git

2025-06-02 16:05:39 +00:00 · 2025-06-02 16:05:39 +00:00 · 9082135485
commit 9082135485
parent 94c51f716b
1 changed files with 11 additions and 25 deletions
--- a/containerAdmin.yml
+++ b/containerAdmin.yml
@ -14,6 +14,8 @@
    ssh_private_key: "{{ lookup('env', 'SSH_PRIVATE_KEY') }}"

    base_dir: "/home/ubuntu"
+    deploy_key_path: "/tmp/deploy_key"
+
    repo_core_url: "git@git.felcloud.io:felcloud/ansible_core_init_ansible.git"
    repo_env_url: "git@git.felcloud.io:felcloud/ansible_env_staging.git"

@ -21,21 +23,12 @@
    repo_env_dir: "{{ base_dir }}/ansible_env_staging"

  tasks:
-
-    - name: Write SSH private key to /tmp/deploy_key
+    - name: Write SSH private key to file
      ansible.builtin.copy:
        content: "{{ ssh_private_key }}"
-        dest: /tmp/deploy_key
+        dest: "{{ deploy_key_path }}"
        mode: '0600'

-    - name: Create SSH wrapper script
-      ansible.builtin.copy:
-        dest: /tmp/ssh_wrapper.sh
-        mode: '0755'
-        content: |
-          #!/bin/sh
-          exec ssh -i /tmp/deploy_key -o StrictHostKeyChecking=no -o BatchMode=yes "$@"
-
    - name: Remove existing core repo
      ansible.builtin.file:
        path: "{{ repo_core_dir }}"
@ -46,28 +39,29 @@
        path: "{{ repo_env_dir }}"
        state: absent

-    - name: Clone core repo via SSH using wrapper
+    - name: Clone core repo via SSH using GIT_SSH_COMMAND
      ansible.builtin.git:
        repo: "{{ repo_core_url }}"
        dest: "{{ repo_core_dir }}"
        version: "{{ main_br }}"
        force: yes
      environment:
-        GIT_SSH: /tmp/ssh_wrapper.sh
+        GIT_SSH_COMMAND: "ssh -i {{ deploy_key_path }} -o StrictHostKeyChecking=no -o BatchMode=yes"

-    - name: Clone env repo via SSH using wrapper
+    - name: Clone env repo via SSH using GIT_SSH_COMMAND
      ansible.builtin.git:
        repo: "{{ repo_env_url }}"
        dest: "{{ repo_env_dir }}"
        version: "{{ env_br }}"
        force: yes
      environment:
-        GIT_SSH: /tmp/ssh_wrapper.sh
+        GIT_SSH_COMMAND: "ssh -i {{ deploy_key_path }} -o StrictHostKeyChecking=no -o BatchMode=yes"

-    - name: Inject SSH private key into custom_files/id_rsa (for Docker build)
+    - name: Inject SSH private key into custom_files/id_rsa
      ansible.builtin.copy:
-        content: "{{ ssh_private_key }}"
+        src: "{{ deploy_key_path }}"
        dest: "{{ repo_core_dir }}/custom_files/id_rsa"
+        remote_src: yes
        mode: '0600'

    - name: Build the Docker image from core repo
@ -92,11 +86,3 @@
        volumes:
          - "{{ repo_env_dir }}:/home/cloud/ansible_env_staging"

-    - name: Clean up SSH key and wrapper
-      ansible.builtin.file:
-        path: "{{ item }}"
-        state: absent
-      loop:
-        - /tmp/deploy_key
-        - /tmp/ssh_wrapper.sh
-