set network ssh key to be installed when filtering db

automation/roles/bubble/files/bubble_role.json

@@ -22,9 +22,8 @@
     {"name": "is_fork", "value": "[[fork]]"},
     {"name": "restore_key", "value": "[[restoreKey]]"},
     {"name": "restore_timeout", "value": "[[restoreTimeoutSeconds]]"},
-    {"name": "rsa_key", "value": "[[rsa_key]]"},
     {"name": "test_mode", "value": "[[testMode]]"}
   ],
-  "optionalConfigNames": ["restore_key", "restore_timeout", "ssh_key"],
+  "optionalConfigNames": ["restore_key", "restore_timeout"],
   "tgzB64": ""
 }

bubble-server/src/main/java/bubble/service/cloud/AnsiblePrepService.java

@@ -2,7 +2,6 @@ package bubble.service.cloud;
 
 import bubble.dao.account.AccountSshKeyDAO;
 import bubble.model.account.Account;
-import bubble.model.account.AccountSshKey;
 import bubble.model.cloud.AnsibleInstallType;
 import bubble.model.cloud.AnsibleRole;
 import bubble.model.cloud.BubbleNetwork;
@@ -71,18 +70,6 @@ public class AnsiblePrepService {
             ctx.put("restoreKey", restoreKey);
             ctx.put("restoreTimeoutSeconds", RESTORE_MONITOR_SCRIPT_TIMEOUT_SECONDS);
         }
-        if (network.hasSshKey()) {
-            final AccountSshKey sshKey = sshKeyDAO.findByAccountAndId(account.getUuid(), network.getSshKey());
-            if (sshKey == null) {
-                return die("prepAnsible: SSH key not found: "+network.getSshKey());
-            } else if (sshKey.expired()) {
-                return die("prepAnsible: SSH key expired: "+network.getSshKey());
-            } else {
-                ctx.put("rsa_key", sshKey.getSshPublicKey());
-            }
-        } else {
-            ctx.put("rsa_key", "disabled");
-        }
         ctx.put("network", network);
         ctx.put("node", node);
         ctx.put("roles", installRoles.stream().map(AnsibleRole::getRoleName).collect(Collectors.toList()));
@@ -90,7 +77,7 @@ public class AnsiblePrepService {
 
         // Copy database with new encryption key
         if (installRoles.stream().anyMatch(r->r.getName().startsWith("bubble-"))) {
-            final String key = dbFilter.copyDatabase(fork, node, account, new File(bubbleFilesDir, "bubble.sql.gz"));
+            final String key = dbFilter.copyDatabase(fork, network, node, account, new File(bubbleFilesDir, "bubble.sql.gz"));
             ctx.put("dbEncryptionKey", key);
 
             // if this is a fork, and current server is local, then sage will be self

bubble-server/src/main/java/bubble/service/dbfilter/DatabaseFilterService.java

@@ -5,6 +5,7 @@ import bubble.main.RekeyDatabaseOptions;
 import bubble.main.rekey.RekeyOptions;
 import bubble.main.rekey.RekeyReaderMain;
 import bubble.model.account.Account;
+import bubble.model.cloud.BubbleNetwork;
 import bubble.model.cloud.BubbleNode;
 import bubble.server.BubbleConfiguration;
 import lombok.Cleanup;
@@ -47,7 +48,7 @@ public class DatabaseFilterService {
 
     @Autowired private BubbleConfiguration configuration;
 
-    public String copyDatabase(boolean fork, BubbleNode node, Account account, File pgDumpFile) {
+    public String copyDatabase(boolean fork, BubbleNetwork network, BubbleNode node, Account account, File pgDumpFile) {
         final String dbName = ("bubble_slice_"+randomAlphanumeric(8)+"_"+now()).toLowerCase();
         log.info("copyDatabase: starting with dbName: "+dbName);
 
@@ -98,7 +99,7 @@ public class DatabaseFilterService {
                 @Override protected Iterator<Identifiable> getEntityProducer(BubbleConfiguration fromConfig, AtomicReference<Exception> error) {
                     return fork
                             ? new FullEntityIterator(configuration, readerError)
-                            : new FilteredEntityIterator(configuration, account, node, readerError);
+                            : new FilteredEntityIterator(configuration, account, network, node, readerError);
                 }
             }.runInBackground(readerError::set);
 

bubble-server/src/main/java/bubble/service/dbfilter/EntityIterator.java

@@ -2,6 +2,8 @@ package bubble.service.dbfilter;
 
 import bubble.cloud.storage.local.LocalStorageConfig;
 import bubble.cloud.storage.local.LocalStorageDriver;
+import bubble.model.account.AccountSshKey;
+import bubble.model.cloud.BubbleNetwork;
 import bubble.model.cloud.BubbleNode;
 import bubble.model.cloud.CloudService;
 import lombok.Getter;
@@ -66,15 +68,30 @@ public abstract class EntityIterator implements Iterator<Identifiable> {
         }
     }
 
