestfs.Makefile | 5 ----- scripts/ssh.Makefile | 12 ++++++++++++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index fb47bf21ab2f..5a75889ec148 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -62,11 +62,6 @@ libvirt_pcie_passthrough_permissions: $(KDEVOPS_PROVISIONED_SSH): $(Q)if [[ "$(CONFIG_KDEVOPS_SSH_CONFIG_UPDATE)" == "y" ]]; then \ - ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ - --inventory localhost, \ - playbooks/update_ssh_config.yml \ - --extra-vars=@./extra_vars.yaml \ - -e 'ansible_python_interpreter=/usr/bin/python3' ;\ LIBVIRT_DEFAULT_URI=$(CONFIG_LIBVIRT_URI) $(TOPDIR)/scripts/update_ssh_config_guestfs.py; \ fi $(Q)ansible $(ANSIBLE_VERBOSE) -i hosts all -e 'ansible_python_interpreter=/usr/bin/python3' -m wait_for_connection diff --git a/scripts/ssh.Makefile b/scripts/ssh.Makefile index 3ee9437b1b4c..cf79a1dd6c27 100644 --- a/scripts/ssh.Makefile +++ b/scripts/ssh.Makefile @@ -21,3 +21,15 @@ $(KDEVOPS_SSH_PRIVKEY): .config $(NQ) Generating new private key: $(KDEVOPS_SSH_PRIVKEY) $(NQ) Generating new public key: $(KDEVOPS_SSH_PUBKEY) $(Q)$(TOPDIR)/scripts/gen_ssh_key.sh + +PHONY += update-ssh-config +update-ssh-config: + $(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ + --inventory localhost, \ + playbooks/update_ssh_config.yml \ + --extra-vars=@./extra_vars.yaml \ + -e 'ansible_python_interpreter=/usr/bin/python3' + +ifeq (y,$(CONFIG_KDEVOPS_SSH_CONFIG_UPDATE)) +LOCALHOST_SETUP_WORK += update-ssh-config +endif From patchwork Wed Feb 5 15:52:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961410 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0A17218DF65 for ; Wed, 5 Feb 2025 15:52:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770778; cv=none; b=suz1DG1WROWd9v+xsg9tUyuaF6lxeeFrOnTmiL3XxYJNlXquLbEXbbq5M+4ZWV+1+4h8K68lz05I7iD1rujnm2OgBhE+MEww3aXkkA1qhEC8OBonVdc9R47EjFR7Hd1hcSSRh+s2Qr3DrSMXM8+PFAH/GnmIZwlAkeQ/2X6/IuY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770778; c=relaxed/simple; bh=WIe3mIsg6XtVIVS1KPf4nxESUuwYEOkK6zK41qZSy7Y=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LLbKKZrNTHJi0J6vMwGLQ12OyQEBVlsl8R08WWkVU/jxzgv3lt9h02V1XKaDKix+2qmfATEhFL7d86b4GPT83kOdp2A6nWJdAyXeO4Lr4tdruXHSfPV8onm+HYMQePdgyEeYaPLzq/D1uNJSP1SFd0CTyxoVzpvqW630BMtCl4E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=qeCU1PXw; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="qeCU1PXw" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 367B0C4CEDD; Wed, 5 Feb 2025 15:52:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770777; bh=WIe3mIsg6XtVIVS1KPf4nxESUuwYEOkK6zK41qZSy7Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qeCU1PXwu3pl+hykItL4eAAA7hGIQnVqyS4899JeRGqHxBAWzs3YDM46aCC6Fw/JT S3O8/AgEYhTNC71T5CpGGg8BrKgiJHr5Fod0MHqH+BgchRbiSsaALgKy5j+7TS3mND CJt64HWeSflL6m4lOZ4wON75+nrAXDCYjvCuh6jvK9Qg+K6ktchIMqaEAaewRt3q6t aRWsu5guXAkgHb74Yxs2GpLXBCI5uwm1qHCJE8gokIn5HLQ6O7mBiAZ/v8S4ELEmPB FAs8A0MFbwd3/P2IzVAWkNNsc81A4rfo9GDX2mMVu+cuEPee5aA/WIvHItHGXqJ8cy cOHKjG7re9/Sg== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 05/12] update_ssh_config: Add tags to steps Date: Wed, 5 Feb 2025 10:52:45 -0500 Message-ID: <20250205155252.1317763-6-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever I'm about to add new functions to the update_ssh_config role that can be run by specifying tags on the ansible-playbook command line. To run only the steps that update the controller's .ssh/config Include directive, add a "deps" tag. Signed-off-by: Chuck Lever --- playbooks/roles/update_ssh_config/tasks/main.yml | 8 ++++++++ scripts/ssh.Makefile | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/playbooks/roles/update_ssh_config/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml index 6a7b58d8a556..417781936f7f 100644 --- a/playbooks/roles/update_ssh_config/tasks/main.yml +++ b/playbooks/roles/update_ssh_config/tasks/main.yml @@ -1,10 +1,12 @@ --- - name: Check that the controller's ssh config file exists + tags: deps ansible.builtin.stat: path: "{{ sshconfig }}" register: ssh_config - name: Check that the kdevops Include directive is present + tags: deps ansible.builtin.lineinfile: path: "{{ sshconfig }}" regexp: "Include ~/.ssh/config_kdevops_*" @@ -15,6 +17,7 @@ when: ssh_config.stat.exists - name: Check that the Include directive has a kdevops_version comment + tags: deps ansible.builtin.lineinfile: path: "{{ sshconfig }}" regexp: "^#(.*)kdevops_version(.*)" @@ -27,6 +30,7 @@ # If both the include directive was found and kdevops version comment was found # we bail right away to avoid updating the ssh config file always. - name: Check if the new fixed include directive was used + tags: deps ansible.builtin.meta: end_play when: - ssh_config.stat.exists @@ -34,6 +38,7 @@ - fixed_ssh_entry.found - name: Remove the stale Include directive + tags: deps ansible.builtin.lineinfile: path: "{{ sshconfig }}" line: "Include ~/.ssh/config_kdevops_*" @@ -41,6 +46,7 @@ when: ssh_config.stat.exists - name: Remove stale kdevops comments + tags: deps ansible.builtin.lineinfile: path: "{{ sshconfig }}" regexp: "^#(.*)kdevops(.