system-config/playbooks/roles/zuul-user/tasks/main.yaml

- name: Create zuul user
  user:
    name: zuul
    comment: User for running remote zuul jobs
    shell: /bin/bash

- name: Install sudo permissions for zuul
  copy:
    src: zuul.sudo
    dest: '/etc/sudoers.d/zuul'
    owner: root
    group: root
    mode: 0440
  when: zuul_user_enable_sudo

- name: Install system-config per-project key for zuul
  authorized_key:
    user: zuul
    state: present
    key: '{{ zuul_user_authorized_key }}'