-    public void addEntities(Class<? extends Identifiable> c, List<? extends Identifiable> entities, BubbleNode node) {
+    public void addEntities(Class<? extends Identifiable> c,
+                            List<? extends Identifiable> entities,
+                            BubbleNetwork network,
+                            BubbleNode node) {
         if (CloudService.class.isAssignableFrom(c)) {
             entities.forEach(e -> add(setLocalStoragePath((CloudService) e)));
+
+        } else if (AccountSshKey.class.isAssignableFrom(c)) {
+            entities.forEach(e -> add(setInstallKey((AccountSshKey) e, network)));
+
         } else {
             entities.forEach(this::add);
         }
     }
 
-    public CloudService setLocalStoragePath(CloudService cloudService) {
+    private AccountSshKey setInstallKey(AccountSshKey sshKey, BubbleNetwork network) {
+        if (network == null) return sshKey;
+        if (network.hasSshKey() && network.getSshKey().equals(sshKey.getUuid())) {
+            sshKey.setInstallSshKey(true);
+        }
+        return sshKey;
+    }
+
+    private CloudService setLocalStoragePath(CloudService cloudService) {
         if (!cloudService.usesDriver(LocalStorageDriver.class)) {
             return cloudService;
         }

bubble-server/src/main/java/bubble/service/dbfilter/FilteredEntityIterator.java

@@ -6,6 +6,7 @@ import bubble.dao.cloud.BubbleNodeDAO;
 import bubble.dao.cloud.BubbleNodeKeyDAO;
 import bubble.model.account.Account;
 import bubble.model.account.HasAccount;
+import bubble.model.cloud.BubbleNetwork;
 import bubble.model.cloud.BubbleNode;
 import bubble.model.cloud.BubbleNodeKey;
 import bubble.model.device.Device;
@@ -37,15 +38,18 @@ public class FilteredEntityIterator extends EntityIterator {
 
     private final BubbleConfiguration configuration;
     private final Account account;
+    private final BubbleNetwork network;
     private final BubbleNode node;
 
-    public FilteredEntityIterator (BubbleConfiguration configuration,
-                                   Account account,
-                                   BubbleNode node,
-                                   AtomicReference<Exception> error) {
+    public FilteredEntityIterator(BubbleConfiguration configuration,
+                                  Account account,
+                                  BubbleNetwork network,
+                                  BubbleNode node,
+                                  AtomicReference<Exception> error) {
         super(error);
         this.configuration = configuration;
         this.account = account;
+        this.network = network;
         this.node = node;
     }
 
@@ -72,7 +76,7 @@ public class FilteredEntityIterator extends EntityIterator {
                 final List<? extends HasAccount> entities = aoDAO.dbFilterIncludeAll()
                         ? aoDAO.findAll()
                         : aoDAO.findByAccount(account.getUuid());
-                addEntities(c, entities, node);
+                addEntities(c, entities, network, node);
             }
         });
 

bubble-server/src/main/java/bubble/service/dbfilter/FullEntityIterator.java

@@ -17,7 +17,7 @@ public class FullEntityIterator extends EntityIterator {
 
     protected void iterate() {
         config.getEntityClasses().forEach(c -> {
-            addEntities(c, config.getDaoForEntityClass(c).findAll(), null);
+            addEntities(c, config.getDaoForEntityClass(c).findAll(), null, null);
         });
         log.info("iterate: completed");
     }

bubble-server/src/test/resources/models/tests/network/simple_network.json

@@ -116,13 +116,13 @@
 
   {
     "comment": "add an ssh key",
-    "onlyIf": "'{{TEST_SSH_KEY}}'.startsWith('ssh-rsa ')",
+    "onlyIf": "'{{serverConfig.environment.TEST_SSH_KEY}}'.startsWith('ssh-rsa ')",
     "request": {
       "uri": "me/keys",
       "method": "put",
       "entity": {
         "name": "test-key",
-        "sshPublicKey": "{{TEST_SSH_KEY}}"
+        "sshPublicKey": "{{serverConfig.environment.TEST_SSH_KEY}}"
       }
     },
     "response": {

utils/cobbzilla-wizard

@@ -1 +1 @@
-Subproject commit 80070a2a1a03c6b62a64246766269ba9d45a9551
+Subproject commit 33c38a7d30e6c9c9aeeb5d45d2db2a681a1d903e