slaprunner: fix multiple SSH keys in authorized-keys

software/slaprunner/buildout.hash.cfg

@@ -18,7 +18,7 @@ md5sum = 8d6878ff1d2e75010c50a1a2b0c13b24
 
 [template-runner]
 filename = instance-runner.cfg
-md5sum = 4a3e1ee61f49909fe3fd0843cde1bebe
+md5sum = 6e279c46b07bf56b7b037a8ee2c6587e
 
 [template-runner-import-script]
 filename = template/runner-import.sh.jinja2

software/slaprunner/instance-runner.cfg

@@ -650,7 +650,13 @@ monitor-interface-url =
 monitor-httpd-port = 8386
 buildout-shared-folder = $${runnerdirectory:home}/shared
 {% for k, v in slapparameter_dict.items() -%}
+{% if k == 'user-authorized-key' and v -%}
+{% set key_list =  v.split('\n') -%}
+{{ k }} =
+  {{ key_list | join('\n  ') }}
+{% else -%}
 {{ k }} = {{ v }}
+{% endif -%}
 {% endfor -%}
 
 [slapos-cfg]

software/slaprunner/test/test.py

@@ -321,9 +321,11 @@ class TestWeb(SlaprunnerTestCase):
 class TestSSH(SlaprunnerTestCase):
   @classmethod
   def getInstanceParameterDict(cls):
-    cls.ssh_key = paramiko.RSAKey.generate(1024)
+    cls.ssh_key_list = [paramiko.RSAKey.generate(1024) for i in range(2)]
     return {
-        'user-authorized-key': 'ssh-rsa {}'.format(cls.ssh_key.get_base64())
+        'user-authorized-key': 'ssh-rsa {}\nssh-rsa {}'.format(
+          *[key.get_base64() for key in cls.ssh_key_list]
+          )
     }
 
   def test_connect(self):
@@ -355,12 +357,13 @@ class TestSSH(SlaprunnerTestCase):
     key_policy = KeyPolicy()
     client.set_missing_host_key_policy(key_policy)
 
+    for ssh_key in self.ssh_key_list:
       with contextlib.closing(client):
         client.connect(
             username=username,
             hostname=parsed.hostname,
             port=parsed.port,
-          pkey=self.ssh_key,
+            pkey=ssh_key,
         )
         # Check fingerprint from server matches the published one.
         # Paramiko does not allow to get the fingerprint as SHA256 easily yet