base-jobs/roles/add-build-sshkey-fork/tasks/remote-linux.yaml

- name: Remove previously added zuul-build-sshkey
  lineinfile:
    path: "~/.ssh/authorized_keys"
    regexp: ".* zuul-build-sshkey$"
    state: absent
  when: zuul_build_sshkey_cleanup

- name: Enable access via build key on all nodes
  authorized_key:
    user: "{{ ansible_ssh_user }}"
    state: present
    key: "{{ lookup('file', zuul_temp_ssh_key + '.pub') }}"

- name: Make sure user has a .ssh
  file:
    state: directory
    path: "~/.ssh"
    mode: 0700

- name: Install build private key as SSH key on all nodes
  copy:
    src: "{{ zuul_temp_ssh_key }}"
    dest: "~/.ssh/{{ zuul_ssh_key_dest }}"
    mode: 0600
    force: no

- name: Install build public key as SSH key on all nodes
  copy:
    src: "{{ zuul_temp_ssh_key }}.pub"
    dest: "~/.ssh/{{ zuul_ssh_key_dest }}.pub"
    mode: 0644
    force: no