cloudstack_ssh: replace ssh public key if fingerprints do not match

This commit is contained in:
Rene Moser 2015-03-28 22:12:19 +01:00 committed by Matt Clay
parent 4c35f75597
commit d4333080c4

View file

@ -95,6 +95,12 @@ try:
except ImportError:
has_lib_cs = False
try:
import sshpubkeys
has_lib_sshpubkeys = True
except ImportError:
has_lib_sshpubkeys = False
from ansible.module_utils.cloudstack import *
class AnsibleCloudStackSshKey(AnsibleCloudStack):
@ -109,14 +115,30 @@ class AnsibleCloudStackSshKey(AnsibleCloudStack):
def register_ssh_key(self, public_key):
ssh_key = self.get_ssh_key()
if not ssh_key:
self.result['changed'] = True
args = {}
args['projectid'] = self.get_project_id()
args['name'] = self.module.params.get('name')
res = None
if not ssh_key:
self.result['changed'] = True
args['publickey'] = public_key
if not self.module.check_mode:
ssh_key = self.cs.registerSSHKeyPair(**args)
res = self.cs.registerSSHKeyPair(**args)
else:
fingerprint = self._get_ssh_fingerprint(public_key)
if ssh_key['fingerprint'] != fingerprint:
self.result['changed'] = True
if not self.module.check_mode:
self.cs.deleteSSHKeyPair(**args)
args['publickey'] = public_key
res = self.cs.registerSSHKeyPair(**args)
if res and 'keypair' in res:
ssh_key = res['keypair']
return ssh_key
@ -170,6 +192,11 @@ class AnsibleCloudStackSshKey(AnsibleCloudStack):
return self.result
def _get_ssh_fingerprint(self, public_key):
key = sshpubkeys.SSHKey(public_key)
return key.hash()
def main():
module = AnsibleModule(
argument_spec = dict(
@ -188,6 +215,9 @@ def main():
if not has_lib_cs:
module.fail_json(msg="python library cs required: pip install cs")
if not has_lib_sshpubkeys:
module.fail_json(msg="python library sshpubkeys required: pip install sshpubkeys")
try:
acs_sshkey = AnsibleCloudStackSshKey(module)
state = module.params.get('state')