1e0af6779b
This change enables a kubectl connection job to just remove the zuul sshkey, without using the add-build-sshkey role which doesn't work on pod. To do that, this change moves the sshagent_remove_key task to a new role and makes add-build-sshkey use the new role. Change-Id: I5e7288592cad303df919220259f5a360bf522f64 |
||
|---|---|---|
| .. | ||
| tasks | ||
| vars | ||
| README.rst | ||
Generate and install a build-local SSH key on all hosts
This role is intended to be run on the Zuul Executor at the start of every job. It generates an SSH keypair and installs the public key in the authorized_keys file of every host in the inventory. It then removes the Zuul master key from this job's SSH agent so that the original key used to log into all of the hosts is no longer accessible (any per-project keys, if present, remain available), then adds the newly generated private key.
Role Variables
Where to put the newly-generated SSH private key.