*)" @@ -48,6 +54,7 @@ when: ssh_config.stat.exists - name: Remove extraneous extra new lines + tags: deps ansible.builtin.replace: path: "{{ sshconfig }}" regexp: '(^\s*$)' @@ -56,6 +63,7 @@ # ssh include directives must follow a new line. - name: Add a proper Include directive to {{ sshconfig }} + tags: deps ansible.builtin.blockinfile: path: "{{ sshconfig }}" insertbefore: BOF diff --git a/scripts/ssh.Makefile b/scripts/ssh.Makefile index cf79a1dd6c27..caa4bc797c48 100644 --- a/scripts/ssh.Makefile +++ b/scripts/ssh.Makefile @@ -25,7 +25,7 @@ $(KDEVOPS_SSH_PRIVKEY): .config PHONY += update-ssh-config update-ssh-config: $(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ - --inventory localhost, \ + --inventory localhost, --tags deps \ playbooks/update_ssh_config.yml \ --extra-vars=@./extra_vars.yaml \ -e 'ansible_python_interpreter=/usr/bin/python3' From patchwork Wed Feb 5 15:52:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961411 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 22D1618FDA5 for ; Wed, 5 Feb 2025 15:52:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770778; cv=none; b=Xd2seL+AkBUMCw/tC6rb3M2Dwy2ojSTvofKPhFlaxniO88Eyg8HfL5l10sFLp37/GrOdKllCMHrtSIxYH/GSIT23xu1O86U6hsJtPQrTwYu3jS4A62g4PMK0S/hjzGLTFL6hzVDhThSOzXdcqvOJP6PvwVLESdFpn6OJ+8tJPz4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770778; c=relaxed/simple; bh=KEa8ClIOcrVd0QXCQ5CLQkRmJ2xONzrYDB+vXc83Jto=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dJZbMwiVWM6cuctkFd0JBaMsKzSq+jKVf8WCnfBCBDUBH9osvEsX+d6CLEj/ZOpsQL41MtY2xkEAdLKpZMfrf5HWsU7YrSFxsupLwrV2dw2spuach50UW0YFQmoR8x+TgAYZnNEB6iKodDO5v2pOK8LvnOOJDgGbtBl9vZbvURo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Ik7zbQcq; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Ik7zbQcq" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B37DEC4CED6; Wed, 5 Feb 2025 15:52:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770778; bh=KEa8ClIOcrVd0QXCQ5CLQkRmJ2xONzrYDB+vXc83Jto=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Ik7zbQcq25HIRbJ3Zfo7iTp7+Q7GaAFNdoI4jRCFgZ8A8WibDwJj7ZlN8vPIIc7Lr EP6SMnC+mj431TIR6Rg03ds7jas6GNlgHgMUl2i9+EEYk7OvakaWRVBNmI3H1Mhs6D zFT7YBkrof2eS/rYuRHQ5YjIZJI10jWSs5ZhjE7OUJTEo5EIXtrmML4yA0+2GFVXRk O/Ecov4h345nCy+0QbPWQo2WA1cBY1rLp4gmSVpdAhDK4LMYIUb/mQWja6X4gTWjfC YqgXip9CE/RVJXucGuAltvathmjBnN8q8NHlX++/p7FwDq16HzUZiZCAOsAqzFdgpa BonnDPi/TM3wg== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 06/12] ssh.Makefile: Generate an sshdir variable Date: Wed, 5 Feb 2025 10:52:46 -0500 Message-ID: <20250205155252.1317763-7-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever The update_ssh_config role needs to update some files under .ssh/ besides the ssh config file. Derive a pathname of that directory for the Kconfig-specified sshconfig variable, and set that as a global variable (it's needed in more than one place). Signed-off-by: Chuck Lever --- scripts/ssh.Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/ssh.Makefile b/scripts/ssh.Makefile index caa4bc797c48..150001d8bbbd 100644 --- a/scripts/ssh.Makefile +++ b/scripts/ssh.Makefile @@ -9,6 +9,7 @@ endif ifeq (y,$(CONFIG_KDEVOPS_SSH_CONFIG_UPDATE)) SSH_CONFIG_FILE:=$(subst ",,$(CONFIG_KDEVOPS_SSH_CONFIG)) ANSIBLE_EXTRA_ARGS += sshconfig=$(CONFIG_KDEVOPS_SSH_CONFIG) +ANSIBLE_EXTRA_ARGS += sshdir=$(shell dirname $(SSH_CONFIG_FILE)) endif PHONY += remove-ssh-key From patchwork Wed Feb 5 15:52:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961412 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 150DE18FDA5 for ; Wed, 5 Feb 2025 15:52:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770779; cv=none; b=Dkm3oVpL9EsL0uFcboYg4yojZdv3H4zxyby3QwmSYtOyKJegHS3lvJlxIqXwu0AydYdqM7t12r8RNJaIeGU/Jv/XD49/qUAeWYjCQeGNjuFhvTFZA49oSsgi5FDo7NeBzLzszUcbLYgaOVaUxI7hB881Sp19UUPIeAY8GIYIR9c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770779; c=relaxed/simple; bh=vMZUeDBJA3SrcExPIW10L2PT0YmT0lcudh/cNrZ42Pk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=t6fy4aTCaGlU2wuboBOvqvZwHo05UvsRBs45fiSx/nRqz6NlZ9CWDJY8lf3AB+NRuIr+Lwq7z6xGWtX3PJ5xH6ioUmjFtBTz95xJmyO8yHTiGce5x8CFvFRO7/Qa694jQ93YjLbCSJ0AQ5RiW1bRCHgjHvupQfb5CS7lTFLVehY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=T9lGB+GW; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="T9lGB+GW" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3C615C4CED1; Wed, 5 Feb 2025 15:52:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770778; bh=vMZUeDBJA3SrcExPIW10L2PT0YmT0lcudh/cNrZ42Pk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=T9lGB+GWTQP6gsrUbjsbDVuOt429bMXsyTadKSNr3krMJjGvFEXdZT2vl3A9qf1gi W5cwR/uurp34cqMpOESYpmlHzsbF9sRhkziYUiRmJqlsFyRF91N0v3f0+XrDJo5fcR msR3pUqYubWj9+IpK+5QfUr7ALIp/Y7WfmXial1z1M5vChQs0GFjQYZ00F2TkQf3ae pHf++FEOxwCnYJEVu+Tx33lbfnMdWe8eEHg5snCkozWHGapgJtuEjNLBVmQj+2xu1b Trhio9712ZGLNR7t9vJwOWmWRS5VC8t55I582SbGOeXpxHgJM81NaN47+dYz+lK1yK Q3wciFbQwXzYA== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 07/12] update_ssh_config: make Include directive follow ssh config directory Date: Wed, 5 Feb 2025 10:52:47 -0500 Message-ID: <20250205155252.1317763-8-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever The file containing the kdevops target node entries needs to be placed in the same directory as the controller's .ssh/config. Usually that's ~/.ssh/config, but there is a