beargiles
commented
2 years ago Could you deploy your existing public key in the 'prepare.yml' playbook? This would let you continue to use ephemeral keys while also allowing you to use your existing key(s).
FWIW my local playbook includes this
- name: add_local_user | Add authorized keys for dev/qa users
ansible.posix.authorized_key:
user: '{{ item.user }}'
key: 'https://github.com/{{ item.github_user }}.keys'
loop: '{{ dev_accounts + qa_accounts }}'Where it's looping over a dict that contains (username, github username) pairs.
It would be trivial to add a single public key that's kept in the scenario's directory/subdirectory.
With the way the current code works, I don't see a way to provide a private key to pass into Molecule for the EC2 instance while at the same time have the EC2 instance use an EC2 SSH key name and NOT generate an ephemeral key and NOT override or append cloud-init config.
The use case is that during testing time, we have an SSH key on local disk that we want to reuse. AWS has this key aliased as an EC2 key. We want to fire up the EC2 instance and provide the key name. We want to NOT generate ephemeral EC2 keys by the driver.
The other caveat being that we don't want to override or append cloud-init because the AMIs we're testing already have cloud-init set up and have scripting that will pick up the public SSH key as provided by AWS and set it for the user we're trying to log in with.