additional_ssh_private_keys

README.md

@@ -51,6 +51,8 @@ provisioner:
   ansible_verbose: true
   ansible_version: latest
   require_chef_for_busser: false
+  additional_ssh_private_keys:
+  - /mykey/id_rsa
 
 platforms:
   - name: nocm_centos-6.5

lib/kitchen-ansible/version.rb

@@ -1,6 +1,6 @@
 # -*- encoding: utf-8 -*-
 module Kitchen
   module Ansible
-    VERSION = '0.46.2'
+    VERSION = '0.46.3'.freeze
   end
 end

lib/kitchen/provisioner/ansible/config.rb

@@ -56,6 +56,7 @@ class Config
         default_config :require_pip, false
         default_config :requirements_path, false
         default_config :ssh_known_hosts, nil
+        default_config :additional_ssh_private_keys, nil
         default_config :ansible_verbose, false
         default_config :ansible_verbosity, 1
         default_config :ansible_check, false

lib/kitchen/provisioner/ansible_playbook.rb

@@ -279,6 +279,7 @@ def create_sandbox
         prepare_lookup_plugins
         prepare_ansible_vault_password_file
         prepare_kerberos_conf_file
+        prepare_additional_ssh_private_keys
         info('Finished Preparing files for transfer')
       end
 
@@ -320,6 +321,12 @@ def prepare_command
           end
         end
 
+        if config[:additional_ssh_private_keys]
+          commands << [
+            sudo_env('cp -r'), File.join(config[:root_path], 'ssh_private_keys'), '~/.ssh'
+          ].join(' ')
+        end
+
         if ansible_inventory
           if File.directory?(ansible_inventory)
             Dir.foreach(ansible_inventory) do |f|
@@ -355,6 +362,7 @@ def prepare_command
         end
 
         command = commands.join(' && ')
+        debug("*** COMMAND TO RUN:")
         debug(command)
         command
       end
@@ -571,6 +579,10 @@ def tmp_lookup_plugins_dir
         File.join(sandbox_path, 'lookup_plugins')
       end
 
+      def tmp_additional_ssh_private_keys_dir
+        File.join(sandbox_path, 'ssh_private_keys')
+      end
+
       def tmp_ansible_vault_password_file_path
         File.join(sandbox_path, File.basename(ansible_vault_password_file).reverse.chomp('.').reverse)
       end
@@ -1096,6 +1108,19 @@ def prepare_lookup_plugins
         end
       end
 
+      def prepare_additional_ssh_private_keys
+        info('Preparing additional_ssh_private_keys')
+        FileUtils.mkdir_p(tmp_additional_ssh_private_keys_dir)
+        if config[:additional_ssh_private_keys]
+          config[:additional_ssh_private_keys].each do |key|
+            debug("Adding additional_ssh_private_key file #{key}")
+            FileUtils.cp_r(key, tmp_additional_ssh_private_keys_dir, remove_destination: true)
+          end
+        else
+          info 'nothing to do for additional_ssh_private_keys'
+        end
+      end
+
       def prepare_ansible_vault_password_file
         return unless ansible_vault_password_file
 

provisioner_options.md

@@ -28,6 +28,7 @@ key | default value | Notes
 ----|---------------|--------
 additional_copy_path | | Arbitrary array of files and directories to copy into test environment, relative to the current dir, e.g. vars or included playbooks
 additional_copy_role_path | false | additional_copy_path directories are appended to the ANSIBLE_ROLES_PATH env var when running ansible
+additional_ssh_private_keys | | List of additional ssh private key files to be added to ~/.ssh
 ansible_apt_repo | ppa:ansible/ansible | `apt` repo; see `https://launchpad.net` `/~ansible/+archive/ubuntu/ansible` or `rquillo/ansible`
 ansible_binary_path | NULL | If specified this will override the location where `kitchen` tries to run `ansible-playbook` from, i.e. `ansible_binary_path: /usr/local/bin`
 ansible_check | false | Sets the `--check` flag when running Ansible