1e0af6779b
This change enables a kubectl connection job to just remove the zuul sshkey, without using the add-build-sshkey role which doesn't work on pod. To do that, this change moves the sshagent_remove_key task to a new role and makes add-build-sshkey use the new role. Change-Id: I5e7288592cad303df919220259f5a360bf522f64
34 lines
1007 B
YAML
34 lines
1007 B
YAML
- name: Create Temp SSH key
|
|
command: ssh-keygen -t rsa -N '' -C 'zuul-build-sshkey' -f {{ zuul_temp_ssh_key }}
|
|
delegate_to: localhost
|
|
run_once: true
|
|
|
|
- name: Remote setup ssh keys (linux)
|
|
include: remote-linux.yaml
|
|
when: ansible_os_family != "Windows"
|
|
|
|
- name: Remote setup ssh keys (windows)
|
|
include: remote-windows.yaml
|
|
when: ansible_os_family == "Windows"
|
|
|
|
- import_role:
|
|
name: remove-zuul-sshkey
|
|
|
|
- name: Add back temp key
|
|
command: ssh-add {{ zuul_temp_ssh_key }}
|
|
delegate_to: localhost
|
|
run_once: true
|
|
|
|
- name: Verify we can still SSH to all nodes
|
|
ping:
|
|
when: ansible_os_family != "Windows"
|
|
|
|
- name: Verify we can still SSH to all nodes (windows)
|
|
command: ssh -o ConnectTimeout=10 {{ ansible_user }}@{{ ansible_host }} echo success
|
|
delegate_to: localhost
|
|
when:
|
|
- ansible_os_family == "Windows"
|
|
# Only run if we successfully configured the host. If not the host doesn't support
|
|
# ssh and the check shall not break them.
|
|
- windows_remote_ssh is succeeded
|