Kconfig setting that can change that. XXX: Actually, to make this work 100% correctly, "make mrproper" should remove the ssh Include directive. That way a user can modify the ssh config via "make menuconfig", then do a "make" to get the updated include path added into her .ssh/config. Signed-off-by: Chuck Lever --- .../roles/update_ssh_config/tasks/main.yml | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/playbooks/roles/update_ssh_config/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml index 417781936f7f..72c5f2e365f5 100644 --- a/playbooks/roles/update_ssh_config/tasks/main.yml +++ b/playbooks/roles/update_ssh_config/tasks/main.yml @@ -5,18 +5,7 @@ path: "{{ sshconfig }}" register: ssh_config -- name: Check that the kdevops Include directive is present - tags: deps - ansible.builtin.lineinfile: - path: "{{ sshconfig }}" - regexp: "Include ~/.ssh/config_kdevops_*" - state: absent - check_mode: true - changed_when: false - register: kdevops_ssh_include - when: ssh_config.stat.exists - -- name: Check that the Include directive has a kdevops_version comment +- name: Check for a kdevops_version comment tags: deps ansible.builtin.lineinfile: path: "{{ sshconfig }}" @@ -34,10 +23,9 @@ ansible.builtin.meta: end_play when: - ssh_config.stat.exists - - kdevops_ssh_include.found - fixed_ssh_entry.found -- name: Remove the stale Include directive +- name: Remove any stale Include directives tags: deps ansible.builtin.lineinfile: path: "{{ sshconfig }}" @@ -73,4 +61,4 @@ create: true mode: "u=rw,g=r,o=r" block: | - Include ~/.ssh/config_kdevops_* + Include {{ sshdir }}/config_kdevops_* From patchwork Wed Feb 5 15:52:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961413 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 28B39190052 for ; Wed, 5 Feb 2025 15:52:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770779; cv=none; b=b5/V+pEym0XmHK1MZjaCp9MwwcdSoAytaS2QJLVFm13+fSORgK8tZaPgYb7RlL3tycTrvV+ax7GhHBe2kgMXMlmE2BH+ND9j53AhGn2HnRb/1/2aJHDR/xijQ7Pp6l0Y4jukqyxf6DJ6UoRQkfvmm1sj7G36Rotl4nX2QR6OkJ8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770779; c=relaxed/simple; bh=8h4TMzEgKV0tLTw+eUegJEAiS+P9kzCCu0yOMv8D+VQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=OVUNd4MFaE4IoWfxnCRT6FqlreIgQGjjgXPrlj3U0wjyWZfFk/VZ2tMZas78KhV91b3xahggfP0zkdGm9GM4pwOV/DICKo5GRpETzVZaYti8x5oSeMryKmYdl/qUts/rwqH2c/G9HJLM97vkl91XIVIcfxmQ7SN4FHjSPd51lh0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=KxVsvDva; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="KxVsvDva" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B93F4C4CED6; Wed, 5 Feb 2025 15:52:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770779; bh=8h4TMzEgKV0tLTw+eUegJEAiS+P9kzCCu0yOMv8D+VQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KxVsvDvaLMSYRTPcg6pkabnJLGSH4VYz4RR2IEX0MBv4hmxA+zd8mtB5c3rWahJpG /xnfNsjC+DjrxlZ9FXJXFroUrVQocY9gUZzw0y7DoBtpz3B+xKzB/oOn+bC4eLc8LG 3tOmXK6mFRf+IBgnMFuQvrPakGWAWwYiqtKfVtHhoetQ/Iw2AUpfmc0Q2z6U4gU9WH KDXSPBIzE9attD8LXah9lrr4f4CM3YE9RKmNjrLQScU1eSbwPeP2/O+k9onju8nbky cTNzscwQat4iuF5gphdHHX/XeQDZ228/JTcLxL2zBOc07PopxHDmooq6Q//DHJy9Xd r3PPfj8KLVC2A== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 08/12] ssh.Makefile: Define a kdevops_ssh_config variable Date: Wed, 5 Feb 2025 10:52:48 -0500 Message-ID: <20250205155252.1317763-9-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever Create a global variable that contains the pathname of the config file that stores ephemeral ssh host entries. That way the scripts don't have to keep creating this pathname. Signed-off-by: Chuck Lever --- scripts/ssh.Makefile | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/ssh.Makefile b/scripts/ssh.Makefile index 150001d8bbbd..58ffe1e05d68 100644 --- a/scripts/ssh.Makefile +++ b/scripts/ssh.Makefile @@ -7,10 +7,19 @@ ANSIBLE_EXTRA_ARGS += kexalgorithms=$(SSH_KEXALGORITHMS) endif ifeq (y,$(CONFIG_KDEVOPS_SSH_CONFIG_UPDATE)) + SSH_CONFIG_FILE:=$(subst ",,$(CONFIG_KDEVOPS_SSH_CONFIG)) ANSIBLE_EXTRA_ARGS += sshconfig=$(CONFIG_KDEVOPS_SSH_CONFIG) ANSIBLE_EXTRA_ARGS += sshdir=$(shell dirname $(SSH_CONFIG_FILE)) + +ifeq (y,$(CONFIG_TOPDIR_PATH_HAS_SHA256SUM)) +SSH_CONFIG_SUFFIX:=$(CONFIG_TOPDIR_PATH_SHA256SUM) +else +SSH_CONFIG_SUFFIX:=$(CONFIG_KDEVOPS_HOST_PREFIX) endif +ANSIBLE_EXTRA_ARGS += kdevops_ssh_config=$(CONFIG_KDEVOPS_SSH_CONFIG)_kdevops_$(SSH_CONFIG_SUFFIX) + +endif # CONFIG_KDEVOPS_SSH_CONFIG_UPDATE PHONY += remove-ssh-key remove-ssh-key: From patchwork Wed Feb 5 15:52:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961414 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A51A118FDDB for ; Wed, 5 Feb 2025 15:52:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770779; cv=none; b=BY9wjL/GKAitAgIl/jPSKvyKbJxj7Cf4NYEnXEi8woCQl72kGdDo4jvT7cU2BVYY1D7Yrc3qOLj7xYgf+M7i4ycFolkrk/XfYyQXpTSHAQcl7ZRsIS7D46PTGnmPBAiv6xmd5THm+DgMmmQGQuw+yZ/cgZaVZHgi0WqcNBKl808= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770779; c=relaxed/simple; bh=oPTrPCY1FaMrbVa1wbJYqudLqQbJXhyt+uzzcB1fF7A=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=P/wVrKjNQusMD0KQhrEVEY+2ldNEejH1jtd2D+W4hQcX4YHVE/TunyVXBF9yzXnZuV8tBq7D8eHMAJcREC0jqw8PkVTAF9g3TCD3cd7kVCqiOXaFi5gBXvwmyctylc0RDE3dioUaW5ojh2oP3p9RsnfztEIlng72UGTvNj1kS14= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=gqmcA5NP; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="gqmcA5NP" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 