Add public key return to openssh_keypair (#53214)

- The openssh_keypair module will return a public key output on the private key creation. - Add integration test in order to verify the public key output.
2019-03-05 18:07:43 +02:00 · 2019-03-05 18:07:43 +02:00 · 8ba2e15578
commit 8ba2e15578
parent 139abd0849
3 changed files with 23 additions and 0 deletions
--- a/lib/ansible/modules/crypto/openssh_keypair.py
+++ b/lib/ansible/modules/crypto/openssh_keypair.py
@ -108,6 +108,11 @@ fingerprint:
    returned: changed or success
    type: str
    sample: 4096 SHA256:r4YCZxihVjedH2OlfjVGI6Y5xAYtdCwk8VxKyzVyYfM example@example.com (RSA)
+public_key:
+    description: The public key of the generated SSH private key
+    returned: changed or success
+    type: str
+    sample: ssh-rsa AAAAB3Nza(...omitted...)veL4E3Xcw== test_key
 '''

 import os
@ -134,6 +139,7 @@ class Keypair(object):
        self.check_mode = module.check_mode
        self.privatekey = None
        self.fingerprint = {}
+        self.public_key = {}

        if self.type in ('rsa', 'rsa1'):
            self.size = 4096 if self.size is None else self.size
@ -178,6 +184,8 @@ class Keypair(object):
                module.run_command(args)
                proc = module.run_command([module.get_bin_path('ssh-keygen', True), '-lf', self.path])
                self.fingerprint = proc[1].split()
+                pubkey = module.run_command([module.get_bin_path('ssh-keygen', True), '-yf', self.path])
+                self.public_key = pubkey[1].strip('\n')
            except Exception as e:
                self.remove()
                module.fail_json(msg="%s" % to_native(e))
@ -195,6 +203,8 @@ class Keypair(object):
        if _check_state():
            proc = module.run_command([module.get_bin_path('ssh-keygen', True), '-lf', self.path])
            fingerprint = proc[1].split()
+            pubkey = module.run_command([module.get_bin_path('ssh-keygen', True), '-yf', self.path])
+            pubkey = pubkey[1].strip('\n')
            keysize = int(fingerprint[0])
            keytype = fingerprint[-1][1:-1].lower()
        else:
@ -211,6 +221,7 @@ class Keypair(object):
            return self.size == keysize

        self.fingerprint = fingerprint
+        self.public_key = pubkey

        if not perms_required:
            return _check_state() and _check_type() and _check_size()
@ -228,6 +239,7 @@ class Keypair(object):
            'type': self.type,
            'filename': self.path,
            'fingerprint': self.fingerprint,
+            'public_key': self.public_key,
        }

        return result
--- a/test/integration/targets/openssh_keypair/tasks/main.yml
+++ b/test/integration/targets/openssh_keypair/tasks/main.yml
@ -22,4 +22,9 @@
    state: absent
    path: '{{ output_dir }}/privatekey4'

+- name: Generate privatekey5 - standard
+  openssh_keypair:
+    path: '{{ output_dir }}/privatekey5'
+  register: publickey_gen
+
 - import_tasks: ../tests/validate.yml
--- a/test/integration/targets/openssh_keypair/tests/validate.yml
+++ b/test/integration/targets/openssh_keypair/tests/validate.yml
@ -37,3 +37,9 @@
  assert:
    that:
      - privatekey4.stat.exists == False
+
+
+- name: Validate privatekey5 (assert - Public key module output equal to the public key on host)
+  assert:
+    that:
+      - "publickey_gen.public_key == lookup('file', output_dir ~ '/privatekey5.pub').strip('\n')"