zuul/zuul-jobs
Code Issues Proposed changes
Files
6c3e76af1ad4de35911012a3db09d72508a35dcb
zuul-jobs/roles/add-authorized-keys
History
Albin Vass 9062289151 Check for loop_control in with_ type loops 
Change-Id: I191265df7709a6262b44a428d78fe28ffaeb4b75
2020-05-01 13:45:34 +02:00
..
tasks
Check for loop_control in with_ type loops
2020-05-01 13:45:34 +02:00
README.rst
role: Inject public keys in case of failure
2018-02-28 10:39:07 +00:00

README.rst

Install SSH public key(s) on all hosts

This role is intended to be run at the end of a failed job for which the build node set will be held with zuul's autohold command.

It copies the public key(s) into the authorized_keys file of every host in the inventory, allowing privileged users to access the node set for debugging or post-mortem analysis.

Add this stanza at the end of your project's base post playbook to activate this functionality:

- hosts: all
  roles:
    - role: add-authorized-keys
      public_keys:
        - public_key: ssh-rsa AAAAB... venkman@parapsy.columbia.edu
        - public_key: ssh-rsa AAAAB... spengler@parapsy.columbia.edu
      when: not zuul_success | bool

Caution

Including this role earlier in any playbook may allow the keys' owners to tamper with the execution of the jobs. It is strongly advised against doing so.

Role Variables

A list of keys to inject.

A public key to inject into authorized_keys, or a URL to a public key.

View Git Blame Copy Permalink