43443C4CED1; Wed, 5 Feb 2025 15:52:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770779; bh=oPTrPCY1FaMrbVa1wbJYqudLqQbJXhyt+uzzcB1fF7A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gqmcA5NPhggWZ6uFVhURNlYtNQ56V2JmPeJG2d9ft1dJyc2TWyGClsisSDh2+Hdpz xsAg2cYa9ozqAFQAJnMJ4JeIG+a7GaUzxXh4ujPBrUWEgv9sqxLUzl2M9uOuubofco V8BWba+XypBK2NiFhtqalLf9Nz5g6u0cOW53PoNEBUyhCU9qX6jD+rgIFwTGakgFhE 20AFDolq3lNk+tToFqQoYSDcNGrYXnRNDcvy6QYwtcjFOcimY+Zop3eXDXeLMHpTKH UezNakSZqySyWEdO1MJ2p/jqxBBy2oV3g355/y6sUV2xos3KumX6TCAAPZB7qKPhKl ANSB/78BPPePg== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 09/12] update_ssh_config: Add always-run ssh clean-up steps Date: Wed, 5 Feb 2025 10:52:49 -0500 Message-ID: <20250205155252.1317763-10-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever This common bit of logic is now run by the "make destroy" target in order that it affects all virtualization methods. Signed-off-by: Chuck Lever --- .../roles/update_ssh_config/tasks/main.yml | 24 +++++++++++++++++++ scripts/bringup.Makefile | 6 +++++ scripts/destroy_guestfs.sh | 6 ----- scripts/guestfs.Makefile | 1 - scripts/terraform.Makefile | 1 - 5 files changed, 30 insertions(+), 8 deletions(-) diff --git a/playbooks/roles/update_ssh_config/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml index 72c5f2e365f5..781d70fbaf53 100644 --- a/playbooks/roles/update_ssh_config/tasks/main.yml +++ b/playbooks/roles/update_ssh_config/tasks/main.yml @@ -62,3 +62,27 @@ mode: "u=rw,g=r,o=r" block: | Include {{ sshdir }}/config_kdevops_* + +- name: Remove saved keys for the target nodes + tags: destroy + throttle: 1 + ansible.builtin.command: + argv: + - "ssh-keygen" + - "-q" + - "-f" + - "{{ sshdir }}/known_hosts" + - "-R" + - "{{ inventory_hostname }}" + register: result + failed_when: false + changed_when: + - result is success + - not "not found in" in result.stderr + +- name: Remove the ephemeral ssh config file on the control host + tags: destroy + run_once: true + ansible.builtin.file: + path: "{{ kdevops_ssh_config }}" + state: absent diff --git a/scripts/bringup.Makefile b/scripts/bringup.Makefile index 148547c0644a..a19cffa39cae 100644 --- a/scripts/bringup.Makefile +++ b/scripts/bringup.Makefile @@ -23,6 +23,12 @@ endif bringup: $(KDEVOPS_BRING_UP_DEPS) destroy: $(KDEVOPS_DESTROY_DEPS) + $(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ + --inventory localhost, --tags destroy \ + playbooks/update_ssh_config.yml \ + --extra-vars=@./extra_vars.yaml \ + -e 'ansible_python_interpreter=/usr/bin/python3' \ + $(Q)rm -f $(KDEVOPS_PROVISIONED_SSH) $(KDEVOPS_PROVISIONED_DEVCONFIG) bringup-help-menu: @echo "Bringup targets:" diff --git a/scripts/destroy_guestfs.sh b/scripts/destroy_guestfs.sh index 58dca78d85cf..dd32e7398365 100755 --- a/scripts/destroy_guestfs.sh +++ b/scripts/destroy_guestfs.sh @@ -23,14 +23,8 @@ if [ -f "$GUESTFSDIR/kdevops_nodes.yaml" ]; then fi rm -rf "$GUESTFSDIR/$name" rm -rf "$STORAGEDIR/$name" - ssh-keygen -q -f ~/.ssh/known_hosts -R $name 1> /dev/null 2>&1 done fi -if [[ "$CONFIG_TOPDIR_PATH_HAS_SHA256SUM" == "y" ]]; then - rm -f ~/.ssh/config_kdevops_$CONFIG_TOPDIR_PATH_SHA256SUM -else - rm -f ~/.ssh/config_kdevops_$CONFIG_KDEVOPS_HOSTS_PREFIX -fi rm -f $GUESTFSDIR/.provisioned_once rm -f $GUESTFSDIR/kdevops_nodes.yaml diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index 5a75889ec148..5a86c3def412 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -85,7 +85,6 @@ PHONY += bringup_guestfs destroy_guestfs: $(Q)$(TOPDIR)/scripts/destroy_guestfs.sh - $(Q)rm -f $(KDEVOPS_PROVISIONED_SSH) $(KDEVOPS_PROVISIONED_DEVCONFIG) PHONY += destroy_guestfs diff --git a/scripts/terraform.Makefile b/scripts/terraform.Makefile index 888d3af88e3e..b4543d2561fb 100644 --- a/scripts/terraform.Makefile +++ b/scripts/terraform.Makefile @@ -168,7 +168,6 @@ bringup_terraform: destroy_terraform: $(Q)$(TOPDIR)/scripts/destroy_terraform.sh - $(Q)rm -f $(KDEVOPS_PROVISIONED_DEVCONFIG) $(KDEVOPS_TFVARS): $(KDEVOPS_TFVARS_TEMPLATE) .config $(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ From patchwork Wed Feb 5 15:52:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961415 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4ABF11519BD for ; Wed, 5 Feb 2025 15:53:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770780; cv=none; b=N8RjBjKn2KHLNISl6zsVSW/apOcLWpkuLmzeXKCOJeFUHYxHISMGIztCTxP6/3wtoY2r5TJbNO25pH34SZCWIghYIUZSoOWgCeZA6l1cR72M7itfPKS1/Ax6Y4AzuXAHz46jqGuRmPCeGbAiiFhJLoKA4hQ8L+r+qAwNV3xi54k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770780; c=relaxed/simple; bh=XCGDrohZE1anEZcpHxEQ+ofmxKqEtdEdDH33NaBbHbA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=neot0tFARJDZPLUaxkEAggL9hsXIRja6xhGSF9B6CdxMvIIur6PiBLu8+zGqatYKybNcwu0Gxd+HBC+xMZCTxJvIb3pyfpa9e/eSNmxLCkv1vbmBRy3RHPgB8EnxlCcNP9HxvrvYFqcrEsacRRVX1M9+8/rzvoZ8ti7urqk7l4s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=AkEqXHW2; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="AkEqXHW2" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C0225C4CED6; Wed, 5 Feb 2025 15:52:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770780; bh=XCGDrohZE1anEZcpHxEQ+ofmxKqEtdEdDH33NaBbHbA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=AkEqXHW2dC00ImQ/e61gNRacAcP+QO9I1ofCs0OZidLcyE7M98Ax+WaqwoCM4I8TI JyBFhXnOy7U0gLc/1LWRSMmtVWJz+5F/S8jJlloOVe2PxwoNSzQENrxtU6CHFP5OLx mF1mays6Hk31JSy+xsFvWfYmqyUHWJyN/fxaDCQORvnwoE0NvN5Bnyd+DAFPNZhph7 N32RwLBwiWc2kH32BHbY0mTfMWWhZDcXYdBKikGCxMk1zJf+U9TKisr6BYPXPtrvNs 4bzddWiL8cxHaubt8nGZNm+JG5NpPhLlrMNKYwikQhA7N64N7TEPgT6LIKlk5dNc5+ 28RveL23na8zg== From: cel@kernel.org To: Cc: Chuck Lever , Luis Chamberlain Subject: [PATCH v2 10/12] terraform: Add ssh hosts to ~/.ssh/config_kdevops_{{ sha1sum }} Date: Wed, 5 Feb 2025 10:52:50 -0500 Message-ID: <20250205155252.1317763-11-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever The fixed update_ssh_config module is still not removing ssh Host configuration information with "make destroy". Also, we want to have more control over how the control host's ssh config is managed. Updating a separate terraform module is getting awkward. Let's replace the independent terraform module that handles ssh configuration with a playbook that operates the same as guestfs: the host config is stuffed into a common file under ~/.ssh that is included in ~/.ssh/config, and is easily located and deleted by "make destroy". XXX: I'm not 100% sold on this organization: it might be better to fold the new playbook into scripts/bringup_terraform.sh somehow. Suggested-by: Luis Chamberlain Signed-off-by: Chuck Lever --- playbooks/add_ssh_hosts_terraform.yml | 5 +++ .../add_ssh_hosts_terraform/defaults/main.yml | 2 ++ .../add_ssh_hosts_terraform/tasks/main.yml | 33 +++++++++++++++++++ .../templates/ssh_config.j2 | 15 +++++++++ scripts/terraform.Makefile | 5 +++ terraform/aws/output.tf | 7 ++++ terraform/azure/output.tf | 8 +++++ terraform/gce/output.tf | 8 +++++ terraform/oci/output.tf | 9 +++++ terraform/openstack/output.tf | 7 ++++ 10 files changed, 99 insertions(+) create mode 100644 playbooks/add_ssh_hosts_terraform.yml create mode 100644 playbooks/roles/add_ssh_hosts_terraform/defaults/main.yml create mode 100644 playbooks/roles/add_ssh_hosts_terraform/tasks/main.yml create mode 100644 playbooks/roles/add_ssh_hosts_terraform/templates/ssh_config.j2 create mode 100644 terraform/oci/output.tf diff --git a/playbooks/add_ssh_hosts_terraform.yml b/playbooks/add_ssh_hosts_terraform.yml new file mode 100644 index 000000000000..b5ef86d09ac9 --- /dev/null +++ b/playbooks/add_ssh_hosts_terraform.yml @@ -0,0 +1,5 @@ +--- +- hosts: all + gather_facts: false + roles: + - role: add_ssh_hosts_terraform diff --git a/playbooks/roles/add_ssh_hosts_terraform/defaults/main.yml b/playbooks/roles/add_ssh_hosts_terraform/defaults/main.yml new file mode 100644 index 000000000000..33bd00e6d1a4 --- /dev/null +++ b/playbooks/roles/add_ssh_hosts_terraform/defaults/main.yml @@ -0,0 +1,2 @@ +--- +ssh_config_kexalgorithms: "" diff --git a/playbooks/roles/add_ssh_hosts_terraform/tasks/main.yml b/playbooks/roles/add_ssh_hosts_terraform/tasks/main.yml new file mode 100644 index 000000000000..d10db0175294 --- /dev/null +++ b/playbooks/roles/add_ssh_hosts_terraform/tasks/main.yml @@ -0,0 +1,33 @@ +--- +- name: Retrieve the public_ip_map from terraform + run_once: true + ansible.builtin.command: + chdir: "{{ topdir_path }}/terraform/{{ kdevops_terraform_provider }}" + cmd: "terraform output -json public_ip_map" + register: terraform_output + changed_when: false + +- name: Convert the public_ip_map into a dictionary + run_once: true + ansible.builtin.set_fact: + public_ip_map: "{{ terraform_output.stdout | from_json }}" + +- name: Insert or update the controller's ssh Host entry for {{ inventory_hostname }} + vars: + hostname: "{{ inventory_hostname }}" + ipaddr: "{{ public_ip_map[inventory_hostname] }}" + port: "22" + user: "{{ kdevops_terraform_ssh_config_user }}" + sshkey: "{{ sshdir }}/{{ kdevops_terraform_ssh_config_pubkey_file|basename|replace('.pub', '') }}" + strict: "{{ kdevops_terraform_ssh_config_update_strict|bool }}" + kexalgorithms: "{{ ssh_config_kexalgorithms }}" + throttle: 1 + ansible.builtin.blockinfile: + block: "{{ lookup('template', 'ssh_config.j2') }}" + create: true + dest: "{{ kdevops_ssh_config }}" + insertafter: "EOF" + marker: "# {mark} host configuration for {{ inventory_hostname }}" + marker_begin: "begin" + marker_end: "end" + mode: "u=rw,g=r,o=r" diff --git a/playbooks/roles/add_ssh_hosts_terraform/templates/ssh_config.j2 b/playbooks/roles/add_ssh_hosts_terraform/templates/ssh_config.j2 new file mode 100644 index 000000000000..f212e6e48607 --- /dev/null +++ b/playbooks/roles/add_ssh_hosts_terraform/templates/ssh_config.j2 @@ -0,0 +1,15 @@ +Host {{ hostname }} {{ ipaddr }} + HostName {{ ipaddr }} + User {{ user }} + Port {{ port }} + IdentityFile {{ sshkey }} +{% if kexalgorithms %} + KexAlgorithms {{ kexalgorithms }} +{% endif %} +{% if strict %} + UserKnownHostsFile /dev/null + StrictHostKeyChecking no + PasswordAuthentication no + IdentitiesOnly yes + LogLevel FATAL +{% endif %} diff --git a/scripts/terraform.Makefile b/scripts/terraform.Makefile index b4543d2561fb..1e86096717cb 100644 --- a/scripts/terraform.Makefile +++ b/scripts/terraform.Makefile @@ -165,6 +165,11 @@ ANSIBLE_EXTRA_ARGS += $(TERRAFORM_EXTRA_VARS) bringup_terraform: $(Q)$(TOPDIR)/scripts/bringup_terraform.sh + $(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ + --inventory hosts \ + playbooks/add_ssh_hosts_terraform.yml \ + --extra-vars=@./extra_vars.yaml \ + -e 'ansible_python_interpreter=/usr/bin/python3' destroy_terraform: $(Q)$(TOPDIR)/scripts/destroy_terraform.sh diff --git a/terraform/aws/output.tf b/terraform/aws/output.tf index 6ff195be2515..cb8cab4afcdd 100644 --- a/terraform/aws/output.tf +++ b/terraform/aws/output.tf @@ -25,3 +25,10 @@ output "login_using" { value = data.null_data_source.group_hostnames_and_ips.