9ebb3886d1
This will allow all nodes to SSH to each other, which should facilitate some multi-node jobs that need this enabled. We set "force" to "no" on the copies since this is in the base job's pre.yml, meaning it should run before basically anything else. Change-Id: If11f05f5cced71f6e9f634195e628ea68813c4cf
44 lines
1013 B
YAML
44 lines
1013 B
YAML
- name: Create Temp SSH key
|
|
command: ssh-keygen -t rsa -b 1024 -N '' -f {{ zuul_temp_ssh_key }}
|
|
delegate_to: localhost
|
|
run_once: true
|
|
|
|
- name: Enable access via build key on all nodes
|
|
authorized_key:
|
|
user: "{{ ansible_ssh_user }}"
|
|
state: present
|
|
key: "{{ lookup('file', zuul_temp_ssh_key + '.pub') }}"
|
|
|
|
- name: Make sure user has a .ssh
|
|
file:
|
|
state: directory
|
|
path: "~/.ssh"
|
|
mode: 0700
|
|
|
|
- name: Install build private key as SSH key on all nodes
|
|
copy:
|
|
src: "{{ zuul_temp_ssh_key }}"
|
|
dest: "~/.ssh/id_rsa"
|
|
mode: 0600
|
|
force: no
|
|
|
|
- name: Install build public key as SSH key on all nodes
|
|
copy:
|
|
src: "{{ zuul_temp_ssh_key }}.pub"
|
|
dest: "~/.ssh/id_rsa.pub"
|
|
mode: 0644
|
|
force: no
|
|
|
|
- name: Remove all keys from local agent
|
|
command: ssh-add -D
|
|
delegate_to: localhost
|
|
run_once: true
|
|
|
|
- name: Add back temp key
|
|
command: ssh-add {{ zuul_temp_ssh_key }}
|
|
delegate_to: localhost
|
|
run_once: true
|
|
|
|
- name: Verify we can still SSH to all nodes
|
|
ping:
|