From: Dimitri Savineau <dsavinea@redhat.com>
Date: Fri, 28 Feb 2020 14:42:44 +0000 (-0500)
Subject: ceph-validate: add key format validation
X-Git-Tag: v6.0.0alpha1~38
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=be8b3151026bef9a28d34bb7f0e1b40fa0861179;p=ceph-ansible.git

ceph-validate: add key format validation

If the user provides manually the key value for a specific keyring then
there's not valation on the content which could lead to unexpected
failures in the ceph_key module.

Closes: #5104

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
---

diff --git a/roles/ceph-validate/tasks/main.yml b/roles/ceph-validate/tasks/main.yml
index 71d5b2a9b..58c080422 100644
--- a/roles/ceph-validate/tasks/main.yml
+++ b/roles/ceph-validate/tasks/main.yml
@@ -239,3 +239,34 @@
     - ceph_docker_registry_auth | bool
     - (ceph_docker_registry_username is not defined or ceph_docker_registry_password is not defined) or
       (ceph_docker_registry_username | length == 0 or ceph_docker_registry_password | length == 0)
+
+- name: validate openstack_keys key format
+  fail:
+    msg: '{{ item.name }} key format invalid'
+  with_items: '{{ openstack_keys }}'
+  when:
+    - osd_group_name in group_names
+    - openstack_keys is defined
+    - openstack_keys | length > 0
+    - item.key is defined
+    - item.key is not match("^[a-zA-Z0-9+/]{38}==$")
+
+- name: validate clients keys key format
+  fail:
+    msg: '{{ item.name }} key format invalid'
+  with_items: '{{ keys }}'
+  when:
+    - client_group_name in group_names
+    - keys is defined
+    - keys | length > 0
+    - item.key is defined
+    - item.key is not match("^[a-zA-Z0-9+/]{38}==$")
+
+- name: validate ceph_nfs_ceph_user key format
+  fail:
+    msg: '{{ ceph_nfs_ceph_user.name }} key format invalid'
+  when:
+    - client_group_name in group_names
+    - ceph_nfs_ceph_user is defined
+    - ceph_nfs_ceph_user.key is defined
+    - ceph_nfs_ceph_user.key is not match("^[a-zA-Z0-9+/]{38}==$")