*.outputs } +# Each provider's output.tf needs to define a public_ip_map. This +# map is used to build the Ansible controller's ssh configuration. +# Each map entry contains the node's hostname and public IP address. +output "public_ip_map" { + description = "The public IP addresses assigned to each instance" + value = "${zipmap(var.kdevops_nodes[*], aws_eip.kdevops_eip[*].public_ip)}" +} diff --git a/terraform/azure/output.tf b/terraform/azure/output.tf index 5a2654970011..a8e32b605a47 100644 --- a/terraform/azure/output.tf +++ b/terraform/azure/output.tf @@ -37,3 +37,11 @@ data "null_data_source" "group_hostnames_and_ips" { output "login_using" { value = data.null_data_source.group_hostnames_and_ips.*.outputs } + +# Each provider's output.tf needs to define a public_ip_map. This +# map is used to build the Ansible controller's ssh configuration. +# Each map entry contains the node's hostname and public IP address. +output "public_ip_map" { + description = "The public IP addresses assigned to each instance" + value = "${zipmap(var.kdevops_nodes[*], azurerm_public_ip.kdevops_publicip[*].name)}" +} diff --git a/terraform/gce/output.tf b/terraform/gce/output.tf index 7b96c829173b..b95667cc7efd 100644 --- a/terraform/gce/output.tf +++ b/terraform/gce/output.tf @@ -24,3 +24,11 @@ data "null_data_source" "group_hostnames_and_ips" { output "login_using" { value = data.null_data_source.group_hostnames_and_ips.*.outputs } + +# Each provider's output.tf needs to define a public_ip_map. This +# map is used to build the Ansible controller's ssh configuration. +# Each map entry contains the node's hostname and public IP address. +output "public_ip_map" { + description = "The public IP addresses assigned to each instance" + value = "${zipmap(var.kdevops_nodes[*], local.ipv4s[*])}" +} diff --git a/terraform/oci/output.tf b/terraform/oci/output.tf new file mode 100644 index 000000000000..83a85a388055 --- /dev/null +++ b/terraform/oci/output.tf @@ -0,0 +1,9 @@ +# All generic output goes here + +# Each provider's output.tf needs to define a public_ip_map. This +# map is used to build the Ansible controller's ssh configuration. +# Each map entry contains the node's hostname and public IP address. +output "public_ip_map" { + description = "The public IP addresses assigned to each instance" + value = "${zipmap(var.kdevops_nodes[*], aws_eip.kdevops_eip[*].public_ip)}" +} diff --git a/terraform/openstack/output.tf b/terraform/openstack/output.tf index 148343561ae5..aff44d1b45f9 100644 --- a/terraform/openstack/output.tf +++ b/terraform/openstack/output.tf @@ -16,3 +16,10 @@ output "kdevops_hosts_and_ipv4" { value = data.null_data_source.group_hostnames_and_ips.*.outputs } +# Each provider's output.tf needs to define a public_ip_map. This +# map is used to build the Ansible controller's ssh configuration. +# Each map entry contains the node's hostname and public IP address. +output "public_ip_map" { + description = "The public IP addresses assigned to each instance" + value = "${zipmap(var.kdevops_nodes[*], openstack_compute_instance_v2.kdevops_instances[*].access_ip_v4)}" +} From patchwork Wed Feb 5 15:52:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961416 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE41B1519BD for ; Wed, 5 Feb 2025 15:53:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770780; cv=none; b=eCyJMBextkGKadAoEg9RKk0nJnLAOcF8Svnld1BGdirXd0IJ9/wqvN6DHSux0HcCt0ss7w8U2D9rTKhMxUPSUT1AByhZu/4De7Mn232UUkmHgtuldfH00Itob1/Qh5MCUCE0ImRKmMJZnfJFTvhJGfsSNqtTxA+6CjAiX5e8Zpg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770780; c=relaxed/simple; bh=j3BNIfspwzlAnnoKEMaXp2Sd2sIgS2Epq9rF833ahCk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uVeAIbP8qVtVPp9aoIKgcwXsxi58qIVeSa7ViK+k8aBgI+EqKyykoVUeIkd8uBHenAKhgjp7yEuoCERGB1RSyAx58bHrMWqgJnNYHtXFwv+R7GiTGMjaD9dIv+Yg2U+dMc6BOK3O9PeG+knqEN+Pu7olBVkcXQjT1OHHLMwektc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=BkrEKWGO; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="BkrEKWGO" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 635C1C4CEE2; Wed, 5 Feb 2025 15:53:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770780; bh=j3BNIfspwzlAnnoKEMaXp2Sd2sIgS2Epq9rF833ahCk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=BkrEKWGOeHMR5Js8xWG2AgwoxG91nJdYaTv9BhHhdWnmvhO/n89gS/dZQWk2bYOGP oCRzvPEjIbeK7nUbZEGeQtW1z1pWDTbtQ56cGzs2c6XH946B95vd6bdMFbsgYQCxfV