adding support for using authorized_keys from a service account

[someara]

No description provided.

[anl]

So setting "public_key_path" for GCE looks like it works by setting the "sshKeys" custom metadata - for user "root" only, AFAICT, although I haven't yet found the code in Fog that does this? Does that match what you're seeing?

[someara]

Hi Andy.
This is passed by fog here: https://github.com/fog/fog/blob/master/lib/fog/google/models/compute/servers.rb#L76

It's the same as doing this with the gcutil CLI https://gist.github.com/someara/a01cac108b5a966dbb44

The google_key_location signs the API request and literally uploads the ssh public key as part of the API call.

It lets me do this: https://github.com/opscode-cookbooks/build-essential/blob/master/.kitchen.cloud.yml#L63

From there, its up to the image to Do The Right Thing.... and there are bugs in the images.
For example, the centos-6 image doesn't seem to work as root.

I haven't tried debian-7 with any other user than root.

-s

[someara]

I pasted this into the Fog repl at one point figuring this out:
https://gist.github.com/someara/5dceea5f7ad3211e788e

[anl]

Awesome, thank you for the explanation - and the PR.

It looks like adding "username:" to connection.servers.create works around images like CentOS that have "PermitRootLogin no" set, when needed. (SSH logins to the GCE CentOS images are really slow then, but that appears to be because they have "GSSAPIAuthentication yes" set.)