changed default erase external keys to false

added tests

.gitignore

@@ -2,3 +2,4 @@
 __pycache__
 *.pyc
 pytestdebug.log
+.cache

README.md

@@ -19,7 +19,7 @@ Only two variables here:
 
 ```yml
 # Default to clean
-ssh_keys_clean: True
+ssh_keys_clean: False
 
 ssh_keys_user:
   root:
@@ -39,11 +39,11 @@ Including an example of how to use your role (for instance, with variables passe
     - hosts: bastions
       roles:
          - role: j0lly.ssh-keys
-           ssh_keys_clean: False
+           ssh_keys_clean: True
            ssh_keys_user:
              user_a:
                - https://place.to-store/keys
-               - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"
+               - "ssh-rsa KKKKK3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"
                - "ssh-rsa BBBBB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"
              admin_user:
                - https://another.place.to-store/keys

defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 # defaults file for ansible-role-ssh-keys
 # define if extenally set keys need to be erased
-ssh_keys_clean: True
+ssh_keys_clean: False
 
 # based on user, define sources of keys
 # see http://docs.ansible.com/ansible/authorized_key_module.html for item types

tests/integ/keys

@@ -0,0 +1,3 @@
+ssh-rsa KKKKB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7
+ssh-rsa XXXXB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7
+ssh-rsa ZZZZB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7

tests/playbook-test.yml

@@ -10,6 +10,7 @@
     - role: ansible-role-ssh-keys
       ssh_keys_user:
         root:
-          - 'https://github.com/j0lly.keys'
+          - '{{ lookup("file", "integ/keys") }}'
         '{{ user_name }}':
-          - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"
+          - '{{ lookup("file", "integ/keys") }}'
+          - "ssh-rsa BBBBB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"

tests/test_keys.py

@@ -0,0 +1,19 @@
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    '.molecule/ansible_inventory').get_hosts('all')
+
+
+def test_number_of_keys(File, Sudo):
+    f_root = File('/root/.ssh/authorized_keys')
+    f_johnd = File('/home/johnd/.ssh/authorized_keys')
+    root_keys = sum(1 for line in f_root.content_string.splitlines())
+    johnd_keys = sum(1 for line in f_johnd.content_string.splitlines())
+
+    assert f_root.exists
+    assert f_root.contains('ssh-rsa KKKKB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7')  # noqa: E501
+    assert root_keys == 3
+    assert f_johnd.exists
+    assert f_johnd.contains('ssh-rsa BBBBB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7')  # noqa: E501
+    assert f_johnd.contains('ssh-rsa KKKKB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7')  # noqa: E501
+    assert johnd_keys == 4