support raw value for ssh keys in addition to paths (#159)

* support raw value for ssh keys in addion to paths * support raw value for ssh keys in addion to paths * moved ssh key type check to linux vm resource * moving ssh value to a new variable * tf fmt * Update README.md change name to `ssh_key_values` * Update main.tf * Update main.tf * Update variables.tf * Update README.md format Co-authored-by: Yuping Wei <[email protected]>
Azure · Dec 15, 2020 · 1c6986b · 1c6986b
1 parent 08cf99e
commit 1c6986b
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -148,7 +148,8 @@ More specifically this provisions:
   When ssh keys are enabled you can either
   - use the default "~/.ssh/id_rsa.pub"
   - set one key by setting a path in ssh_key variable. e.g "joey_id_rsa.pub"
-  - set shh_key and add zero or more files paths in extra_ssh_keys variable e.g. ["ross_id_rsa.pub", "rachel_id_rsa.pub"] (since v3.8.0)
+  - set ssh_key and add zero or more files paths in extra_ssh_keys variable e.g. ["ross_id_rsa.pub", "rachel_id_rsa.pub"] (since v3.8.0)
+  - set ssh_key_values as a list of raw public ssh keys values or refer it to a data source with the public key value, e.g. `["ssh-rsa AAAAB3NzaC1yc..."]`
 
 4 - You can install custom certificates / secrets on the virtual machine from Key Vault by using the variable `os_profile_secrets`.
 
@@ -197,6 +198,7 @@ module "linuxservers" {
   data_disk_size_gb             = 64
   data_sa_type                  = "Premium_LRS"
   enable_ssh_key                = true
+  ssh_key_values                = ["ssh-rsa AAAAB3NzaC1yc2EAAAAD..."]  
   vm_size                       = "Standard_D4s_v3"
 
   tags = {

diff --git a/main.tf b/main.tf
@@ -108,6 +108,15 @@ resource "azurerm_virtual_machine" "vm-linux" {
         key_data = file(ssh_keys.value)
       }
     }
+
+    dynamic ssh_keys {
+      for_each = var.enable_ssh_key ? var.ssh_key_values : []
+      content {
+        path     = "/home/${var.admin_username}/.ssh/authorized_keys"
+        key_data = ssh_keys.value
+      }
+    }
+
   }
 
   dynamic "os_profile_secrets" {

diff --git a/test/fixture/main.tf b/test/fixture/main.tf
@@ -100,6 +100,20 @@ module "debianservers" {
   depends_on = [azurerm_resource_group.test]
 }
 
+module "debianservers2" {
+  source              = "../../"
+  vm_hostname         = "${random_id.ip_dns.hex}-d2"
+  resource_group_name = azurerm_resource_group.test.name
+  location            = var.location_alt
+  admin_username      = var.admin_username
+  vm_os_simple        = var.vm_os_simple_2
+  vnet_subnet_id      = azurerm_subnet.subnet2.id
+  enable_ssh_key      = true
+  ssh_key_values      = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8GIRF1Snlg9NKCmM74RHXqRGMXyui088+ntQqkQkFIL/BrlgP3CzOgHQmJ+3f0Up/+9UY9vX7AmT7WxVTyqBHT/Aes3VmU3wLO5/MMV/HRrT4z2QV/80futhxjk2unNdWGvbFcR6Y3I44EJFmr8GMbyXRtr0ibuv8BlTYx/K6AXSJ3V+kBqXMOF1QRvVoX9fJKPKjMsebe0cB1IYlm9KLqtciMy+aFOEsSNfrw5cNVsQfK3BgOUKAHsLfBiR7imA2ca+hh005GEtcVJvpvFzcM+bZggUpdqQwIzk1Kv/tROiJiGS0NnyzoxIZYeM3z/mQ5qnglp+174XGCG66EAnVdf5kbaI0Iu7FpAmVhJ92N+MNKoP6vT8cMkYYZf3RaiMMnzjswK/VLbb5ks6Qe9qEPXW1IBtkaaF7+0PCWbPr86I0G2bOa2tFyOHm046Z9sRlkaOO95hmer6Y6MUbMpfeprmjR87u6MVOPglnARfV3UI9i6wOUhVVIi6Wb424HWU="]
+
+  depends_on = [azurerm_resource_group.test]
+}
+
 module "windowsservers" {
   source              = "../../"
   vm_hostname         = "${random_id.ip_dns.hex}-w" // line can be removed if only one VM module per resource group

diff --git a/variables.tf b/variables.tf
@@ -38,6 +38,11 @@ variable "ssh_key" {
   default     = "~/.ssh/id_rsa.pub"
 }
 
+variable "ssh_key_values" {
+  description = "List of Public SSH Keys values to be used for ssh access to the VMs."
+  type        = list(string)
+  default     = []
+}
 variable "remote_port" {
   description = "Remote tcp port to be used for access to the vms created via the nsg applied to the nics."
   type        = string