From 044f57c21da32e62e8e7833869a9ed49a7804bca Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 4 Dec 2024 20:15:26 +0100 Subject: [PATCH] Credentials updated --- roles/api/defaults/main.yml | 2 ++ roles/api/tasks/controller.yml | 3 ++- roles/api/tasks/cookie.yml | 3 ++- roles/api/tasks/credentials.yml | 45 ++++++++++++++++++++++++++++++--- 4 files changed, 48 insertions(+), 5 deletions(-) diff --git a/roles/api/defaults/main.yml b/roles/api/defaults/main.yml index 7648112..0257b03 100644 --- a/roles/api/defaults/main.yml +++ b/roles/api/defaults/main.yml @@ -6,6 +6,8 @@ debug: false desired_state: present # Create an SSH key to download private repos from GitHub my_github_key: ~/.ssh/github_key +inventory_key: ~/.vagrant.d/insecure_private_keys/vagrant.key.ed25519 +inventory_user: vagrant controller_repository_name: controller controller_repository_git_url: 'https://github.com/playingfield/controller' controller_repository_git_branch: main diff --git a/roles/api/tasks/controller.yml b/roles/api/tasks/controller.yml index 1e12cd1..483b817 100644 --- a/roles/api/tasks/controller.yml +++ b/roles/api/tasks/controller.yml @@ -14,8 +14,9 @@ status_code: 200 timeout: 5 register: semaphore_projects + no_log: "{{ not debug }}" - - name: "Create Project" + - name: "Create Controller Project" changed_when: "semaphore_project_created.status == 201" ansible.builtin.uri: use_proxy: false diff --git a/roles/api/tasks/cookie.yml b/roles/api/tasks/cookie.yml index 765806b..02c7fd2 100644 --- a/roles/api/tasks/cookie.yml +++ b/roles/api/tasks/cookie.yml @@ -33,6 +33,7 @@ no_log: "{{ not debug }}" - name: Save Cookie + when: login_response.status == 204 ansible.builtin.set_fact: cookie: "{{ login_response.cookies_string }}" - when: login_response.status == 204 + no_log: "{{ not debug }}" diff --git a/roles/api/tasks/credentials.yml b/roles/api/tasks/credentials.yml index bf264e2..618d0c8 100644 --- a/roles/api/tasks/credentials.yml +++ b/roles/api/tasks/credentials.yml @@ -23,9 +23,10 @@ headers: Cookie: "{{ cookie }}" status_code: 200 + no_log: "{{ not debug }}" register: semaphore_keystores - - name: Create SSH key for Controller + - name: Key Store - Controller changed_when: "semaphore_key_ansible_created.status == 204" ansible.builtin.uri: url: "{{ semaphore_api_url }}/project/{{ semaphore_project_id }}/keys" @@ -50,7 +51,7 @@ when: - "semaphore_keystores.json | selectattr('name', 'equalto', 'Controller-ssh-key') | length == 0" - - name: Read ssh key from system + - name: Read ssh key for GitHub delegate_to: localhost connection: local become: false @@ -60,7 +61,7 @@ register: "ssh_key_github" failed_when: false - - name: Create SSH key for GitHub + - name: Key Store - GitHub changed_when: "semaphore_key_github_created.status == 204" ansible.builtin.uri: use_proxy: false @@ -86,3 +87,41 @@ when: - ssh_key_github.content is defined - "semaphore_keystores.json | selectattr('name', 'equalto', 'github-ssh-key') | length == 0" + + - name: Read ssh_key_inventory for inventory_user + delegate_to: localhost + connection: local + become: false + no_log: "{{ not debug }}" + ansible.builtin.slurp: + path: "{{ inventory_key }}" + register: "ssh_key_inventory" + failed_when: false + + - name: "Key Store - {{ inventory_user}}-ssh-key" + changed_when: "semaphore_key_inventory_created.status == 204" + ansible.builtin.uri: + use_proxy: false + url: "{{ semaphore_api_url }}/project/{{ semaphore_project_id }}/keys" + method: POST + headers: + Cookie: "{{ cookie }}" + body: >- + { + "project_id": {{ semaphore_project_id | int }}, + "name": "{{ inventory_user}}-ssh-key", + "type": "ssh", + "login": "{{ inventory_user }}", + "ssh": + { + "private_key": {{ ssh_key_inventory.content | b64decode | to_json }} + } + } + body_format: json + status_code: 204 + timeout: 5 + no_log: "{{ not debug }}" + register: semaphore_key_inventory_created + when: + - ssh_key_inventory.content is defined + - "semaphore_keystores.json | selectattr('name', 'equalto', 'inventory-ssh-key') | length == 0"