test123123

containerAdmin.yml

@@ -1,34 +1,31 @@
-- name: Clone SSH repos, inject private key, build and run container
+- name: Ensure SSH key is present on remote host
+  hosts: docker_host
+  gather_facts: false
+  tasks:
+    - name: Write SSH private key to /tmp/deploy_key on remote host
+      ansible.builtin.copy:
+        content: "{{ lookup('env', 'SSH_PRIVATE_KEY') }}"
+        dest: "/tmp/deploy_key"
+        mode: '0600'
+
+- name: Clone repos and run container
   hosts: docker_host
   remote_user: ubuntu
-  gather_facts: true
   become: yes
   become_method: sudo
   become_user: root
-
   vars:
-    ansible_remote_tmp: /tmp/.ansible-ubuntu
     main_br: "{{ lookup('env', 'MAIN_BR') | default('main', true) }}"
     env_br: "{{ lookup('env', 'ENV_BR') | default('main', true) }}"
     playbook_file: "{{ lookup('env', 'PLAYBOOK_FILE') | default('base.yaml') }}"
-    ssh_private_key: "{{ lookup('env', 'SSH_PRIVATE_KEY') }}"
-
     base_dir: "/home/ubuntu"
     deploy_key_path: "/tmp/deploy_key"
-
     repo_core_url: "git@git.felcloud.io:felcloud/ansible_core_init_ansible.git"
     repo_env_url: "git@git.felcloud.io:felcloud/ansible_env_staging.git"
-
     repo_core_dir: "{{ base_dir }}/ansible_core_init_ansible"
     repo_env_dir: "{{ base_dir }}/ansible_env_staging"
 
   tasks:
-    - name: Write SSH private key to file
-      ansible.builtin.copy:
-        content: "{{ ssh_private_key }}"
-        dest: "{{ deploy_key_path }}"
-        mode: '0600'
-
     - name: Remove existing core repo
       ansible.builtin.file:
         path: "{{ repo_core_dir }}"
@@ -39,7 +36,7 @@
         path: "{{ repo_env_dir }}"
         state: absent
 
-    - name: Clone core repo via SSH using GIT_SSH_COMMAND
+    - name: Clone core repo via SSH
       ansible.builtin.git:
         repo: "{{ repo_core_url }}"
         dest: "{{ repo_core_dir }}"
@@ -48,7 +45,7 @@
       environment:
         GIT_SSH_COMMAND: "ssh -i {{ deploy_key_path }} -o StrictHostKeyChecking=no -o BatchMode=yes"
 
-    - name: Clone env repo via SSH using GIT_SSH_COMMAND
+    - name: Clone env repo via SSH
       ansible.builtin.git:
         repo: "{{ repo_env_url }}"
         dest: "{{ repo_env_dir }}"
@@ -57,14 +54,14 @@
       environment:
         GIT_SSH_COMMAND: "ssh -i {{ deploy_key_path }} -o StrictHostKeyChecking=no -o BatchMode=yes"
 
-    - name: Inject SSH private key into custom_files/id_rsa
+    - name: Inject SSH private key into core repo for container use
       ansible.builtin.copy:
         src: "{{ deploy_key_path }}"
         dest: "{{ repo_core_dir }}/custom_files/id_rsa"
         remote_src: yes
         mode: '0600'
 
-    - name: Build the Docker image from core repo
+    - name: Build the Docker image
       community.docker.docker_image:
         name: ansible-pulumi
         tag: local