From 8ba2e15578f61910b640ecb7621f73afaa64f3bc Mon Sep 17 00:00:00 2001 From: Maxim Babushkin Date: Tue, 5 Mar 2019 18:07:43 +0200 Subject: [PATCH] Add public key return to openssh_keypair (#53214) - The openssh_keypair module will return a public key output on the private key creation. - Add integration test in order to verify the public key output. --- lib/ansible/modules/crypto/openssh_keypair.py | 12 ++++++++++++ .../targets/openssh_keypair/tasks/main.yml | 5 +++++ .../targets/openssh_keypair/tests/validate.yml | 6 ++++++ 3 files changed, 23 insertions(+) diff --git a/lib/ansible/modules/crypto/openssh_keypair.py b/lib/ansible/modules/crypto/openssh_keypair.py index ad8318d224..7377235558 100644 --- a/lib/ansible/modules/crypto/openssh_keypair.py +++ b/lib/ansible/modules/crypto/openssh_keypair.py @@ -108,6 +108,11 @@ fingerprint: returned: changed or success type: str sample: 4096 SHA256:r4YCZxihVjedH2OlfjVGI6Y5xAYtdCwk8VxKyzVyYfM example@example.com (RSA) +public_key: + description: The public key of the generated SSH private key + returned: changed or success + type: str + sample: ssh-rsa AAAAB3Nza(...omitted...)veL4E3Xcw== test_key ''' import os @@ -134,6 +139,7 @@ class Keypair(object): self.check_mode = module.check_mode self.privatekey = None self.fingerprint = {} + self.public_key = {} if self.type in ('rsa', 'rsa1'): self.size = 4096 if self.size is None else self.size @@ -178,6 +184,8 @@ class Keypair(object): module.run_command(args) proc = module.run_command([module.get_bin_path('ssh-keygen', True), '-lf', self.path]) self.fingerprint = proc[1].split() + pubkey = module.run_command([module.get_bin_path('ssh-keygen', True), '-yf', self.path]) + self.public_key = pubkey[1].strip('\n') except Exception as e: self.remove() module.fail_json(msg="%s" % to_native(e)) @@ -195,6 +203,8 @@ class Keypair(object): if _check_state(): proc = module.run_command([module.get_bin_path('ssh-keygen', True), '-lf', self.path]) fingerprint = proc[1].split() + pubkey = module.run_command([module.get_bin_path('ssh-keygen', True), '-yf', self.path]) + pubkey = pubkey[1].strip('\n') keysize = int(fingerprint[0]) keytype = fingerprint[-1][1:-1].lower() else: @@ -211,6 +221,7 @@ class Keypair(object): return self.size == keysize self.fingerprint = fingerprint + self.public_key = pubkey if not perms_required: return _check_state() and _check_type() and _check_size() @@ -228,6 +239,7 @@ class Keypair(object): 'type': self.type, 'filename': self.path, 'fingerprint': self.fingerprint, + 'public_key': self.public_key, } return result diff --git a/test/integration/targets/openssh_keypair/tasks/main.yml b/test/integration/targets/openssh_keypair/tasks/main.yml index a9f5877d43..df715e0c2f 100644 --- a/test/integration/targets/openssh_keypair/tasks/main.yml +++ b/test/integration/targets/openssh_keypair/tasks/main.yml @@ -22,4 +22,9 @@ state: absent path: '{{ output_dir }}/privatekey4' +- name: Generate privatekey5 - standard + openssh_keypair: + path: '{{ output_dir }}/privatekey5' + register: publickey_gen + - import_tasks: ../tests/validate.yml diff --git a/test/integration/targets/openssh_keypair/tests/validate.yml b/test/integration/targets/openssh_keypair/tests/validate.yml index 51c3d7ce5b..fd9d789293 100644 --- a/test/integration/targets/openssh_keypair/tests/validate.yml +++ b/test/integration/targets/openssh_keypair/tests/validate.yml @@ -37,3 +37,9 @@ assert: that: - privatekey4.stat.exists == False + + +- name: Validate privatekey5 (assert - Public key module output equal to the public key on host) + assert: + that: + - "publickey_gen.public_key == lookup('file', output_dir ~ '/privatekey5.pub').strip('\n')"