tower_credential: expect ssh_key_data to be a string instead of path (#45158)

* expect ssh_key_data to be a string instead of path

ssh_key_data should be a string filled with the private key
the old behavior can be archived with a lookup

Fixes #45119

* clarifies ssh_key_data description, adds newline

test/integration/targets/tower_credential/tasks/main.yml

@@ -5,6 +5,10 @@
 - name: Generate a local SSH key
   local_action: "shell ssh-keygen -b 2048 -t rsa -f {{ tempdir.stdout }}/id_rsa -q -N 'passphrase'"
 
+- name: Read the generated key
+  set_fact:
+    ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
+
 - name: Create a User-specific credential
   tower_credential:
     name: SSH Credential
@@ -43,6 +47,46 @@
     become_method: sudo
     become_username: superuser
     become_password: supersecret
+    ssh_key_data: "{{ ssh_key_data }}"
+    ssh_key_unlock: "passphrase"
+  register: result
+
+- assert:
+    that:
+      - "result is changed"
+
+- name: Create a valid SSH credential from lookup source
+  tower_credential:
+    name: SSH Credential from lookup source
+    organization: Default
+    state: present
+    kind: ssh
+    description: An example SSH credential from lookup source
+    username: joe
+    password: secret
+    become_method: sudo
+    become_username: superuser
+    become_password: supersecret
+    ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
+    ssh_key_unlock: "passphrase"
+  register: result
+
+- assert:
+    that:
+      - "result is changed"
+
+- name: Create a valid SSH credential from file source
+  tower_credential:
+    name: SSH Credential from file source
+    organization: Default
+    state: present
+    kind: ssh
+    description: An example SSH credential from file source
+    username: joe
+    password: secret
+    become_method: sudo
+    become_username: superuser
+    become_password: supersecret
     ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
     ssh_key_unlock: "passphrase"
   register: result
@@ -50,6 +94,8 @@
 - assert:
     that:
       - "result is changed"
+      - "result is not failed"
+      - "'ssh_key_data should be a string, not a path to a file.' in result.deprecations[0].msg"
 
 - name: Create an invalid SSH credential (passphrase required)
   tower_credential:
@@ -58,7 +104,7 @@
     state: present
     kind: ssh
     username: joe
-    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
+    ssh_key_data: "{{ ssh_key_data }}"
   ignore_errors: yes
   register: result
 
@@ -67,38 +113,6 @@
       - "result is failed"
       - "'must be set when SSH key is encrypted' in result.module_stderr"
 
-- name: Create an invalid SSH credential (ssh_key_data file is missing)
-  tower_credential:
-    name: SSH Credential
-    organization: Default
-    state: present
-    kind: ssh
-    username: joe
-    ssh_key_data: "{{ tempdir.stdout }}/not_a_valid_file"
-  ignore_errors: yes
-  register: result
-
-- assert:
-    that:
-      - "result is failed"
-      - "'file not found' in result.msg"
-
-- name: Create an invalid SSH credential (ssh_key_data is a directory)
-  tower_credential:
-    name: SSH Credential
-    organization: Default
-    state: present
-    kind: ssh
-    username: joe
-    ssh_key_data: "{{ tempdir.stdout }}"
-  ignore_errors: yes
-  register: result
-
-- assert:
-    that:
-      - "result is failed"
-      - "'attempted to read contents of directory' in result.msg"
-
 - name: Create an invalid SSH credential (Organization not found)
   tower_credential:
     name: SSH Credential
@@ -202,7 +216,7 @@
     kind: scm
     username: joe
     password: secret
-    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
+    ssh_key_data: "{{ ssh_key_data }}"
     ssh_key_unlock: "passphrase"
   register: result
 
@@ -338,7 +352,7 @@
     kind: gce
     username: joe
     project: ABC123
-    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
+    ssh_key_data: "{{ ssh_key_data }}"
   register: result
 
 - assert: