faten/containerAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

git

Browse Source
This commit is contained in:
faten 2025-06-02 16:05:39 +00:00
parent 94c51f716b
commit 9082135485
1 changed files with 11 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
containerAdmin.yml
View File

@ -14,6 +14,8 @@
ssh_private_key: "{{ lookup('env', 'SSH_PRIVATE_KEY') }}" ssh_private_key: "{{ lookup('env', 'SSH_PRIVATE_KEY') }}"
base_dir: "/home/ubuntu" base_dir: "/home/ubuntu"
deploy_key_path: "/tmp/deploy_key"
repo_core_url: "git@git.felcloud.io:felcloud/ansible_core_init_ansible.git" repo_core_url: "git@git.felcloud.io:felcloud/ansible_core_init_ansible.git"
repo_env_url: "git@git.felcloud.io:felcloud/ansible_env_staging.git" repo_env_url: "git@git.felcloud.io:felcloud/ansible_env_staging.git"
@ -21,21 +23,12 @@
repo_env_dir: "{{ base_dir }}/ansible_env_staging" repo_env_dir: "{{ base_dir }}/ansible_env_staging"
tasks: tasks:
- name: Write SSH private key to file
- name: Write SSH private key to /tmp/deploy_key
ansible.builtin.copy: ansible.builtin.copy:
content: "{{ ssh_private_key }}" content: "{{ ssh_private_key }}"
dest: /tmp/deploy_key dest: "{{ deploy_key_path }}"
mode: '0600' mode: '0600'
- name: Create SSH wrapper script
ansible.builtin.copy:
dest: /tmp/ssh_wrapper.sh
mode: '0755'
content: |
#!/bin/sh
exec ssh -i /tmp/deploy_key -o StrictHostKeyChecking=no -o BatchMode=yes "$@"
- name: Remove existing core repo - name: Remove existing core repo
ansible.builtin.file: ansible.builtin.file:
path: "{{ repo_core_dir }}" path: "{{ repo_core_dir }}"
@ -46,28 +39,29 @@
path: "{{ repo_env_dir }}" path: "{{ repo_env_dir }}"
state: absent state: absent
- name: Clone core repo via SSH using wrapper - name: Clone core repo via SSH using GIT_SSH_COMMAND
ansible.builtin.git: ansible.builtin.git:
repo: "{{ repo_core_url }}" repo: "{{ repo_core_url }}"
dest: "{{ repo_core_dir }}" dest: "{{ repo_core_dir }}"
version: "{{ main_br }}" version: "{{ main_br }}"
force: yes force: yes
environment: environment:
GIT_SSH: /tmp/ssh_wrapper.sh GIT_SSH_COMMAND: "ssh -i {{ deploy_key_path }} -o StrictHostKeyChecking=no -o BatchMode=yes"
- name: Clone env repo via SSH using wrapper - name: Clone env repo via SSH using GIT_SSH_COMMAND
ansible.builtin.git: ansible.builtin.git:
repo: "{{ repo_env_url }}" repo: "{{ repo_env_url }}"
dest: "{{ repo_env_dir }}" dest: "{{ repo_env_dir }}"
version: "{{ env_br }}" version: "{{ env_br }}"
force: yes force: yes
environment: environment:
GIT_SSH: /tmp/ssh_wrapper.sh GIT_SSH_COMMAND: "ssh -i {{ deploy_key_path }} -o StrictHostKeyChecking=no -o BatchMode=yes"
- name: Inject SSH private key into custom_files/id_rsa (for Docker build) - name: Inject SSH private key into custom_files/id_rsa
ansible.builtin.copy: ansible.builtin.copy:
content: "{{ ssh_private_key }}" src: "{{ deploy_key_path }}"
dest: "{{ repo_core_dir }}/custom_files/id_rsa" dest: "{{ repo_core_dir }}/custom_files/id_rsa"
remote_src: yes
mode: '0600' mode: '0600'
- name: Build the Docker image from core repo - name: Build the Docker image from core repo
@ -92,11 +86,3 @@
volumes: volumes:
- "{{ repo_env_dir }}:/home/cloud/ansible_env_staging" - "{{ repo_env_dir }}:/home/cloud/ansible_env_staging"
- name: Clean up SSH key and wrapper
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop:
- /tmp/deploy_key
- /tmp/ssh_wrapper.sh