Use tempfile for ssh private key

We do this for our GPG keys, lets also do it for SSH keys. Change-Id: I0ec4b6a0bbadc4ab01e5e3e4987da3a40b7a1237 Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-08-25 13:25:23 -04:00 · 2017-08-25 13:25:23 -04:00 · df50917f66
commit df50917f66
parent fd162957d3
1 changed files with 8 additions and 3 deletions
--- a/roles/add-fileserver/tasks/main.yaml
+++ b/roles/add-fileserver/tasks/main.yaml
@ -1,14 +1,19 @@
+- name: Create SSH private key tempfile
+  tempfile:
+    state: file
+  register: ssh_private_key_tmp
+
 - name: Create SSH private key from secret
  copy:
    content: "{{ fileserver.ssh_private_key }}"
-    dest: ~/.ssh/fileserver_id_rsa
+    dest: "{{ ssh_private_key_tmp.path }}"
    mode: 0600

 - name: Add fileserver ssh key
-  command: ssh-add ~/.ssh/fileserver_id_rsa
+  command: "ssh-add {{ ssh_private_key_tmp.path }}"

 - name: Remove SSH private key from disk
-  command: shred ~/.ssh/fileserver_id_rsa
+  command: "shred {{ ssh_private_key_tmp.path }}"

 - name: Add fileserver to inventory
  add_host: