Empty ssh (#729)

* Make `openstack_private_ssh_key` optional

Before this, the deployer could not reasonably rely on their own SSH
configuration or e.g. using the `--private-key` option to
ansible-playbook because we always wrote the `ansible_private_key_file`
value in the static inventory.

This change makes the `openstack_private_ssh_key` variable truly
optional: if it's not set, the static inventory will not configure the
SSH key and will just rely on the existing configuration.

* Update the openstack e2e CI

It no longer sets the SSH keys explicitly -- which should just work with
the previous commit.

* Put back the `openstack_ssh_public_key` in CI

This is the option we actually need to keep. This sholud fix the CI
failures.

playbooks/provisioning/openstack/provision-openstack.yml

@@ -15,7 +15,7 @@
     - role: static_inventory
       when: openstack_inventory|default('static') == 'static'
       inventory_path: "{{ openstack_inventory_path|default(inventory_dir) }}"
-      private_ssh_key: "{{ openstack_private_ssh_key|default('~/.ssh/id_rsa') }}"
+      private_ssh_key: "{{ openstack_private_ssh_key|default('') }}"
       ssh_config_path: "{{ openstack_ssh_config_path|default('/tmp/ssh.config.openshift.ansible' + '.' + stack_name) }}"
       ssh_user: "{{ ansible_user }}"
 

roles/static_inventory/templates/inventory.j2

@@ -12,7 +12,7 @@
 %} public_v4={{ hostvars[host]['public_v4'] }}{% endif %}
 {% if 'ansible_user' in hostvars[host]
 %} ansible_user={{ hostvars[host]['ansible_user'] }}{% endif %}
-{% if 'ansible_private_key_file' in hostvars[host]
+{% if 'ansible_private_key_file' in hostvars[host] and hostvars[host]['ansible_private_key_file']
 %} ansible_private_key_file={{ hostvars[host]['ansible_private_key_file'] }}{% endif %}
 {% if use_bastion|bool and 'ansible_ssh_extra_args' in hostvars[host]
 %} ansible_ssh_extra_args={{ hostvars[host]['ansible_ssh_extra_args']|quote }}{% endif %} openshift_hostname={{ host }}