From f619d6c7b981e044ce6b23b5ba3527c869ea568d Mon Sep 17 00:00:00 2001
From: Brian Dwyer <brian.dwyer@broadridge.com>
Date: Mon, 2 May 2022 11:32:25 -0400
Subject: [PATCH] Add support for specifying the SSH key type to be
 automatically generated

AL2022+ is based on Fedora 35 which only supports ed25519 out of the box
---
 lib/kitchen/driver/ec2.rb       | 3 ++-
 spec/kitchen/driver/ec2_spec.rb | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/kitchen/driver/ec2.rb b/lib/kitchen/driver/ec2.rb
index 3e9db3f4..6678dc16 100644
--- a/lib/kitchen/driver/ec2.rb
+++ b/lib/kitchen/driver/ec2.rb
@@ -78,6 +78,7 @@ class Ec2 < Kitchen::Driver::Base
       default_config :aws_secret_access_key, nil
       default_config :aws_session_token,  nil
       default_config :aws_ssh_key_id,     ENV["AWS_SSH_KEY_ID"]
+      default_config :aws_ssh_key_type,   "rsa"
       default_config :image_id, &:default_ami
       default_config :image_search,       nil
       default_config :username,           nil
@@ -831,7 +832,7 @@ def create_key(state)
         # to rapidly exhaust local entropy by creating a lot of keys. So this is
         # probably fine. If you want very high security, probably don't use this
         # feature anyway.
-        resp = ec2.client.create_key_pair(key_name: "kitchen-#{name_parts.join("-")}")
+        resp = ec2.client.create_key_pair(key_name: "kitchen-#{name_parts.join("-")}", key_type: config[:aws_ssh_key_type])
         state[:auto_key_id] = resp.key_name
         info("Created automatic key pair #{state[:auto_key_id]}")
         # Write the key out with safe permissions
diff --git a/spec/kitchen/driver/ec2_spec.rb b/spec/kitchen/driver/ec2_spec.rb
index c29c2630..5ff92b00 100644
--- a/spec/kitchen/driver/ec2_spec.rb
+++ b/spec/kitchen/driver/ec2_spec.rb
@@ -382,7 +382,7 @@
         config.delete(:aws_ssh_key_id)
         allow(instance).to receive(:name).and_return("instance_name")
 
-        expect(actual_client).to receive(:create_key_pair).with(key_name: /kitchen-/).and_return(double(key_name: "expected-key-name", key_material: "RSA PRIVATE KEY"))
+        expect(actual_client).to receive(:create_key_pair).with(key_name: /kitchen-/, key_type: "rsa").and_return(double(key_name: "expected-key-name", key_material: "RSA PRIVATE KEY"))
         fake_file = double
         allow(File).to receive(:open).and_call_original
         expect(File).to receive(:open).with("/kitchen/.kitchen/instance_name.pem", kind_of(Numeric), kind_of(Numeric)).and_yield(fake_file)