df50917f66
We do this for our GPG keys, lets also do it for SSH keys. Change-Id: I0ec4b6a0bbadc4ab01e5e3e4987da3a40b7a1237 Signed-off-by: Paul Belanger <pabelanger@redhat.com>
28 lines
816 B
YAML
28 lines
816 B
YAML
- name: Create SSH private key tempfile
|
|
tempfile:
|
|
state: file
|
|
register: ssh_private_key_tmp
|
|
|
|
- name: Create SSH private key from secret
|
|
copy:
|
|
content: "{{ fileserver.ssh_private_key }}"
|
|
dest: "{{ ssh_private_key_tmp.path }}"
|
|
mode: 0600
|
|
|
|
- name: Add fileserver ssh key
|
|
command: "ssh-add {{ ssh_private_key_tmp.path }}"
|
|
|
|
- name: Remove SSH private key from disk
|
|
command: "shred {{ ssh_private_key_tmp.path }}"
|
|
|
|
- name: Add fileserver to inventory
|
|
add_host:
|
|
name: "{{ fileserver.fqdn }}"
|
|
ansible_user: "{{ fileserver.ssh_username|default(ansible_user) }}"
|
|
zuul_fileserver_project_path: "{{ fileserver.path }}/{{ zuul.project.short_name }}"
|
|
|
|
- name: Add fileserver server to known hosts
|
|
known_hosts:
|
|
name: "{{ fileserver.fqdn }}"
|
|
key: "{{ fileserver.ssh_known_hosts }}"
|