From 2ad4d583ec0ce4a5a48212a675cbf1762d121640 Mon Sep 17 00:00:00 2001
From: yatinkarel <ykarel@redhat.com>
Date: Tue, 8 Mar 2022 19:25:10 +0530
Subject: [PATCH] Honour ssh_key_type config for keypair and ssh clients

With [1] Tempest added support for 'ecdsa' key types
using a new config option validation.ssh_key_type.

Let's honour this while creating ssh and keypair
clients. This is needed atleast for latest openssl
package in CentOS 9-stream where support for 'rsa'
key is dropped.

[1] https://review.opendev.org/c/openstack/tempest/+/807465

Closes-Bug: #1963907
Change-Id: I1e4621ca9c02231d02df09fa758eae5c55eb0f93
---
 neutron_tempest_plugin/api/clients.py                          | 3 ++-
 neutron_tempest_plugin/common/ssh.py                           | 3 ++-
 neutron_tempest_plugin/fwaas/scenario/fwaas_v2_base.py         | 1 +
 .../neutron_dynamic_routing/scenario/test_simple_bgp.py        | 3 ++-
 neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py          | 3 ++-
 5 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/neutron_tempest_plugin/api/clients.py b/neutron_tempest_plugin/api/clients.py
index 2855a7af..053e5ea6 100644
--- a/neutron_tempest_plugin/api/clients.py
+++ b/neutron_tempest_plugin/api/clients.py
@@ -89,7 +89,8 @@ class Manager(clients.ServiceClients):
         self.interfaces_client = interfaces_client.InterfacesClient(
             self.auth_provider, **params)
         self.keypairs_client = keypairs_client.KeyPairsClient(
-            self.auth_provider, **params)
+            self.auth_provider, ssh_key_type=CONF.validation.ssh_key_type,
+            **params)
         self.hv_client = hypervisor_client.HypervisorClient(
             self.auth_provider, **params)
         self.az_client = availability_zone_client.AvailabilityZoneClient(
diff --git a/neutron_tempest_plugin/common/ssh.py b/neutron_tempest_plugin/common/ssh.py
index 83345217..4cb14746 100644
--- a/neutron_tempest_plugin/common/ssh.py
+++ b/neutron_tempest_plugin/common/ssh.py
@@ -62,7 +62,8 @@ class Client(ssh.Client):
             host=host, username=username, password=password, timeout=timeout,
             pkey=pkey, channel_timeout=channel_timeout,
             look_for_keys=look_for_keys, key_filename=key_filename, port=port,
-            proxy_client=proxy_client)
+            proxy_client=proxy_client,
+            ssh_key_type=CONF.validation.ssh_key_type)
 
     @classmethod
     def create_proxy_client(cls, look_for_keys=True, **kwargs):
diff --git a/neutron_tempest_plugin/fwaas/scenario/fwaas_v2_base.py b/neutron_tempest_plugin/fwaas/scenario/fwaas_v2_base.py
index 00cdf2c5..f8eb44c3 100644
--- a/neutron_tempest_plugin/fwaas/scenario/fwaas_v2_base.py
+++ b/neutron_tempest_plugin/fwaas/scenario/fwaas_v2_base.py
@@ -46,6 +46,7 @@ class FWaaSScenarioTestBase(object):
             try:
                 client = ssh.Client(ip_address, username, pkey=private_key,
                                     channel_timeout=connect_timeout,
+                                    ssh_key_type=CONF.validation.ssh_key_type,
                                     **kwargs)
                 client.test_connection_auth()
                 self.assertTrue(should_connect, "Unexpectedly reachable")
diff --git a/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py b/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py
index 85cc8103..3ec231ee 100644
--- a/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py
+++ b/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py
@@ -214,7 +214,8 @@ class Bgp(BgpClientMixin, base.BaseTempestTestCase):
         left_server = self._create_server()
         ssh_client = ssh.Client(left_server['fip']['floating_ip_address'],
                                 CONF.validation.image_ssh_user,
-                                pkey=self.keypair['private_key'])
+                                pkey=self.keypair['private_key'],
+                                ssh_key_type=CONF.validation.ssh_key_type)
 
         # check LEFT -> RIGHT connectivity via BGP advertised routes
         self.check_remote_connectivity(
diff --git a/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py b/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py
index 1a51198a..92eed9e6 100644
--- a/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py
+++ b/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py
@@ -233,7 +233,8 @@ class Vpnaas(base.BaseTempestTestCase):
         left_server = self._create_server()
         ssh_client = ssh.Client(left_server['fip']['floating_ip_address'],
                                 CONF.validation.image_ssh_user,
-                                pkey=self.keypair['private_key'])
+                                pkey=self.keypair['private_key'],
+                                ssh_key_type=CONF.validation.ssh_key_type)
 
         # check LEFT -> RIGHT connectivity via VPN
         self.check_remote_connectivity(ssh_client, right_ip,