52 lines
1.5 KiB
YAML
52 lines
1.5 KiB
YAML
---
|
|
|
|
# Drop the vault key
|
|
- hosts: all
|
|
pre_tasks:
|
|
- name: Create the vault key path
|
|
file:
|
|
path: "{{ vault_key_path | dirname }}"
|
|
state: directory
|
|
owner: "{{ ansible_user }}"
|
|
tasks:
|
|
- name: Drop the vault key
|
|
copy:
|
|
content: "{{ vault_secret.key }}"
|
|
dest: "{{ vault_key_path }}"
|
|
mode: '0600'
|
|
|
|
# Drop the SSH proxyjump configuration
|
|
- name: Ensure the SSH configuration directory exists
|
|
file:
|
|
path: "{{ ansible_user_dir }}/.ssh"
|
|
state: directory
|
|
- name: Copy the SSH proxy configuration
|
|
copy:
|
|
src: "{{ lsn_ci_src_path }}/ssh/ssh_config"
|
|
dest: "{{ ansible_user_dir }}/.ssh/config"
|
|
remote_src: yes
|
|
|
|
# Start SSH agent and load the deployment key
|
|
- name: Create the SSH private key tempfile
|
|
tempfile:
|
|
state: file
|
|
register: ssh_private_key_tmp
|
|
- name: Create SSH private key from secret
|
|
copy:
|
|
content: "{{ ssh_key_secret.id_rsa }}"
|
|
dest: "{{ ssh_private_key_tmp.path }}"
|
|
mode: '0600'
|
|
- name: Start the SSH agent
|
|
command: "ssh-agent -a {{ ssh_agent_sock }}"
|
|
- name: Add the SSH key
|
|
command: "ssh-add {{ ssh_private_key_tmp.path }}"
|
|
environment:
|
|
SSH_AUTH_SOCK: "{{ ssh_agent_sock }}"
|
|
- name: Remove the SSH private key from disk
|
|
command: "shred -u {{ ssh_private_key_tmp.path }}"
|
|
# Prepare the submodules
|
|
- name: Init the submodules
|
|
command: git submodule update --init
|
|
args:
|
|
chdir: "{{ lsn_ci_src_path }}"
|