zuul-jobs/roles/add-build-sshkey/tasks/create-key-and-replace.yaml
Tristan de Cacqueray 1e0af6779b Add remove-zuul-sshkey
This change enables a kubectl connection job to just remove the
zuul sshkey, without using the add-build-sshkey role which doesn't
work on pod. To do that, this change moves the sshagent_remove_key
task to a new role and makes add-build-sshkey use the new role.

Change-Id: I5e7288592cad303df919220259f5a360bf522f64
2020-05-15 12:24:33 +00:00

34 lines
1007 B
YAML

- name: Create Temp SSH key
command: ssh-keygen -t rsa -N '' -C 'zuul-build-sshkey' -f {{ zuul_temp_ssh_key }}
delegate_to: localhost
run_once: true
- name: Remote setup ssh keys (linux)
include: remote-linux.yaml
when: ansible_os_family != "Windows"
- name: Remote setup ssh keys (windows)
include: remote-windows.yaml
when: ansible_os_family == "Windows"
- import_role:
name: remove-zuul-sshkey
- name: Add back temp key
command: ssh-add {{ zuul_temp_ssh_key }}
delegate_to: localhost
run_once: true
- name: Verify we can still SSH to all nodes
ping:
when: ansible_os_family != "Windows"
- name: Verify we can still SSH to all nodes (windows)
command: ssh -o ConnectTimeout=10 {{ ansible_user }}@{{ ansible_host }} echo success
delegate_to: localhost
when:
- ansible_os_family == "Windows"
# Only run if we successfully configured the host. If not the host doesn't support
# ssh and the check shall not break them.
- windows_remote_ssh is succeeded