diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index 6c133ec..7e5a473 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -2,173 +2,211 @@
**Topics**
-- v2\.1\.0
+- v2\.3\.0
- Release Summary
+ - New Plugins
+ - Test
+- v2\.2\.0
+ - Release Summary
- Major Changes
+- v2\.1\.0
+ - Release Summary
+ - Major Changes
- Minor Changes
- v2\.0\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v2\.0\.0
- - Release Summary
- - Major Changes
-- v1\.36\.1
- - Release Summary
- - Minor Changes
-- v1\.36\.0
- Release Summary
- Major Changes
-- v1\.35\.0
+- v1\.36\.1
- Release Summary
-- v1\.34\.0
+ - Minor Changes
+- v1\.36\.0
- Release Summary
- Major Changes
-- v1\.33\.1
+- v1\.35\.0
- Release Summary
- - Minor Changes
-- v1\.33\.0
+- v1\.34\.0
- Release Summary
- Major Changes
-- v1\.32\.0
+- v1\.33\.1
- Release Summary
+ - Minor Changes
+- v1\.33\.0
+ - Release Summary
- Major Changes
+- v1\.32\.0
+ - Release Summary
+ - Major Changes
- v1\.31\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.31\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- v1\.30\.3
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.30\.2
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.30\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.30\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- Minor Changes
- v1\.29\.0
- - Release Summary
+ - Release Summary
- v1\.28\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- Minor Changes
- v1\.27\.0
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.26\.0
- - Release Summary
-- v1\.25\.0
- - Release Summary
-- v1\.24\.0
- Release Summary
-- v1\.23\.1
+- v1\.25\.0
- Release Summary
- - Major Changes
-- v1\.23\.0
+- v1\.24\.0
- Release Summary
+- v1\.23\.1
+ - Release Summary
- Major Changes
+- v1\.23\.0
+ - Release Summary
+ - Major Changes
- v1\.22\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.22\.0
- - Release Summary
+ - Release Summary
- v1\.21\.0
- v1\.20\.0
- - Release Summary
- - Major Changes
-- v1\.19\.0
- - Release Summary
+ - Release Summary
- Major Changes
+- v1\.19\.0
+ - Release Summary
+ - Major Changes
- v1\.18\.0
- v1\.17\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- v1\.16\.0
- v1\.15\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.15\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- v1\.14\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.14\.0
- v1\.13\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- v1\.12\.0
- - Release Summary
+ - Release Summary
- v1\.11\.0
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.10\.0
- - Release Summary
+ - Release Summary
- v1\.9\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.9\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- v1\.3\.2
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.3\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.3\.0
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.2\.2
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.2\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.2\.0
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- v1\.1\.2
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.1\.1
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.1\.0
- - Release Summary
+ - Release Summary
- v1\.0\.5
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.0\.4
- - Release Summary
- - Major Changes
+ - Release Summary
+ - Major Changes
- Minor Changes
- v1\.0\.3
- - Release Summary
+ - Release Summary
- Minor Changes
- v1\.0\.2
- - Release Summary
- - Major Changes
-- v1\.0\.0
- - Release Summary
+ - Release Summary
- Major Changes
+- v1\.0\.0
+ - Release Summary
+ - Major Changes
-
-## v2\.1\.0
+
+## v2\.3\.0
### Release Summary
Feature release
+
+### New Plugins
+
+
+#### Test
+
+* sap\.sap\_operations\.app\_instance \- Test to check if the provided sap instance is SAP application instance\.
+* sap\.sap\_operations\.ascs\_instance \- Test to check if the provided sap instance is SAP ASCS instance\.
+* sap\.sap\_operations\.hana\_instance \- Test to check if the provided sap instance is SAP HANA instance\.
+
+
+## v2\.2\.0
+
+
+### Release Summary
+
+Feature release
+
### Major Changes
+* add role ssh\_keys\_distribute
+
+
+## v2\.1\.0
+
+
+### Release Summary
+
+Feature release
+
+
+### Major Changes
+
* add sample\_hana\_present\_e2e playbook to demonstrate how collection content can be used to manage SAP HANA
@@ -190,7 +228,7 @@ Feature release
## v2\.0\.1
-
+
### Release Summary
Minor corrections
@@ -203,12 +241,12 @@ Minor corrections
## v2\.0\.0
-
+
### Release Summary
Lifecycle release
-
+
### Major Changes
* clarify what RHEL for SAP versions are supported
@@ -217,7 +255,7 @@ Lifecycle release
## v1\.36\.1
-
+
### Release Summary
Bugfix release
@@ -232,12 +270,12 @@ Bugfix release
## v1\.36\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* add role swmp \- to manage SAP SWPM \(download\, install\, uninstall\)
@@ -245,7 +283,7 @@ Feature release
## v1\.35\.0
-
+
### Release Summary
Feature release
@@ -253,12 +291,12 @@ Feature release
## v1\.34\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* add role hana\_preconfigure
@@ -266,7 +304,7 @@ Feature release
## v1\.33\.1
-
+
### Release Summary
Documentation fix release
@@ -279,12 +317,12 @@ Documentation fix release
## v1\.33\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* add filter plugin \- me\_aliases
@@ -295,12 +333,12 @@ Feature release
## v1\.32\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* add role general\_preconfigure
@@ -308,7 +346,7 @@ Feature release
## v1\.31\.1
-
+
### Release Summary
Feature release
@@ -321,12 +359,12 @@ Feature release
## v1\.31\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* add \'commands\' show\_c and show\_w as mandated by GPL\-3\.0 license
@@ -334,7 +372,7 @@ Feature release
## v1\.30\.3
-
+
### Release Summary
Bugfix release
@@ -348,7 +386,7 @@ Bugfix release
## v1\.30\.2
-
+
### Release Summary
Lifecycle release
@@ -361,7 +399,7 @@ Lifecycle release
## v1\.30\.1
-
+
### Release Summary
Bugfix release
@@ -376,12 +414,12 @@ Bugfix release
## v1\.30\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* role \- download \- download SAP software from SWDC
@@ -395,7 +433,7 @@ Feature release
## v1\.29\.0
-
+
### Release Summary
Feature release
@@ -403,12 +441,12 @@ Feature release
## v1\.28\.0
-
+
### Release Summary
Feature and bugfix release
-
+
### Major Changes
* add role powershell \- to manage powershell installation
@@ -424,7 +462,7 @@ Feature and bugfix release
## v1\.27\.0
-
+
### Release Summary
Feature release
@@ -438,7 +476,7 @@ Feature release
## v1\.26\.0
-
+
### Release Summary
Feature release
@@ -446,7 +484,7 @@ Feature release
## v1\.25\.0
-
+
### Release Summary
Feature release
@@ -454,7 +492,7 @@ Feature release
## v1\.24\.0
-
+
### Release Summary
Feature release
@@ -462,12 +500,12 @@ Feature release
## v1\.23\.1
-
+
### Release Summary
Documentation release
-
+
### Major Changes
* Added documentation website docs\.galaxy\.saponrhel\.org
@@ -475,12 +513,12 @@ Documentation release
## v1\.23\.0
-
+
### Release Summary
Maintenance release
-
+
### Major Changes
* minimal ansible version supported is 2\.15
@@ -488,7 +526,7 @@ Maintenance release
## v1\.22\.1
-
+
### Release Summary
Documentation release
@@ -502,7 +540,7 @@ Documentation release
## v1\.22\.0
-
+
### Release Summary
Feature release
@@ -513,12 +551,12 @@ Feature release
## v1\.20\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* Add role cf \- to manage Cloud Foundry cli
@@ -526,12 +564,12 @@ Feature release
## v1\.19\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* Add role cloudconnector
@@ -542,12 +580,12 @@ Feature release
## v1\.17\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* Add role sapjvm
@@ -558,7 +596,7 @@ Feature release
## v1\.15\.1
-
+
### Release Summary
Bugfix release
@@ -571,12 +609,12 @@ Bugfix release
## v1\.15\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* Add role hana
@@ -584,7 +622,7 @@ Feature release
## v1\.14\.1
-
+
### Release Summary
Bug fix release
@@ -601,12 +639,12 @@ Bug fix release
## v1\.13\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* Add ABAP transport management modules
@@ -614,7 +652,7 @@ Feature release
## v1\.12\.0
-
+
### Release Summary
Feature release
@@ -622,7 +660,7 @@ Feature release
## v1\.11\.0
-
+
### Release Summary
Feature release
