From: cel@kernel.org
To: <kdevops@lists.linux.dev>
Cc: Chuck Lever <chuck.lever@oracle.com>
Subject: [RFC PATCH 2/4] update_ssh_config: Add always-run ssh clean-up steps
Date: Fri, 31 Jan 2025 15:19:30 -0500 [thread overview]
Message-ID: <20250131201932.449083-3-cel@kernel.org> (raw)
In-Reply-To: <20250131201932.449083-1-cel@kernel.org>
From: Chuck Lever <chuck.lever@oracle.com>
This common bit of logic is by the "make destroy" target, so it
affects all virtualization methods.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
.../roles/update_ssh_config/tasks/main.yml | 44 +++++++++++++++++++
scripts/bringup.Makefile | 7 +++
scripts/destroy_guestfs.sh | 6 ---
scripts/guestfs.Makefile | 1 -
scripts/terraform.Makefile | 1 -
5 files changed, 51 insertions(+), 8 deletions(-)
diff --git a/playbooks/roles/update_ssh_config/tasks/main.yml b/playbooks/roles/update_ssh_config/tasks/main.yml
index 583d006c85c3..1ccbf1563269 100644
--- a/playbooks/roles/update_ssh_config/tasks/main.yml
+++ b/playbooks/roles/update_ssh_config/tasks/main.yml
@@ -5,6 +5,22 @@
tags:
- vars
+- name: Set the pathname of the ephemeral ssh config file
+ ansible.builtin.set_fact:
+ kdevops_ssh_config: "{{ sshdir }}/config_kdevops_{{ topdir_path_sha256sum }}"
+ when:
+ - topdir_path_sha256sum is defined
+ tags:
+ - vars
+
+- name: Set the pathname of the ephemeral ssh config file
+ ansible.builtin.set_fact:
+ kdevops_ssh_config: "{{ sshdir }}/config_kdevops_{{ kdevops_host_prefix }}"
+ when:
+ - topdir_path_sha256sum is not defined
+ tags:
+ - vars
+
- name: Check that the user's ssh config file exists
delegate_to: localhost
run_once: true
@@ -104,3 +120,31 @@
Include ~/.ssh/config_kdevops_*
tags:
- deps
+
+- name: Remove saved keys for the target nodes
+ delegate_to: localhost
+ throttle: 1
+ ansible.builtin.command:
+ argv:
+ - "ssh-keygen"
+ - "-q"
+ - "-f"
+ - "{{ sshdir }}/known_hosts"
+ - "-R"
+ - "{{ inventory_hostname }}"
+ register: result
+ failed_when: false
+ changed_when:
+ - result is success
+ - not "not found in" in result.stderr
+ tags:
+ - clean
+
+- name: Remove the ephemeral ssh config file on the control host
+ delegate_to: localhost
+ run_once: true
+ ansible.builtin.file:
+ path: "{{ kdevops_ssh_config }}"
+ state: absent
+ tags:
+ - clean
diff --git a/scripts/bringup.Makefile b/scripts/bringup.Makefile
index 148547c0644a..1d1f916eaf63 100644
--- a/scripts/bringup.Makefile
+++ b/scripts/bringup.Makefile
@@ -23,6 +23,13 @@ endif
bringup: $(KDEVOPS_BRING_UP_DEPS)
destroy: $(KDEVOPS_DESTROY_DEPS)
+ $(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \
+ -i hosts \
+ playbooks/update_ssh_config.yml \
+ --extra-vars=@./extra_vars.yaml \
+ -e 'ansible_python_interpreter=/usr/bin/python3' \
+ --tags vars,clean
+ $(Q)rm -f $(KDEVOPS_PROVISIONED_SSH) $(KDEVOPS_PROVISIONED_DEVCONFIG)
bringup-help-menu:
@echo "Bringup targets:"
diff --git a/scripts/destroy_guestfs.sh b/scripts/destroy_guestfs.sh
index ae31b0cc251e..e40dea9361f0 100755
--- a/scripts/destroy_guestfs.sh
+++ b/scripts/destroy_guestfs.sh
@@ -23,14 +23,8 @@ if [ -f "$GUESTFSDIR/kdevops_nodes.yaml" ]; then
fi
rm -rf "$GUESTFSDIR/$name"
rm -rf "$STORAGEDIR/$name"
- ssh-keygen -q -f ~/.ssh/known_hosts -R $name 1> /dev/null 2>&1
done
fi
-if [[ "$CONFIG_TOPDIR_PATH_HAS_SHA256SUM" == "y" ]]; then
- rm -f ~/.ssh/config_kdevops_$CONFIG_TOPDIR_PATH_SHA256SUM
-else
- rm -f ~/.ssh/config_kdevops_$CONFIG_KDEVOPS_HOSTS_PREFIX
-fi
rm -f $GUESTFSDIR/.provisioned_once
rm -f $GUESTFSDIR/kdevops_nodes.yaml
diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile
index 8d3f01c35758..dd78c1c8d4aa 100644
--- a/scripts/guestfs.Makefile
+++ b/scripts/guestfs.Makefile
@@ -85,7 +85,6 @@ PHONY += bringup_guestfs
destroy_guestfs:
$(Q)$(TOPDIR)/scripts/destroy_guestfs.sh
- $(Q)rm -f $(KDEVOPS_PROVISIONED_SSH) $(KDEVOPS_PROVISIONED_DEVCONFIG)
PHONY += destroy_guestfs
diff --git a/scripts/terraform.Makefile b/scripts/terraform.Makefile
index a2a2f8f73961..58eadd9cd9a0 100644
--- a/scripts/terraform.Makefile
+++ b/scripts/terraform.Makefile
@@ -166,7 +166,6 @@ bringup_terraform:
destroy_terraform:
$(Q)$(TOPDIR)/scripts/destroy_terraform.sh
- $(Q)rm -f $(KDEVOPS_PROVISIONED_DEVCONFIG)
$(KDEVOPS_TFVARS): $(KDEVOPS_TFVARS_TEMPLATE) .config
$(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \
--
2.48.1
next prev parent reply other threads:[~2025-01-31 20:19 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-31 20:19 [RFC PATCH 0/4] Replace terraform update_ssh_config module cel
2025-01-31 20:19 ` [RFC PATCH 1/4] guestfs: Rename the update_ssh_config_guestfs role cel
2025-01-31 20:19 ` cel [this message]
2025-01-31 20:19 ` [RFC PATCH 3/4] terraform: Add ssh hosts to ~/.ssh/config_kdevops_{{ sha1sum }} cel
2025-01-31 20:19 ` [RFC PATCH 4/4] terraform: Remove the terrraform update_ssh_config module cel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250131201932.449083-3-cel@kernel.org \
--to=cel@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=kdevops@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.