pT1DfdAvK6RTTcpRnN31UQkS7FgtkWc8Cvb5NCO5endTEjaVcoZ+KPzlfHTJ+Q3w1k f36lKClvh8UOwI4Bb4Q/JS/hRFsgAwOTw9pjuR6NQeCsvUhwEZ3AuiGfD3HVkhqsmM +5I5zZx4KOWq6hDBJDZ2BIQLaKnMyI9Co+4glTGC3yE1F9jwhqjr1Yu/XUDdkobgFo 56C52zelD1cxg== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 11/12] terraform: "make mrproper" should remove terraform/*/.terraform Date: Wed, 5 Feb 2025 10:52:51 -0500 Message-ID: <20250205155252.1317763-12-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever "make mrproper" should clear this directory out so that the next kdevops run can retrieve up-to-date modules, as needed. Signed-off-by: Chuck Lever --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index a0441b2c7bb8..e0e5d8f962d2 100644 --- a/Makefile +++ b/Makefile @@ -252,6 +252,7 @@ mrproper: $(Q)$(MAKE) -f scripts/build.Makefile $@ $(Q)rm -f $(KDEVOPS_DEPCHECK) $(Q)rm -f terraform/*/terraform.tfvars + $(Q)rm -rf terraform/*/.terraform $(Q)rm -f $(KDEVOPS_NODES) $(Q)rm -f $(KDEVOPS_HOSTFILE) $(KDEVOPS_MRPROPER) $(Q)rm -f .config .config.old extra_vars.yaml $(KCONFIG_YAMLCFG) From patchwork Wed Feb 5 15:52:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chuck Lever X-Patchwork-Id: 13961417 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 605451519BD for ; Wed, 5 Feb 2025 15:53:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770781; cv=none; b=ahiONdObHQBGczJ2U8K/P/wgVn0uhNJdJt81ZkKDAq15OREey7JIepLYNaALKmK/t4z/rOfHa2N1ZhXT8W0RFX66CCEYlGYiul0ECKC2dHd1Us4mVQz+GcJPEapEtOD7SsaJQoJA5GBFS+fOckuBAITGCTs3pqQQoVr1rEyioyI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738770781; c=relaxed/simple; bh=jHUKaU0AdfJzo8XsSPRqJvewLRlfVX0zs71D3xqZ89Y=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jjhUnuEG25LGWEheXXT+GS92zuxUqojamb7xe7io+zipFQHfHTyR5XpPoPOmGmcqNWuhdhSNxVreoffftKUY9JKYJ+A11MiF86lWKzfsbFGpD+aFB7roM/rYkMSvCe4RzJHLRcy6RF5D5sH6AqkWWFU9IZdTP758BrfCo27fApo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=b9/dTZfp; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="b9/dTZfp" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E8300C4CED6; Wed, 5 Feb 2025 15:53:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738770781; bh=jHUKaU0AdfJzo8XsSPRqJvewLRlfVX0zs71D3xqZ89Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=b9/dTZfpwGkVwNut0AG/QmYhRU6wDAlSk5V2X2RBW5TcuwZ4tzS2iCLp0OEe3wi5t OmbY4DeirD76sn34CRnQNdoKe+CBNYn4h6MaS+MDJQzCM7IvTEfmad1y7+HcGXHehn vGAjOcET2kEZVysWiHKmB7nDLFN+d8cEZ7VJ5L5NMkEiyc8bbNOJ4p5OHwoPEuIsbY xj0HsEMRjTvi+j4ONsB8vgLiN76JyzRwed2Mka3nb3eeDAZFcduxdPBwTbwzvv08Qq Ki3GJsRNKZLdCCUVIrpoaCOVlJk+g7vnl96TJQ+CgjaEYlKOHgamKDtLoC2RSpVdjV LLudiOHzIcFeQ== From: cel@kernel.org To: Cc: Chuck Lever Subject: [PATCH v2 12/12] terraform: Remove the terrraform update_ssh_config module Date: Wed, 5 Feb 2025 10:52:52 -0500 Message-ID: <20250205155252.1317763-13-cel@kernel.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205155252.1317763-1-cel@kernel.org> References: <20250205155252.1317763-1-cel@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Chuck Lever The add_ssh_hosts_terraform playbook has taken its place. XXX: Need to add a public_ip_map output for all cloud providers before removing the update_ssh_config terraform module. Signed-off-by: Chuck Lever --- terraform/aws/output.tf | 25 ---------------------- terraform/aws/update_ssh_config.tf | 1 - terraform/azure/output.tf | 18 ---------------- terraform/azure/update_ssh_config.tf | 1 - terraform/gce/output.tf | 27 +----------------------- terraform/gce/update_ssh_config.tf | 1 - terraform/oci/update_ssh_config.tf | 1 - terraform/openstack/output.tf | 2 ++ terraform/openstack/update_ssh_config.tf | 1 - terraform/update_ssh_config.tf | 17 --------------- 10 files changed, 3 insertions(+), 91 deletions(-) delete mode 120000 terraform/aws/update_ssh_config.tf delete mode 120000 terraform/azure/update_ssh_config.tf delete mode 120000 terraform/gce/update_ssh_config.tf delete mode 120000 terraform/oci/update_ssh_config.tf delete mode 120000 terraform/openstack/update_ssh_config.tf delete mode 100644 terraform/update_ssh_config.tf diff --git a/terraform/aws/output.tf b/terraform/aws/output.tf index cb8cab4afcdd..83a85a388055 100644 --- a/terraform/aws/output.tf +++ b/terraform/aws/output.tf @@ -1,30 +1,5 @@ # All generic output goes here -locals { - ssh_key_i = format( - " %s%s ", - var.ssh_config_pubkey_file != "" ? "-i " : "", - var.ssh_config_pubkey_file != "" ? replace(var.ssh_config_pubkey_file, ".pub", "") : "", - ) -} - -data "null_data_source" "group_hostnames_and_ips" { - count = local.kdevops_num_boxes - inputs = { - value = format( - "%30s : ssh %s@%s %s ", - element(var.kdevops_nodes, count.index), - var.ssh_config_user, - element(aws_eip.kdevops_eip.*.public_ip, count.index), - local.ssh_key_i, - ) - } -} - -output "login_using" { - value = data.null_data_source.group_hostnames_and_ips.