infra-ansible/roles/post_puppet_gerrit/tasks/main.yml

---
# Enable ssh agent forwarding with sudo
- lineinfile: dest=/etc/sudoers state=present regexp='^Defaults env_keep\+\=SSH_AUTH_SOCK' line='Defaults env_keep+=SSH_AUTH_SOCK'

- pause: 
    prompt: | 
      Please login to "{{ groups['meta-infra_type_gerrit'][0] }}" 
      with your OpenID, set your user preferences and enter
      your user account name 
  register: gerrit_prompt_var

- command: hiera -c /etc/puppet/hiera.yaml zuul_ssh_public_key_contents environment=production
  delegate_to: "{{ groups['meta-infra_type_puppetmaster'][0] }}"
  register: zuul_ssh_public_key_contents

- command: hiera -c /etc/puppet/hiera.yaml ssh_project_rsa_pubkey_contents environment=production
  delegate_to: "{{ groups['meta-infra_type_puppetmaster'][0] }}"
  register: ssh_project_rsa_pubkey_contents

- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-group "'Project Bootstrappers'"

- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-group "'Continuous Integration Tools'"

- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-account --group "'Continuous Integration Tools'" --group Administrators --full-name "'Project Creator'" --email creator@infra-ansible.cloud --ssh-key "'{{ ssh_project_rsa_pubkey_contents.stdout }}'" openstack-project-creator

- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-account --group "'Continuous Integration Tools'" --full-name "'Zuul'" --email zuul@infra-ansible.cloud --ssh-key "'{{ zuul_ssh_public_key_contents.stdout }}'" jenkins