@@ -635,7 +673,7 @@ Feature release
## v1\.10\.0
-
+
### Release Summary
Feature release
@@ -643,7 +681,7 @@ Feature release
## v1\.9\.1
-
+
### Release Summary
Bug fix release
@@ -657,12 +695,12 @@ Bug fix release
## v1\.9\.0
-
+
### Release Summary
Lifecycle release
-
+
### Major Changes
* Add \'all\' and \'any\' filter and test plugins
@@ -675,7 +713,7 @@ Lifecycle release
## v1\.3\.2
-
+
### Release Summary
Bugfix release
@@ -688,7 +726,7 @@ Bugfix release
## v1\.3\.1
-
+
### Release Summary
Bugfix release
@@ -701,7 +739,7 @@ Bugfix release
## v1\.3\.0
-
+
### Release Summary
Feature release
@@ -716,7 +754,7 @@ Feature release
## v1\.2\.2
-
+
### Release Summary
Feature release
@@ -729,7 +767,7 @@ Feature release
## v1\.2\.1
-
+
### Release Summary
Feature release
@@ -742,12 +780,12 @@ Feature release
## v1\.2\.0
-
+
### Release Summary
Feature release
-
+
### Major Changes
* Introduction of NW RFC modules to connect to manage SAP ABAP system with Ansible
@@ -755,7 +793,7 @@ Feature release
## v1\.1\.2
-
+
### Release Summary
Bug Fix Release
@@ -768,7 +806,7 @@ Bug Fix Release
## v1\.1\.1
-
+
### Release Summary
Bug Fix Release
@@ -784,7 +822,7 @@ Bug Fix Release
## v1\.1\.0
-
+
### Release Summary
Feature Release
@@ -792,7 +830,7 @@ Feature Release
## v1\.0\.5
-
+
### Release Summary
Bug fix release
@@ -805,12 +843,12 @@ Bug fix release
## v1\.0\.4
-
+
### Release Summary
Two roles are added hana\_update and prepare
-
+
### Major Changes
* Role hana\_update \- update SAP HANA system
@@ -824,7 +862,7 @@ Two roles are added hana\_update and
## v1\.0\.3
-
+
### Release Summary
Using changelog fragments to build collection changelog\.
@@ -838,12 +876,12 @@ Using changelog fragments to build collection changelog\.
## v1\.0\.2
-
+
### Release Summary
First release of SAP Operations collection\.
-
+
### Major Changes
* parameter\_info \- module to fetch parameter information\.
@@ -855,12 +893,12 @@ First release of SAP Operations collection\.
## v1\.0\.0
-
+
### Release Summary
First release of SAP Operations collection\.
-
+
### Major Changes
* parameter\_info \- module to fetch parameter information\.
diff --git a/galaxy.yml b/galaxy.yml
index 9eead16..675eec4 100644
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -24,7 +24,7 @@ namespace: sap
name: sap_operations
-version: 2.1.0
+version: 2.3.0
readme: README.md
@@ -53,7 +53,8 @@ tags:
- cloud
- pacemaker
-dependencies: {}
+dependencies:
+ "community.crypto": ">=2.22.2"
repository: https://github.com/redhat-sap/rh_operations
diff --git a/plugins/test/app_instance.yml b/plugins/test/app_instance.yml
new file mode 100644
index 0000000..67b5b07
--- /dev/null
+++ b/plugins/test/app_instance.yml
@@ -0,0 +1,55 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+DOCUMENTATION:
+ name: app_instance
+ author: Kirill Satarin (@kksat)
+ extends_documentation_fragment: sap.sap_operations.community
+ version_added: 2.3.0
+ short_description: Test to check if the provided sap instance is SAP application instance.
+ description:
+ - Test to check if the provided sap instance is SAP application instance.
+ - This test filter is expected to be used with combination of sap.sap_operations.host_info module
+ - Type of instance is determined by processes this instance runs (ProcessList value)
+ options:
+ value:
+ description: One of the instances, returned by sap.sap_operations.host_info
+ required: true
+ seealso:
+ - module: sap.sap_operations.host_info
+
+EXAMPLES: |
+ - name: Get all sap instances
+ sap.sap_operations.host_info:
+ become: true
+ become_user: root
+ register: host_info
+
+ - name: Filter only SAP APP instances
+ ansible.builtin.debug:
+ msg: "{{ host_info.instances | select('sap.sap_operations.app_instance') }}"
+
+RETURN:
+ _value:
+ type: boolean
+ description: True if instance is SAP APP instance
+ example: true
diff --git a/plugins/test/ascs_instance.yml b/plugins/test/ascs_instance.yml
new file mode 100644
index 0000000..b33358b
--- /dev/null
+++ b/plugins/test/ascs_instance.yml
@@ -0,0 +1,55 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+DOCUMENTATION:
+ name: ascs_instance
+ author: Kirill Satarin (@kksat)
+ extends_documentation_fragment: sap.sap_operations.community
+ version_added: 2.3.0
+ short_description: Test to check if the provided sap instance is SAP ASCS instance.
+ description:
+ - Test to check if the provided sap instance is SAP ASCS instance.
+ - This test filter is expected to be used with combination of sap.sap_operations.host_info module
+ - Type of instance is determined by processes this instance runs (ProcessList value)
+ options:
+ value:
+ description: One of the instances, returned by sap.sap_operations.host_info
+ required: true
+ seealso:
+ - module: sap.sap_operations.host_info
+
+EXAMPLES: |
+ - name: Get all sap instances
+ sap.sap_operations.host_info:
+ become: true
+ become_user: root
+ register: host_info
+
+ - name: Filter only SAP ASCS instances
+ ansible.builtin.debug:
+ msg: "{{ host_info.instances | select('sap.sap_operations.ascs_instance') }}"
+
+RETURN:
+ _value:
+ type: boolean
+ description: True if instance is SAP ASCS instance
+ example: true
diff --git a/plugins/test/hana_instance.yml b/plugins/test/hana_instance.yml
new file mode 100644
index 0000000..a120ebf
--- /dev/null
+++ b/plugins/test/hana_instance.yml
@@ -0,0 +1,55 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+DOCUMENTATION:
+ name: hana_instance
+ author: Kirill Satarin (@kksat)
+ extends_documentation_fragment: sap.sap_operations.community
+ version_added: 2.3.0
+ short_description: Test to check if the provided sap instance is SAP HANA instance.
+ description:
+ - Test to check if the provided sap instance is SAP HANA instance.
+ - This test filter is expected to be used with combination of sap.sap_operations.host_info module
+ - Type of instance is determined by processes this instance runs (ProcessList value)
+ options:
+ value:
+ description: One of the instances, returned by sap.sap_operations.host_info
+ required: true
+ seealso:
+ - module: sap.sap_operations.host_info
+
+EXAMPLES: |
+ - name: Get all sap instances
+ sap.sap_operations.host_info:
+ become: true
+ become_user: root
+ register: host_info
+
+ - name: Filter only SAP HANA instances
+ ansible.builtin.debug:
+ msg: "{{ host_info.instances | select('sap.sap_operations.hana_instance') }}"
+
+RETURN:
+ _value:
+ type: boolean
+ description: True if instance is SAP HANA instance
+ example: true
diff --git a/plugins/test/sap_instances.py b/plugins/test/sap_instances.py
new file mode 100644
index 0000000..2d54b34
--- /dev/null
+++ b/plugins/test/sap_instances.py
@@ -0,0 +1,55 @@
+# -*- coding: utf-8 -*-
+
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+
+def sap_instance(name: str, description: str):
+ def f(instance):
+ try:
+ return any(
+ instance_process["name"] == name
+ and instance_process["description"] == description
+ for instance_process in instance["ProcessList"]
+ )
+ except KeyError:
+ return False
+
+ return f
+
+
+def ascs_instance(instance):
+ return sap_instance(name="enserver", description="EnqueueServer")(
+ instance
+ ) and sap_instance(name="msg_server", description="MessageServer")(instance)
+
+
+class TestModule(object):
+ def tests(self):
+ return {
+ "hana_instance": sap_instance(name="hdbdaemon", description="HDB Daemon"),
+ "app_instance": sap_instance(name="disp+work", description="Dispatcher"),
+ "ascs_instance": ascs_instance,
+ }
diff --git a/roles/ssh_keys_distribute/README.md b/roles/ssh_keys_distribute/README.md
new file mode 100644
index 0000000..aa519b0
--- /dev/null
+++ b/roles/ssh_keys_distribute/README.md
@@ -0,0 +1,127 @@
+
+
+# ssh_keys_distribute
+
+Generate and distribute ssh keys for host to host communication
+
+
+Generate and distribute ssh keys for host to host communication
+Role has two modes of operation - present and absent, see variable ssh_keys_distribute_state
+If state=present role will ensure that ssh key (see below about key name)
+is present, key will be generated if absent, key will never be regenerated.
+After that role will distribute this key to other hosts, see how list of hosts defined below.
+
+If state=absent, role will make sure that key authorization on all hosts is removed.
+ssh key, even if it was generated will not be removed by the role.
+
+
+
+
+## Role Variables
+
+### Required parameters:
+
+
+
+#### ssh_keys_distribute_state
+
+
+_Type:_ `str`
+
+_Default:_ `present`
+
+_Required:_ `False`
+_Choices:_
+- present
+- absent
+_Description:_
+State=present - role will ensure that ssh keys are present (generated)
+State=absent - role will ensure that ssh key with name defined in variable ssh_keys_distribute_key
+cannot be used to login to hosts (using user defined in ssh_keys_distribute_user)
+
+
+
+
+#### ssh_keys_distribute_user
+
+
+_Type:_ `str`
+
+_Default:_ `root`
+
+_Required:_ `False`
+_Description:_
+User for which key if be generated (if required) and distributed to all the hosts
+ansible_user should be able to sudo to this user
+
+
+
+
+#### ssh_keys_distribute_key
+
+
+_Type:_ `str`
+
+_Default:_ `id_rsa`
+
+_Required:_ `False`
+_Description:_
+Name of the key to distribute, should not contain '*.pub'
+
+
+
+#### ssh_keys_distribute_hosts
+
+
+_Type:_ `list`
+
+
+_Required:_ `False`
+_Description:_
+Lists of hosts, where key will be distributed, default value is ansible magic variable ansible_play_hosts
+
+
+
+
+## Limitations
+
+
+
+## Dependencies
+
+Role depend on collection community.crypto
+
+## Example Playbooks
+
+ - name: Run role ssh_keys_distribute
+ ansible.builtin.include_role:
+ name: sap.sap_operations.ssh_keys_distribute
+
+## License
+
+GPL-3.0-only
+
+## Author Information
+
+Kirill Satarin (@kksat)
diff --git a/roles/ssh_keys_distribute/defaults/main.yml b/roles/ssh_keys_distribute/defaults/main.yml
new file mode 100644
index 0000000..6e23a0f
--- /dev/null
+++ b/roles/ssh_keys_distribute/defaults/main.yml
@@ -0,0 +1,26 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+ssh_keys_distribute_state: present
+ssh_keys_distribute_user: root
+ssh_keys_distribute_key: id_rsa
+ssh_keys_distribute_hosts: "{{ ansible_play_hosts }}"
diff --git a/roles/ssh_keys_distribute/meta/argument_specs.yml b/roles/ssh_keys_distribute/meta/argument_specs.yml
new file mode 100644
index 0000000..8e4a053
--- /dev/null
+++ b/roles/ssh_keys_distribute/meta/argument_specs.yml
@@ -0,0 +1,97 @@
+---
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+argument_specs:
+ main:
+ short_description: Generate and distribute ssh keys for host to host communication
+ description:
+ - Generate and distribute ssh keys for host to host communication
+ - Role has two modes of operation - present and absent, see variable ssh_keys_distribute_state
+ - |
+ If state=present role will ensure that ssh key (see below about key name)
+ is present, key will be generated if absent, key will never be regenerated.
+ After that role will distribute this key to other hosts, see how list of hosts defined below.
+ - |
+ If state=absent, role will make sure that key authorization on all hosts is removed.
+ ssh key, even if it was generated will not be removed by the role.
+
+ options:
+ ssh_keys_distribute_state:
+ description: |
+ State=present - role will ensure that ssh keys are present (generated)
+ State=absent - role will ensure that ssh key with name defined in variable ssh_keys_distribute_key
+ cannot be used to login to hosts (using user defined in ssh_keys_distribute_user)
+ type: str
+ choices:
+ - present
+ - absent
+ required: false
+ default: present
+ ssh_keys_distribute_user:
+ description: |
+ User for which key if be generated (if required) and distributed to all the hosts
+ ansible_user should be able to sudo to this user
+ type: str
+ required: false
+ default: root
+ ssh_keys_distribute_key:
+ description: Name of the key to distribute, should not contain '*.pub'
+ type: str
+ required: false
+ default: id_rsa
+ ssh_keys_distribute_hosts:
+ description: Lists of hosts, where key will be distributed, default value is ansible magic variable ansible_play_hosts
+ type: list
+ elements: str
+ required: false
+
+ __limitations__:
+ options: {}
+ short_description: Limitations
+ description:
+ - ""
+
+ __dependencies__:
+ options: {}
+ short_description: Dependencies
+ description:
+ - Role depend on collection community.crypto
+
+ __examples__:
+ options: {}
+ short_description: Example Playbooks
+ description:
+ - " - name: Run role ssh_keys_distribute"
+ - " ansible.builtin.include_role:"
+ - " name: sap.sap_operations.ssh_keys_distribute"
+
+ __license__:
+ options: {}
+ short_description: License
+ description:
+ - GPL-3.0-only
+
+ __author__:
+ options: {}
+ short_description: Author Information
+ description:
+ - Kirill Satarin (@kksat)
diff --git a/roles/ssh_keys_distribute/meta/main.yml b/roles/ssh_keys_distribute/meta/main.yml
new file mode 100644
index 0000000..fbed444
--- /dev/null
+++ b/roles/ssh_keys_distribute/meta/main.yml
@@ -0,0 +1,34 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+galaxy_info:
+ author: Kirill Satarin
+ description: Generate and distribute ssh keys for host to host communication
+ license: GPL-3.0-only
+ min_ansible_version: "2.15"
+ platforms:
+ - name: EL
+ versions:
+ - "8"
+ - "9"
+ galaxy_tags: []
+dependencies: []
diff --git a/roles/ssh_keys_distribute/tasks/absent.yml b/roles/ssh_keys_distribute/tasks/absent.yml
new file mode 100644
index 0000000..0ca0b9f
--- /dev/null
+++ b/roles/ssh_keys_distribute/tasks/absent.yml
@@ -0,0 +1,40 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+- name: Slurp ssh public key
+ ansible.builtin.slurp:
+ src: "~/.ssh/{{ ssh_keys_distribute_key }}.pub"
+ become: true
+ become_user: "{{ ssh_keys_distribute_user }}"
+ register: ssh_keys_distribute_slurp
+
+- name: Remove ssh key authorization on all hosts
+ ansible.posix.authorized_key:
+ user: "{{ ssh_keys_distribute_user }}"
+ state: absent
+ key: "{{ ssh_keys_distribute_slurp.content | b64decode }}"
+ become: true
+ become_user: "{{ ssh_keys_distribute_user }}"
+ delegate_to: "{{ host_item }}"
+ loop: "{{ ssh_keys_distribute_hosts }}"
+ loop_control:
+ loop_var: host_item
diff --git a/roles/ssh_keys_distribute/tasks/main.yml b/roles/ssh_keys_distribute/tasks/main.yml
new file mode 100644
index 0000000..bdd6e37
--- /dev/null
+++ b/roles/ssh_keys_distribute/tasks/main.yml
@@ -0,0 +1,25 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+- name: Include tasks depending on state
+ ansible.builtin.include_tasks:
+ file: "{{ ssh_keys_distribute_state }}.yml"
diff --git a/roles/ssh_keys_distribute/tasks/present.yml b/roles/ssh_keys_distribute/tasks/present.yml
new file mode 100644
index 0000000..3422aeb
--- /dev/null
+++ b/roles/ssh_keys_distribute/tasks/present.yml
@@ -0,0 +1,55 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2024 Red Hat, Project Atmosphere
+#
+# Copyright 2024 Red Hat, Project Atmosphere
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU
+# General Public License as published by the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU General Public License for more details.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# You should have received a copy of the GNU General Public License along with this program.
+# If not, see .
+
+---
+- name: Create ~/.ssh directory if it does not exist
+ ansible.builtin.file:
+ path: ~/.ssh
+ state: directory
+ mode: '0700'
+ become: true
+ become_user: "{{ ssh_keys_distribute_user }}"
+
+- name: Generate an OpenSSH keypair
+ community.crypto.openssh_keypair:
+ path: "~/.ssh/{{ ssh_keys_distribute_key }}"
+ regenerate: never
+ become: true
+ become_user: "{{ ssh_keys_distribute_user }}"
+
+- name: Slurp ssh public key
+ ansible.builtin.slurp:
+ src: "~/.ssh/{{ ssh_keys_distribute_key }}.pub"
+ become: true
+ become_user: "{{ ssh_keys_distribute_user }}"
+ register: ssh_keys_distribute_slurp
+
+- name: Authorize ssh key on all hosts
+ ansible.posix.authorized_key:
+ user: "{{ ssh_keys_distribute_user }}"
+ state: present
+ key: "{{ ssh_keys_distribute_slurp.content | b64decode }}"
+ become: true
+ become_user: "{{ ssh_keys_distribute_user }}"
+ delegate_to: "{{ host_item }}"
+ loop: "{{ ssh_keys_distribute_hosts }}"
+ loop_control:
+ loop_var: host_item