daily pastebin goal
66%
SHARE
TWEET

Untitled

a guest Sep 13th, 2017 348 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # gitlab vars
  2. deployer_user: user
  3. deployer_group: user
  4. deployer_user_ssh_key_file: .ssh/id_rsa
  5. deployer_gitlab_api: https://gitlab.example.com/api/v4
  6.  
  7. # Generated at
  8. https://gitlab.example.com/profile/personal_access_tokens
  9. deployer_gitlab_token: secret_token_here
  10.  
  11. deployer_gitlab_key_title: "{{ ansible_hostname }}_deployer"
  12.    
  13. - name: Make sure deployer user has ssh key
  14.   user:
  15.     name: '{{ deployer_user }}'
  16.     generate_ssh_key: yes
  17.  
  18. - name: Check if GitLab has this user's SSH key
  19.   uri:
  20.     url: "{{ deployer_gitlab_api }}/user/keys"
  21.     method: GET
  22.     status_code: [200]
  23.     headers:
  24.       private-token: "{{ deployer_gitlab_token }}"
  25.       Content-Type: "application/json"
  26.   register: user_ssh_keys
  27.  
  28. - name: Assign ssh key to a variable
  29.   shell:
  30.     cat /home/{{ deployer_user }}/{{ deployer_user_ssh_key_file }}.pub
  31.   register: deployer_user_public_key
  32.   when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  33.  
  34. - name: Push the generated ssh key to the GitLab instance
  35.   uri:
  36.       url: "{{ deployer_gitlab_api }}/user/keys"
  37.       method: POST
  38.       status_code: [201, 400]
  39.       headers:
  40.         private-token: "{{ deployer_gitlab_token }}"
  41.         Content-Type: "application/json"
  42.       body: >
  43.         {
  44.           "title": "{{ deployer_gitlab_key_title }}",
  45.           "key": "{{ deployer_user_public_key.stdout_lines.0 }}"
  46.         }
  47.       body_format: json
  48.   when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  49.  
  50. - name: Ensure .ssh/config file exists
  51.   file: state=touch path="/home/{{ deployer_user }}/.ssh/config"
  52.   when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  53.  
  54. - name: Disable host key checking
  55.   lineinfile: dest=/home/{{ deployer_user }}/.ssh/config line='Host *n tStrictHostKeyChecking nontUserKnownHostsFile=/dev/null'
  56.   when: not user_ssh_keys.json | selectattr('title', 'equalto', deployer_gitlab_key_title) | list | length > 0
  57.  
  58. - name: Add deploy group to sudoers file and validate
  59.   lineinfile: dest=/etc/sudoers state=present regexp='^%{{ deployer_group }}' line='%{{ deployer_group }} ALL=(ALL) NOPASSWD:ALL' validate="visudo -cf %s"
  60.  
  61. - name: Checkout source code
  62.   git:
  63.     repo: "git@gitlab.example.com:john.doe/my_repo.git"
  64.      dest: /home/{{ deployer_user }}/csip_v3
  65.     key_file: /home/{{ deployer_user }}/.ssh/id_rsa
  66.     accept_hostkey: true
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top