*.outputs -} - # Each provider's output.tf needs to define a public_ip_map. This # map is used to build the Ansible controller's ssh configuration. # Each map entry contains the node's hostname and public IP address. diff --git a/terraform/aws/update_ssh_config.tf b/terraform/aws/update_ssh_config.tf deleted file mode 120000 index 03cd77a65841..000000000000 --- a/terraform/aws/update_ssh_config.tf +++ /dev/null @@ -1 +0,0 @@ -../update_ssh_config.tf \ No newline at end of file diff --git a/terraform/azure/output.tf b/terraform/azure/output.tf index a8e32b605a47..ce5ac79ff694 100644 --- a/terraform/azure/output.tf +++ b/terraform/azure/output.tf @@ -20,24 +20,6 @@ output "kdevops_public_ip_addresses" { value = data.azurerm_public_ip.public_ips.*.ip_address } -locals { - ssh_key_i = format(" %s%s ", var.ssh_config_pubkey_file != "" ? "-i " : "", var.ssh_config_pubkey_file != "" ? replace(var.ssh_config_pubkey_file, ".pub", "") : "") -} - -data "null_data_source" "group_hostnames_and_ips" { - count = local.kdevops_num_boxes - inputs = { - # In theory using "${self.triggers["name"]}" and "${self.triggersp["ip"]}" - # would be nice but it is not supported in this context, only in the - # provisioner and connection contexts. - value = "${format("%30s : ssh %s@%s %s ", element(azurerm_linux_virtual_machine.kdevops_vm.*.name, count.index), var.ssh_config_user, element(azurerm_public_ip.kdevops_publicip.*.ip_address, count.index), local.ssh_key_i)}" - } -} - -output "login_using" { - value = data.null_data_source.group_hostnames_and_ips.*.outputs -} - # Each provider's output.tf needs to define a public_ip_map. This # map is used to build the Ansible controller's ssh configuration. # Each map entry contains the node's hostname and public IP address. diff --git a/terraform/azure/update_ssh_config.tf b/terraform/azure/update_ssh_config.tf deleted file mode 120000 index 03cd77a65841..000000000000 --- a/terraform/azure/update_ssh_config.tf +++ /dev/null @@ -1 +0,0 @@ -../update_ssh_config.tf \ No newline at end of file diff --git a/terraform/gce/output.tf b/terraform/gce/output.tf index b95667cc7efd..470617f700ee 100644 --- a/terraform/gce/output.tf +++ b/terraform/gce/output.tf @@ -1,29 +1,4 @@ -locals { - ssh_key_i = format(" %s%s ", var.ssh_config_pubkey_file != "" ? "-i " : "", var.ssh_config_pubkey_file != "" ? replace(var.ssh_config_pubkey_file, ".pub", "") : "") - network_interfaces = google_compute_instance.kdevops_instances.*.network_interface - access_configs = [ - for net_interface in local.network_interfaces : - net_interface[0].access_config - ] - ipv4s = [ - for access_config in local.access_configs : - access_config[0].nat_ip - ] -} - -data "null_data_source" "group_hostnames_and_ips" { - count = local.kdevops_num_boxes - inputs = { - # In theory using "${self.triggers["name"]}" and "${self.triggersp["ip"]}" - # would be nice but it is not supported in this context, only in the - # provisioner and connection contexts. - value = "${format("%30s : ssh %s@%s %s ", element(google_compute_instance.kdevops_instances.*.name, count.index), var.ssh_config_user, element(local.ipv4s, count.index), local.ssh_key_i)}" - } -} - -output "login_using" { - value = data.null_data_source.group_hostnames_and_ips.*.outputs -} +# All generic output goes here # Each provider's output.tf needs to define a public_ip_map. This # map is used to build the Ansible controller's ssh configuration. diff --git a/terraform/gce/update_ssh_config.tf b/terraform/gce/update_ssh_config.tf deleted file mode 120000 index 03cd77a65841..000000000000 --- a/terraform/gce/update_ssh_config.tf +++ /dev/null @@ -1 +0,0 @@ -../update_ssh_config.tf \ No newline at end of file diff --git a/terraform/oci/update_ssh_config.tf b/terraform/oci/update_ssh_config.tf deleted file mode 120000 index 03cd77a65841..000000000000 --- a/terraform/oci/update_ssh_config.tf +++ /dev/null @@ -1 +0,0 @@ -../update_ssh_config.tf \ No newline at end of file diff --git a/terraform/openstack/output.tf b/terraform/openstack/output.tf index aff44d1b45f9..2d60cc46c030 100644 --- a/terraform/openstack/output.tf +++ b/terraform/openstack/output.tf @@ -1,3 +1,5 @@ +# All generic output goes here + data "null_data_source" "group_hostnames_and_ips" { count = local.kdevops_num_boxes inputs = { diff --git a/terraform/openstack/update_ssh_config.tf b/terraform/openstack/update_ssh_config.tf deleted file mode 120000 index 03cd77a65841..000000000000 --- a/terraform/openstack/update_ssh_config.tf +++ /dev/null @@ -1 +0,0 @@ -../update_ssh_config.tf \ No newline at end of file diff --git a/terraform/update_ssh_config.tf b/terraform/update_ssh_config.tf deleted file mode 100644 index 03f0cbed424a..000000000000 --- a/terraform/update_ssh_config.tf +++ /dev/null @@ -1,17 +0,0 @@ -module "ssh_config_update_host_entries" { - source = "linux-kdevops/add-host-ssh-config/kdevops" - version = "3.0.0" - - ssh_config = var.ssh_config - update_ssh_config_enable = var.ssh_config_update - cmd = "update" - shorthosts = join(",", slice(local.shorthosts, 0, local.kdevops_num_boxes)) - hostnames = join(",", slice(local.ipv4s, 0, local.kdevops_num_boxes)) - ports = "22" - user = var.ssh_config_user == "" ? "" : var.ssh_config_user - id = replace(var.ssh_config_pubkey_file, ".pub", "") - strict = var.ssh_config_use_strict_settings ? "true" : "" - use_backup = !var.ssh_config_backup || var.ssh_config == "/dev/null" ? "" : "true" - backup_postfix = "kdevops" - kexalgorithms = var.ssh_config_kexalgorithms == "" ? "" : var.ssh_config_kexalgorithms -}