From 27b10488dbc018f0873b8487862b6fdf1210e6bc Mon Sep 17 00:00:00 2001
From: Guillaume Abrioux <gabrioux@redhat.com>
Date: Wed, 13 Oct 2021 10:26:59 +0200
Subject: [PATCH] nfs/rgw: support enforcing keys

if one sets `ceph_nfs_rgw_access_key` and/or `ceph_nfs_rgw_secret_key`,
the nfs/rgw user creation won't take those variables into account and it
will generate a user with automatically generated credentials.
It ends up with a mismatch between what will be set in ganesha.conf and
the created user.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2010754

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit b8db1166c51f9398f0e4478d1782c77710ff20c7)
---
 roles/ceph-nfs/tasks/create_rgw_nfs_user.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml b/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml
index 06860798c..87fdb9fc4 100644
--- a/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml
+++ b/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml
@@ -14,7 +14,7 @@
   when: nfs_obj_gw | bool
 
 - name: create rgw nfs user "{{ ceph_nfs_rgw_user }}"
-  command: "{{ container_exec_cmd_nfs | default('') }} radosgw-admin --cluster {{ cluster }} user create --uid={{ ceph_nfs_rgw_user }} --display-name='RGW NFS User'"
+  command: "{{ container_exec_cmd_nfs | default('') }} radosgw-admin --cluster {{ cluster }} user create --uid={{ ceph_nfs_rgw_user }} --display-name='RGW NFS User' {{ '--access-key=' + ceph_nfs_rgw_access_key if ceph_nfs_rgw_access_key is defined else '' }} {{ '--secret-key=' + ceph_nfs_rgw_secret_key if ceph_nfs_rgw_secret_key is defined else '' }}"
   run_once: true
   register: rgwuser
   changed_when: false