Skip to content

Instantly share code, notes, and snippets.

@IssacTran

IssacTran/deployer_defaults_main.yml

Forked from jverdeyen/deployer_defaults_main.yml
Created June 15, 2016 07:23
Show Gist options
  • Save IssacTran/706509892015c4d4ed510f19e92331d8 to your computer and use it in GitHub Desktop.
Save IssacTran/706509892015c4d4ed510f19e92331d8 to your computer and use it in GitHub Desktop.
Download ZIP
Ansible role to push deploy key onto Gitlab instance
Raw
deployer_defaults_main.yml
---
deployer_user: deploy
deployer_group: deploy
deployer_groups: ['admin']
deployer_user_ssh_key_file: .ssh/id_rsa
deployer_gitlab_api: https://[gitlab-domain]/api/v3/
deployer_gitlab_token: [gitlab-token-for-specific-user]
deployer_gitlab_key_title: "{{ ansible_hostname }}_deployer"
Raw
deployer_tasks_main.yml
---
- name: Create deployer group
group: name={{ deployer_group }} state=present
- name: Create deployer user and generate a ssh key
user: name={{ deployer_user }}
group={{ deployer_group }}
groups={{ deployer_groups | join(',') }}
state=present
shell=/bin/bash
generate_ssh_key=yes
ssh_key_type=rsa
ssh_key_file="{{ deployer_user_ssh_key_file }}"
register: deploy_user_created
- name: Assign ssh key to a variable
shell:
cat /home/{{ deployer_user }}/{{ deployer_user_ssh_key_file }}.pub
register: deployer_user_public_key
when: deploy_user_created.changed
- name: Push the generated ssh key to the Gitlab instance
uri: >
url="{{ deployer_gitlab_api }}user/keys"
method=POST
status_code=201
HEADER_PRIVATE-TOKEN="{{ deployer_gitlab_token }}"
HEADER_Content-Type="application/json"
body="{\"title\": \"{{ deployer_gitlab_key_title }}\", \"key\": \"{{ deployer_user_public_key.stdout_lines.0 }}\"}"
when: deploy_user_created.changed
- name: Ensure .ssh/config file exists
file: state=touch path="/home/{{ deployer_user }}/.ssh/config"
- name: Disable host key checking
lineinfile: dest=/home/{{ deployer_user }}/.ssh/config line='Host *\n \tStrictHostKeyChecking no\n\tUserKnownHostsFile=/dev/null'
- name: Add deploy group to sudoers file and validate
lineinfile: dest=/etc/sudoers state=present regexp='^%{{ deployer_group }}' line='%{{ deployer_group }} ALL=(ALL) NOPASSWD:ALL' validate="visudo -cf %s"
@IssacTran
Copy link
Author

IssacTran commented Jun 15, 2016
edited
Loading 

 name: Push the generated ssh key to the Gitlab Deploy Keys
  uri: >
      url="{{ deployer_gitlab_api }}projects/{{ repo_project_id }}/keys"
      return_content=yes
      body_format=json
      method=POST
      status_code=201,200,304,400,401,403,404,405,409,422,500
      HEADER_PRIVATE-TOKEN="{{ deployer_gitlab_token }}"
      body="{{ data_json_push.stdout_lines.0 }}"
  when: deployer_use_deploy_key == false

@IssacTran
Copy link
Author

IssacTran commented Jun 15, 2016
edited
Loading

You can't use newlines like this in yaml. Try this instead (the ">" indicates that the next lines are to be concatenated):

Create an item via API

- uri: >
    url="http://www.myapi.com/create"
    method=POST return_content=yes HEADER_Content-Type="application/json"
    body="{{ lookup('file','create_body.json') | to_json }}"

But I find this much better:

Create an item via API

- uri: 
    url: "http://www.myapi.com/create"
    method: POST
    return_content: yes
    HEADER_Content-Type: "application/json"
    body: "{{ lookup('file','create_body.json') | to_json }}"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment