From b4ae663ca7c337fd50db3aa4a18f8e6cc12bb43f Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 8 Sep 2019 10:17:06 +0200
Subject: [PATCH] Switch /etc/ssh/userkeys/buildd-uploader to collected
 snippets

---
 modules/roles/manifests/ssh_upload.pp         |  5 ++-
 ...upload_buildd-uploader-authorized_keys.erb | 43 -------------------
 2 files changed, 3 insertions(+), 45 deletions(-)
 delete mode 100644 modules/roles/templates/ssh_upload_buildd-uploader-authorized_keys.erb

diff --git a/modules/roles/manifests/ssh_upload.pp b/modules/roles/manifests/ssh_upload.pp
index 939042443..49b9797c9 100644
--- a/modules/roles/manifests/ssh_upload.pp
+++ b/modules/roles/manifests/ssh_upload.pp
@@ -1,6 +1,7 @@
 class roles::ssh_upload {
-  file { '/etc/ssh/userkeys/buildd-uploader':
-    content => template('roles/ssh_upload_buildd-uploader-authorized_keys.erb'),
+  ssh::authorized_key_collect { 'buildd-uploader':
+    target_user => 'buildd-uploader',
+    collect_tag => 'buildd_upload',
   }
 
   file { '/home/buildd-uploader/rsync-ssh-wrap':
diff --git a/modules/roles/templates/ssh_upload_buildd-uploader-authorized_keys.erb b/modules/roles/templates/ssh_upload_buildd-uploader-authorized_keys.erb
deleted file mode 100644
index ad506d04b..000000000
--- a/modules/roles/templates/ssh_upload_buildd-uploader-authorized_keys.erb
+++ /dev/null
@@ -1,43 +0,0 @@
-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-##
-
-<%=
-def getbuilddkey(host)
-  key = nil
-  begin
-    facts = YAML.load(File.open("/var/lib/puppet/yaml/facts/#{host}.yaml").read)
-    return facts.values['buildd_key']
-  rescue Exception => e
-  end
-  return key
-end
-
-allnodeinfo = scope.lookupvar('site::allnodeinfo')
-buildds = []
-
-allnodeinfo.keys.sort.each do |node|
-  next unless scope.lookupvar('site::allnodeinfo')[node]['purpose']
-  next unless scope.lookupvar('site::allnodeinfo')[node]['purpose'].include?('buildd')
-  key = getbuilddkey(node)
-  buildds << { 'node' => node, 'addr' => allnodeinfo[node]['ipHostNumber'], 'key' => key}
-end
-
-lines = []
-for m in buildds do
-  lines << '# ' + m['node']
-  if m['key'].nil?
-    lines << "## no key for node"
-  else
-    lines << "command=\"/home/buildd-uploader/rsync-ssh-wrap #{m['node'].split('.')[0]}\"," +
-             'restrict,' +
-             'from="' + m['addr'].join(',') + '" ' +
-             m['key']
-  end
-end
-
-lines.join("\n")
-# vim:set et:
-# vim:set sts=4 ts=4:
-# vim:set shiftwidth=4:
-%>
-- 
2.20.1