From 9ebb3886d189182567720268dfd993649ea28832 Mon Sep 17 00:00:00 2001 From: Clint Byrum Date: Wed, 16 Aug 2017 12:22:19 -0700 Subject: [PATCH] Install build private key too This will allow all nodes to SSH to each other, which should facilitate some multi-node jobs that need this enabled. We set "force" to "no" on the copies since this is in the base job's pre.yml, meaning it should run before basically anything else. Change-Id: If11f05f5cced71f6e9f634195e628ea68813c4cf --- .../tasks/create-key-and-replace.yaml | 22 ++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/roles/add-build-sshkey/tasks/create-key-and-replace.yaml b/roles/add-build-sshkey/tasks/create-key-and-replace.yaml index e26ceaa2f..4de69ea76 100644 --- a/roles/add-build-sshkey/tasks/create-key-and-replace.yaml +++ b/roles/add-build-sshkey/tasks/create-key-and-replace.yaml @@ -3,12 +3,32 @@ delegate_to: localhost run_once: true -- name: Distribute it to all nodes +- name: Enable access via build key on all nodes authorized_key: user: "{{ ansible_ssh_user }}" state: present key: "{{ lookup('file', zuul_temp_ssh_key + '.pub') }}" +- name: Make sure user has a .ssh + file: + state: directory + path: "~/.ssh" + mode: 0700 + +- name: Install build private key as SSH key on all nodes + copy: + src: "{{ zuul_temp_ssh_key }}" + dest: "~/.ssh/id_rsa" + mode: 0600 + force: no + +- name: Install build public key as SSH key on all nodes + copy: + src: "{{ zuul_temp_ssh_key }}.pub" + dest: "~/.ssh/id_rsa.pub" + mode: 0644 + force: no + - name: Remove all keys from local agent command: ssh-add -D delegate_to: localhost