for initial installs use gathered ssh host key, then remove and use signed ones

roles/basessh/tasks/main.yml

@@ -172,3 +172,9 @@
   - config
   - sshd
   - base
+
+- name: make sure there is no old ssh host key for the host still around
+  local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
+  ignore_errors: True
+  with_items:
+  - /root/.ssh/known_hosts

tasks/virt_instance_create.yml

@@ -76,6 +76,13 @@
   tags:
     - armv7-kernel
 
+- name: make sure there is no old ssh host key for the host still around
+  local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
+  ignore_errors: True
+  with_items:
+  - /root/.ssh/known_hosts
+  when: inventory_hostname not in result.list_vms
+
 - name: (osbs-control01.stg) make sure there is no old ssh host key for the host still around
   known_hosts: path={{item}} host={{ inventory_hostname }} state=absent
   ignore_errors: True
@@ -104,6 +111,13 @@
   register: hostkey
   when: inventory_hostname not in result.list_vms
 
+- name: add new ssh host key (until we can sign it)
+  local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
+  ignore_errors: True
+  with_items:
+  - /root/.ssh/known_hosts
+  when: inventory_hostname not in result.list_vms
+
 - name: (osbs-control01.stg) add new ssh host key
   known_hosts: path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
   ignore_errors: True