Bug 2002870

Summary: SSH authorized key not injected into guest when using a user defined template
Product: OpenShift Container Platform Reporter: joherr
Component: Console Kubevirt PluginAssignee: Matan Schatzman <mschatzm>
Status: CLOSED ERRATA QA Contact: Guohua Ouyang <gouyang>
Severity: urgent Docs Contact:
Priority: medium    
Version: 4.8CC: aos-bugs, bschmaus, cnv-qe-bugs, danken, gouyang
Target Milestone: ---   
Target Release: 4.9.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-22 21:47:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description joherr 2021-09-09 21:46:50 UTC 
Description of problem:
When using a user defined template, the Authorized Key specified after selecting the template does not populate into the cloud-users .ssh/authorized_keys file.
This happens when creating a new template from the wizard or when cloning an existing system provided template like rhel8.


Version-Release number of selected component (if applicable):
OCP 4.8.10
CNV 4.8.1

How reproducible:
always


Steps to Reproduce:
1. Create a new template or clone an existing system template
2. Create a VM from the template
3. Populate the Authorized Key field on Step 2 Review and Create.
4. Create the virtual machine with or without further customization.

Actual results:
The cloud-users .ssh/authorized_keys file is not populated with the ssh key.


Expected results:
The cloud-user .ssh/authorized_keys file to contain the ssh public key.


Additional info:
A secret is created, but the stanza to use it in the VMs yaml file is not created. VMs created from system templates have the following in them.
spec:
  template:
    spec:
      accessCredentials:
        - sshPublicKey:
            propagationMethod:
              configDrive: {}
            source:
              secret:
                secretName: authorizedsshkeys-rhel8-conservation-blackbird
Comment 4 Guohua Ouyang 2021-10-21 07:24:26 UTC 
verified on master
Comment 5 Dan Kenigsberg 2021-11-15 10:36:49 UTC 
This bug causes a serious regression in the user experience for new VM owners - a user cannot log into her VM despite specifying the right password and having used the right ssh keys. Please have it backported to 4.9.
Comment 8 errata-xmlrpc 2021-11-22 21:47:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.9.8 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4712