API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 13th, 2017
466
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.40 KB | None | 0 0
raw download clone embed print report
  1. # gitlab vars
  2. deployer_user: user
  3. deployer_group: user
  4. deployer_user_ssh_key_file: .ssh/id_rsa
  5. deployer_gitlab_api: https://gitlab.example.com/api/v4
  6.  
  7. # Generated at
  8. https://gitlab.example.com/profile/personal_access_tokens
  9. deployer_gitlab_token: secret_token_here
  10.  
  11. deployer_gitlab_key_title: "{{ ansible_hostname }}_deployer"
  12.  
  13. - name: Make sure deployer user has ssh key
  14. user:
  15. name: '{{ deployer_user }}'
  16. generate_ssh_key: yes
  17.  
  18. - name: Check if GitLab has this user's SSH key
  19. uri:
  20. url: "{{ deployer_gitlab_api }}/user/keys"
  21. method: GET
  22. status_code: [200]
  23. headers:
  24. private-token: "{{ deployer_gitlab_token }}"
  25. Content-Type: "application/json"
  26. register: user_ssh_keys
  27.  
  28. - name: Assign ssh key to a variable
  29. shell:
  30. cat /home/{{ deployer_user }}/{{ deployer_user_ssh_key_file }}.pub
  31. register: deployer_user_public_key
  32. when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  33.  
  34. - name: Push the generated ssh key to the GitLab instance
  35. uri:
  36. url: "{{ deployer_gitlab_api }}/user/keys"
  37. method: POST
  38. status_code: [201, 400]
  39. headers:
  40. private-token: "{{ deployer_gitlab_token }}"
  41. Content-Type: "application/json"
  42. body: >
  43. {
  44. "title": "{{ deployer_gitlab_key_title }}",
  45. "key": "{{ deployer_user_public_key.stdout_lines.0 }}"
  46. }
  47. body_format: json
  48. when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  49.  
  50. - name: Ensure .ssh/config file exists
  51. file: state=touch path="/home/{{ deployer_user }}/.ssh/config"
  52. when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  53.  
  54. - name: Disable host key checking
  55. lineinfile: dest=/home/{{ deployer_user }}/.ssh/config line='Host *n tStrictHostKeyChecking nontUserKnownHostsFile=/dev/null'
  56. when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  57.  
  58. - name: Add deploy group to sudoers file and validate
  59. lineinfile: dest=/etc/sudoers state=present regexp='^%{{ deployer_group }}' line='%{{ deployer_group }} ALL=(ALL) NOPASSWD:ALL' validate="visudo -cf %s"
  60.  
  61. - name: Checkout source code
  62. git:
  63. repo: "git@gitlab.example.com:john.doe/my_repo.git"
  64. dest: /home/{{ deployer_user }}/csip_v3
  65. key_file: /home/{{ deployer_user }}/.ssh/id_rsa
  66. accept_hostkey: true
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!