From 992e29d0328536fd0f3e49ea930329d216260d25 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Jeanneret?= <cjeanner@redhat.com>
Date: Tue, 30 Apr 2024 15:49:48 +0200
Subject: [PATCH] Ensure ssh_authorized_keys is a list in cloud-init

According to the official documentation[1], `ssh_authorized_keys` is a
list, not a string.

This patch should hopefully correct the issue we faced while trying to
inject multiple authorized keys: the cloud-init configuration file was
broken, preventing to apply any credential related data, leading to
failures when RHOSO deploy actually started.

[1] https://cloudinit.readthedocs.io/en/latest/reference/examples.html#configure-instance-s-ssh-keys

Co-Authored-By: @pablintino <pabrodri@redhat.com>
---
 pkg/openstackbaremetalset/baremetalhost.go         | 6 +++++-
 templates/openstackbaremetalset/cloudinit/userdata | 5 ++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/pkg/openstackbaremetalset/baremetalhost.go b/pkg/openstackbaremetalset/baremetalhost.go
index 27f8ffe..517fdf3 100644
--- a/pkg/openstackbaremetalset/baremetalhost.go
+++ b/pkg/openstackbaremetalset/baremetalhost.go
@@ -70,7 +70,11 @@ func BaremetalHostProvision(
 	// User data cloud-init secret
 	if userDataSecret == nil {
 		templateParameters := make(map[string]interface{})
-		templateParameters["AuthorizedKeys"] = strings.TrimSuffix(string(sshSecret.Data["authorized_keys"]), "\n")
+		// Prepare ssh_authorized_keys list for template
+		splitKeys := strings.Split(strings.TrimSuffix(string(sshSecret.Data["authorized_keys"]), "\n"), "\n")
+		sshKeys := make([]string, len(splitKeys))
+		sshKeys = append(sshKeys, splitKeys...)
+		templateParameters["AuthorizedKeys"] = sshKeys
 		templateParameters["HostName"] = bmhStatus.Hostname
 		//If Hostname is fqdn, use it
 		if !hostNameIsFQDN(bmhStatus.Hostname) && instance.Spec.DomainName != "" {
diff --git a/templates/openstackbaremetalset/cloudinit/userdata b/templates/openstackbaremetalset/cloudinit/userdata
index ba5222d..4f8c0a8 100644
--- a/templates/openstackbaremetalset/cloudinit/userdata
+++ b/templates/openstackbaremetalset/cloudinit/userdata
@@ -4,7 +4,10 @@ hostname: {{ .HostName }}
 fqdn: {{ .FQDN }}
 users:
   - name: {{ .CloudUserName }}
-    ssh-authorized-keys: {{ .AuthorizedKeys }}
+    ssh_authorized_keys:
+{{ range $ssh_key := .AuthorizedKeys }}
+      - {{ $ssh_key }}
+{{ end }}
     sudo: ['ALL=(ALL) NOPASSWD:ALL']
     shell: /bin/bash
 {{- if (index . "NodeRootPassword") }}