| Mohammed Naser | 7b44730 | 2023-03-28 02:50:32 +0000 | [diff] [blame] | 1 | # Copyright (c) 2023 VEXXHOST, Inc. |
| 2 | # |
| 3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 4 | # not use this file except in compliance with the License. You may obtain |
| 5 | # a copy of the License at |
| 6 | # |
| 7 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | # |
| 9 | # Unless required by applicable law or agreed to in writing, software |
| 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| 12 | # License for the specific language governing permissions and limitations |
| 13 | # under the License. |
| 14 | |
| 15 | - name: Generate public key for SSH private key |
| 16 | become: false |
| 17 | delegate_to: localhost |
| 18 | block: |
| 19 | - name: Generate temporary file for SSH public key |
| Mohammed Naser | 2c748e7 | 2023-09-27 14:02:33 -0400 | [diff] [blame] | 20 | check_mode: false |
| Mohammed Naser | 7b44730 | 2023-03-28 02:50:32 +0000 | [diff] [blame] | 21 | changed_when: false |
| 22 | ansible.builtin.tempfile: |
| 23 | state: file |
| 24 | prefix: manila_ssh_key_ |
| 25 | register: _manila_ssh_key_tempfile |
| 26 | # NOTE(mnaser): It's important to add a trailing newline at the end of this |
| 27 | # string or else `ssh-keygen` will not be happy. |
| 28 | - name: Write contents of current private SSH key |
| Mohammed Naser | 2c748e7 | 2023-09-27 14:02:33 -0400 | [diff] [blame] | 29 | check_mode: false |
| Mohammed Naser | 7b44730 | 2023-03-28 02:50:32 +0000 | [diff] [blame] | 30 | changed_when: false |
| 31 | ansible.builtin.copy: |
| 32 | dest: "{{ _manila_ssh_key_tempfile.path }}" |
| 33 | content: "{{ manila_ssh_key }}\n" |
| 34 | mode: "0600" |
| 35 | - name: Generate public key for SSH private key |
| 36 | changed_when: false |
| 37 | community.crypto.openssh_keypair: |
| 38 | path: "{{ _manila_ssh_key_tempfile.path }}" |
| 39 | regenerate: never |
| 40 | register: _manila_ssh_publickey |
| 41 | always: |
| 42 | - name: Delete temporary file for public SSH key |
| Mohammed Naser | 2c748e7 | 2023-09-27 14:02:33 -0400 | [diff] [blame] | 43 | check_mode: false |
| Mohammed Naser | 7b44730 | 2023-03-28 02:50:32 +0000 | [diff] [blame] | 44 | changed_when: false |
| 45 | ansible.builtin.file: |
| 46 | path: "{{ _manila_ssh_key_tempfile.path }}" |
| 47 | state: absent |
| 48 | |
| 49 | - name: Create secret with the SSH keys |
| 50 | kubernetes.core.k8s: |
| 51 | state: present |
| 52 | definition: |
| 53 | apiVersion: v1 |
| 54 | kind: Secret |
| 55 | metadata: |
| 56 | name: "{{ manila_helm_release_name }}-ssh-keys" |
| 57 | namespace: "{{ manila_helm_release_namespace }}" |
| 58 | type: Opaque |
| 59 | data: |
| 60 | id_rsa: "{{ manila_ssh_key | b64encode }}" |
| 61 | id_rsa.pub: "{{ _manila_ssh_publickey.public_key | b64encode }}" |