- name: Upload git mirror block: - name: Create SSH private key tempfile tempfile: state: file register: ssh_private_key_tmp - name: Set up private key copy: content: "{{ git_mirror_credentials.ssh_key }}" dest: "{{ ssh_private_key_tmp.path }}" mode: 0600 no_log: true # If the markers in an id_rsa don't end with a newline some # versions of ssh won't read the key. - name: Ensure ssh_key ends with newline shell: | echo >> {{ ssh_private_key_tmp.path }} - name: Generate SSH configuration set_fact: ssh_config: | host {{ git_mirror_credentials.host }} HostName {{ git_mirror_credentials.host }} IdentityFile {{ ssh_private_key_tmp.path }} User {{ git_mirror_credentials.user }} - name: Write SSH configuration to ~/.ssh/config blockinfile: state: present path: "{{ ansible_user_dir }}/.ssh/config" create: yes mode: 0600 block: "{{ ssh_config }}" - name: Add host key to known hosts known_hosts: state: present name: "{{ git_mirror_credentials.host }}" key: "{{ git_mirror_credentials.host_key }}" - name: Mirror the git repository command: git push --mirror {{ git_mirror_credentials.user }}@{{ git_mirror_credentials.host }}:{{ git_mirror_repository }} args: chdir: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}" tags: - skip_ansible_lint register: result retries: 3 delay: 5 until: result is not failed always: # Registered variables below are only used for integration testing - name: Remove SSH private key from disk command: "shred --remove {{ ssh_private_key_tmp.path }}" register: git_mirror_key_removed - name: Remove SSH configuration in ~/.ssh/config blockinfile: state: absent path: "{{ ansible_user_dir }}/.ssh/config" mode: 0600 block: "{{ ssh_config }}" register: git_mirror_ssh_config_removed - name: Remove host key from known hosts known_hosts: state: absent name: "{{ git_mirror_credentials.host }}" key: "{{ git_mirror_credentials.host_key }}" register: git_mirror_host_key_removed