From ffb018f8f0d89fc7c755a99d891b8281651bc77d Mon Sep 17 00:00:00 2001 From: Sayali Bhavsar Date: Wed, 4 Feb 2026 00:28:30 +0530 Subject: [PATCH 1/2] Add explicit SSH public key configuration support --- .../roles/aws_create/files/tf/vars.tf | 5 ++++ .../roles/aws_create/templates/tfvars.j2 | 1 + .../azure_create/files/tf/main_net_p2_sub.tf | 2 +- .../azure_create/files/tf/main_net_p2_urn.tf | 2 +- .../roles/azure_create/files/tf/vars.tf | 5 ++++ .../azure_create/files/tf/vm_spot_set_sub.tf | 2 +- .../azure_create/files/tf/vm_spot_set_urn.tf | 2 +- .../roles/azure_create/templates/tfvars.j2 | 1 + .../gcp_create_instance/files/tf/main.tf | 2 +- .../gcp_create_instance/files/tf/vars.tf | 5 ++++ .../gcp_create_instance/templates/tfvars.j2 | 1 + bin/burden | 24 ++++++++++++++++++- 12 files changed, 46 insertions(+), 6 deletions(-) diff --git a/ansible_roles/roles/aws_create/files/tf/vars.tf b/ansible_roles/roles/aws_create/files/tf/vars.tf index 04354767..94e1d184 100644 --- a/ansible_roles/roles/aws_create/files/tf/vars.tf +++ b/ansible_roles/roles/aws_create/files/tf/vars.tf @@ -45,6 +45,11 @@ variable "ssh_key_path" { default = "none" } +variable "ssh_public_key_path" { + type = string + default = "~/.ssh/id_rsa.pub" +} + variable "security_group" { type = string default = "none" diff --git a/ansible_roles/roles/aws_create/templates/tfvars.j2 b/ansible_roles/roles/aws_create/templates/tfvars.j2 index 25e4fa9c..663396ee 100644 --- a/ansible_roles/roles/aws_create/templates/tfvars.j2 +++ b/ansible_roles/roles/aws_create/templates/tfvars.j2 @@ -8,6 +8,7 @@ run_label = "{{ config_info.user_running }}_{{ config_info.run_label | lower() | region = "{{ config_info.cloud_delete_region }}" ssh_key_path = "{{ config_info.ssh_key }}" +ssh_public_key_path = "{{ config_info.ssh_public_key }}" test_user = "{{ config_info.test_user }}" diff --git a/ansible_roles/roles/azure_create/files/tf/main_net_p2_sub.tf b/ansible_roles/roles/azure_create/files/tf/main_net_p2_sub.tf index 3a985a86..0f4849b4 100644 --- a/ansible_roles/roles/azure_create/files/tf/main_net_p2_sub.tf +++ b/ansible_roles/roles/azure_create/files/tf/main_net_p2_sub.tf @@ -10,7 +10,7 @@ resource "azurerm_linux_virtual_machine" "virtualmachine" { admin_ssh_key { username = var.test_user - public_key = file("~/.ssh/id_rsa.pub") + public_key = file(var.ssh_public_key_path) } PRIORITYSPOT EVICTIONPOLICY diff --git a/ansible_roles/roles/azure_create/files/tf/main_net_p2_urn.tf b/ansible_roles/roles/azure_create/files/tf/main_net_p2_urn.tf index 9ab3fd72..741dc42f 100644 --- a/ansible_roles/roles/azure_create/files/tf/main_net_p2_urn.tf +++ b/ansible_roles/roles/azure_create/files/tf/main_net_p2_urn.tf @@ -10,7 +10,7 @@ resource "azurerm_linux_virtual_machine" "virtualmachine" { admin_ssh_key { username = var.test_user - public_key = file("~/.ssh/id_rsa.pub") + public_key = file(var.ssh_public_key_path) } PRIORITYSPOT EVICTIONPOLICY diff --git a/ansible_roles/roles/azure_create/files/tf/vars.tf b/ansible_roles/roles/azure_create/files/tf/vars.tf index 1c23c9b5..5de4a64c 100644 --- a/ansible_roles/roles/azure_create/files/tf/vars.tf +++ b/ansible_roles/roles/azure_create/files/tf/vars.tf @@ -47,6 +47,11 @@ variable "ssh_key_path" { default = "~/.ssh/id_rsa" } +variable "ssh_public_key_path" { + type = string + default = "~/.ssh/id_rsa.pub" +} + variable "vm_image" { type = string default = "none" diff --git a/ansible_roles/roles/azure_create/files/tf/vm_spot_set_sub.tf b/ansible_roles/roles/azure_create/files/tf/vm_spot_set_sub.tf index dbe4357e..af3b3127 100644 --- a/ansible_roles/roles/azure_create/files/tf/vm_spot_set_sub.tf +++ b/ansible_roles/roles/azure_create/files/tf/vm_spot_set_sub.tf @@ -9,7 +9,7 @@ resource "azurerm_linux_virtual_machine" "virtualmachine" { admin_username = var.test_user admin_ssh_key { username = var.test_user - public_key = file("~/.ssh/id_rsa.pub") + public_key = file(var.ssh_public_key_path) } PRIORITYSPOT EVICTIONPOLICY diff --git a/ansible_roles/roles/azure_create/files/tf/vm_spot_set_urn.tf b/ansible_roles/roles/azure_create/files/tf/vm_spot_set_urn.tf index ed436575..6d90612a 100644 --- a/ansible_roles/roles/azure_create/files/tf/vm_spot_set_urn.tf +++ b/ansible_roles/roles/azure_create/files/tf/vm_spot_set_urn.tf @@ -9,7 +9,7 @@ resource "azurerm_linux_virtual_machine" "virtualmachine" { admin_username = var.test_user admin_ssh_key { username = var.test_user - public_key = file("~/.ssh/id_rsa.pub") + public_key = file(var.ssh_public_key_path) } PRIORITYSPOT EVICTIONPOLICY diff --git a/ansible_roles/roles/azure_create/templates/tfvars.j2 b/ansible_roles/roles/azure_create/templates/tfvars.j2 index 85bf7f28..d8adf969 100644 --- a/ansible_roles/roles/azure_create/templates/tfvars.j2 +++ b/ansible_roles/roles/azure_create/templates/tfvars.j2 @@ -12,6 +12,7 @@ run_label = "{{ config_info.user_running }}-{{ config_info.run_label | lower() | region = "{{ config_info.cloud_region }}" ssh_key_path = "{{ config_info.ssh_key }}" +ssh_public_key_path = "{{ config_info.ssh_public_key }}" test_user = "{{ config_info.test_user }}" diff --git a/ansible_roles/roles/gcp_create_instance/files/tf/main.tf b/ansible_roles/roles/gcp_create_instance/files/tf/main.tf index 73890062..aaba2532 100644 --- a/ansible_roles/roles/gcp_create_instance/files/tf/main.tf +++ b/ansible_roles/roles/gcp_create_instance/files/tf/main.tf @@ -69,7 +69,7 @@ resource "google_compute_instance" "test" { # copies ssh public key into the system for ssh access to the VM metadata = { - ssh-keys = "${var.test_user}:${file("${var.ssh_key_path}.pub")}" + ssh-keys = "${var.test_user}:${file(var.ssh_public_key_path)}" } # Ensures that instance is created after successful creation of networks diff --git a/ansible_roles/roles/gcp_create_instance/files/tf/vars.tf b/ansible_roles/roles/gcp_create_instance/files/tf/vars.tf index 8f7778a7..21e6fbaf 100644 --- a/ansible_roles/roles/gcp_create_instance/files/tf/vars.tf +++ b/ansible_roles/roles/gcp_create_instance/files/tf/vars.tf @@ -33,6 +33,11 @@ variable "ssh_key_path" { default = "~/.ssh/id_rsa" } +variable "ssh_public_key_path" { + type = string + default = "~/.ssh/id_rsa.pub" +} + variable "vm_image" { type = string default = "rhel-cloud/rhel-8" diff --git a/ansible_roles/roles/gcp_create_instance/templates/tfvars.j2 b/ansible_roles/roles/gcp_create_instance/templates/tfvars.j2 index c29837e0..4660259f 100644 --- a/ansible_roles/roles/gcp_create_instance/templates/tfvars.j2 +++ b/ansible_roles/roles/gcp_create_instance/templates/tfvars.j2 @@ -12,6 +12,7 @@ region = "{{ config_info.cloud_region }}" zone = "{{ config_info.cloud_zone }}" ssh_key_path = "{{ config_info.ssh_key }}" +ssh_public_key_path = "{{ config_info.ssh_public_key }}" test_user = "{{ config_info.test_user }}" diff --git a/bin/burden b/bin/burden index f3f4af2e..4e060bde 100755 --- a/bin/burden +++ b/bin/burden @@ -187,6 +187,7 @@ gl_selinux_level="enforcing" gl_selinux_state=$value_not_set gl_selinux_state_set=0 gl_ssh_key_file="" +gl_ssh_public_key_file="" gl_show_os_versions=0; gl_test_def_file="" gl_test_def_dir="${gl_top_dir}/config" @@ -1909,8 +1910,12 @@ create_ansible_options() echo " kit_upload_directory: ${gl_kit_upload_directory}" >> ansible_vars_main.yml if [[ $gl_ssh_key_file == "" ]]; then echo " ssh_key: $HOME/.ssh/id_rsa" >> ansible_vars_main.yml + echo " ssh_public_key: $HOME/.ssh/id_rsa.pub" >> ansible_vars_main.yml else echo " ssh_key: ${gl_ssh_key_file}" >> ansible_vars_main.yml + if [[ $gl_ssh_public_key_file != "" ]]; then + echo " ssh_public_key: ${gl_ssh_public_key_file}" >> ansible_vars_main.yml + fi fi # # local system type, user is expected to be root. cloud systems are expected @@ -2350,6 +2355,13 @@ verify_ssh_key_file() fi } +verify_ssh_public_key_file() +{ + if [[ ! -f $1 ]]; then + cleanup_and_exit "Error: ssh public key file $1 does not exist." 1 + fi +} + # # Verify that the test def file is present. # @@ -3340,7 +3352,8 @@ usage() echo " --scenario_vars : file that contains the variables for the scenario file. The default is config/zathras_scenario_vars_def." echo " --selinux_level: enforcing/permissive/disabled" echo " --selinux_state: disabled/enabled" - echo " --ssh_key_file: Designates the ssh key file we are to use." + echo " --ssh_key_file: Designates the ssh private key file we are to use." + echo " --ssh_public_key_file: Designates the ssh public key file we are to use. Only used if explicitly specified." echo " --show_os_versions: given the cloud type, and OS vendor, show the available os versions" echo " --show_tests: list the available test as defined in config/test_defs.yml" echo " --test_def_file : test definition file to use." @@ -3635,6 +3648,14 @@ set_general_value() fi shift_by=2 ;; + --ssh_public_key_file) + if [[ $gl_ssh_public_key_file == "" ]]; then + echo "$1 $2" >> $gl_cli_supplied_options + gl_ssh_public_key_file=$2 + verify_data verify_ssh_public_key_file $gl_ssh_public_key_file + fi + shift_by=2 + ;; --system_type) if [[ $gl_system_type == "" ]]; then echo "$1 $2" >> $gl_cli_supplied_options @@ -3812,6 +3833,7 @@ grab_cli_data() "run_file" "scenario" "ssh_key_file" + "ssh_public_key_file" "tuned_profiles" "scenario_vars" "selinux_level" From 50ef1b318496077587b972ad08fc399d0bc7a1d2 Mon Sep 17 00:00:00 2001 From: Sayali Bhavsar Date: Sat, 28 Feb 2026 00:40:16 +0530 Subject: [PATCH 2/2] Fix default ssh_public_key when ssh_public_key_file is not specified --- bin/burden | 2 ++ 1 file changed, 2 insertions(+) diff --git a/bin/burden b/bin/burden index 4e060bde..3f880843 100755 --- a/bin/burden +++ b/bin/burden @@ -1915,6 +1915,8 @@ create_ansible_options() echo " ssh_key: ${gl_ssh_key_file}" >> ansible_vars_main.yml if [[ $gl_ssh_public_key_file != "" ]]; then echo " ssh_public_key: ${gl_ssh_public_key_file}" >> ansible_vars_main.yml + else + echo " ssh_public_key: $HOME/.ssh/id_rsa.pub" >> ansible_vars_main.yml fi fi #