Merge 69c04cd5bd into 5321a9ecb5

plugins/modules/authorized_key.py

@@ -24,7 +24,7 @@ options:
   key:
     description:
       - The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
-      - You can also use V(file://) prefix to search localy or remote for a file with SSH key(s) depending on O(remote_src) value.
+      - You can also use absolute path on a target host to a file with SSH key(s)
     type: str
     required: true
   path:
@@ -81,13 +81,6 @@ options:
       - Follow path symlink instead of replacing it.
     type: bool
     default: false
-  remote_src:
-    description:
-      - Influence whether key needs to be transferred or already is present remotely.
-      - If V(false), it will search for src on the controller node.
-      - If V(true) it will search for src on the managed (remote) node.
-    type: bool
-    default: false
 author: Ansible Core Team
 '''
 
@@ -104,12 +97,11 @@ EXAMPLES = r'''
     state: present
     key: https://github.com/charlie.keys
 
-- name: Set authorized keys taken from path on controller node
+- name: Set authorized keys taken from path
   ansible.posix.authorized_key:
     user: charlie
     state: present
-    key: file:///home/charlie/.ssh/id_rsa.pub
+    key: /home/charlie/.ssh/id_rsa.pub
-    remote_src: true
 
 - name: Set authorized keys taken from url using lookup
   ansible.posix.authorized_key:
@@ -569,11 +561,10 @@ def enforce_state(module, params):
     exclusive = params.get("exclusive", False)
     comment = params.get("comment", None)
     follow = params.get('follow', False)
-    remote_src = params.get('remote_src', False)
     error_msg = "Error getting key from: %s"
 
-    # if the key is a url or file, request it and use it as key source
+    # if the key is a url, request it and use it as key source
-    if key.startswith("http") or (key.startswith("file") and remote_src):
+    if key.startswith("http"):
         try:
             resp, info = fetch_url(module, key)
             if info['status'] != 200:
@@ -586,6 +577,18 @@ def enforce_state(module, params):
         # resp.read gives bytes on python3, convert to native string type
         key = to_native(key, errors='surrogate_or_strict')
 
+    # if the key is an absolute path, check for existense and use it as a key source
+    if key.startswith("/"):
+        if not os.path.exists(key):
+            module.fail_json(msg="Path to a key file not found: %s" % key)
+        if not os.path.isfile(key):
+            module.fail_json(msg="Path to a key is a directory and must be a file: %s" % key)
+        try:
+            with open(key, 'r') as source_fh:
+                key = source_fh.read()
+        except OSError as e:
+            module.fail_json(msg="Failed to read key file %s : %s" % (key, to_native(e)))
+
     # extract individual keys into an array, skipping blank lines and comments
     new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]
 
@@ -698,7 +701,6 @@ def main():
             comment=dict(type='str'),
             validate_certs=dict(type='bool', default=True),
             follow=dict(type='bool', default=False),
-            remote_src=dict(type='bool', default=False),
         ),
         supports_check_mode=True,
     )