Add remote_src

plugins/modules/authorized_key.py

@@ -24,7 +24,7 @@ options:
   key:
     description:
       - The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
-      - You can also use absolute path on a target host to a file with SSH key(s)
+      - You can also use V(file://) prefix to search localy or remote for a file with SSH key(s) depending on O(remote_src) value.
     type: str
     required: true
   path:
@@ -81,6 +81,13 @@ options:
       - Follow path symlink instead of replacing it.
     type: bool
     default: false
+  remote_src:
+    description:
+      - Influence whether key needs to be transferred or already is present remotely.
+      - If V(false), it will search for src on the controller node.
+      - If V(true) it will search for src on the managed (remote) node.
+    type: bool
+    default: false
 author: Ansible Core Team
 '''
 
@@ -97,11 +104,12 @@ EXAMPLES = r'''
     state: present
     key: https://github.com/charlie.keys
 
-- name: Set authorized keys taken from path
+- name: Set authorized keys taken from path on controller node
   ansible.posix.authorized_key:
     user: charlie
     state: present
-    key: /home/charlie/.ssh/id_rsa.pub
+    key: file:///home/charlie/.ssh/id_rsa.pub
+    remote_src: true
 
 - name: Set authorized keys taken from url using lookup
   ansible.posix.authorized_key:
@@ -561,10 +569,11 @@ def enforce_state(module, params):
     exclusive = params.get("exclusive", False)
     comment = params.get("comment", None)
     follow = params.get('follow', False)
+    remote_src = params.get('remote_src', False)
     error_msg = "Error getting key from: %s"
 
-    # if the key is a url, request it and use it as key source
+    # if the key is a url or file, request it and use it as key source
-    if key.startswith("http"):
+    if key.startswith("http") or (key.startswith("file") and remote_src):
         try:
             resp, info = fetch_url(module, key)
             if info['status'] != 200:
@@ -577,18 +586,6 @@ def enforce_state(module, params):
         # resp.read gives bytes on python3, convert to native string type
         key = to_native(key, errors='surrogate_or_strict')
 
-    # if the key is an absolute path, check for existense and use it as a key source
-    if key.startswith("/"):
-        if not os.path.exists(key):
-            module.fail_json(msg="Path to a key file not found: %s" % key)
-        if not os.path.isfile(key):
-            module.fail_json(msg="Path to a key is a directory and must be a file: %s" % key)
-        try:
-            with open(key, 'r') as source_fh:
-                key = source_fh.read()
-        except OSError as e:
-            module.fail_json(msg="Failed to read key file %s : %s" % (key, to_native(e)))
-
     # extract individual keys into an array, skipping blank lines and comments
     new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]
 
@@ -701,6 +698,7 @@ def main():
             comment=dict(type='str'),
             validate_certs=dict(type='bool', default=True),
             follow=dict(type='bool', default=False),
+            remote_src=dict(type='bool', default=False),
         ),
         supports_check_mode=True,
     )