zuul-jobs/roles/add-fileserver/tasks/main.yaml
Paul Belanger df50917f66
Use tempfile for ssh private key
We do this for our GPG keys, lets also do it for SSH keys.

Change-Id: I0ec4b6a0bbadc4ab01e5e3e4987da3a40b7a1237
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-08-25 13:25:23 -04:00

28 lines
816 B
YAML

- name: Create SSH private key tempfile
tempfile:
state: file
register: ssh_private_key_tmp
- name: Create SSH private key from secret
copy:
content: "{{ fileserver.ssh_private_key }}"
dest: "{{ ssh_private_key_tmp.path }}"
mode: 0600
- name: Add fileserver ssh key
command: "ssh-add {{ ssh_private_key_tmp.path }}"
- name: Remove SSH private key from disk
command: "shred {{ ssh_private_key_tmp.path }}"
- name: Add fileserver to inventory
add_host:
name: "{{ fileserver.fqdn }}"
ansible_user: "{{ fileserver.ssh_username|default(ansible_user) }}"
zuul_fileserver_project_path: "{{ fileserver.path }}/{{ zuul.project.short_name }}"
- name: Add fileserver server to known hosts
known_hosts:
name: "{{ fileserver.fqdn }}"
key: "{{ fileserver.ssh_known_hosts }}"