playbooks/clone-repo: using shell commands to clone repo

by using shell commands we have more flexibility to clone the repo using specific ssh keys. Additionally we provide the passphrase for the ssh key using the AXW vault. Signed-off-by: Marc Mattmüller <marc.mattmueller@netmodule.com>
2023-06-13 10:33:20 +02:00 · 2023-06-13 10:33:20 +02:00 · 2438809884
parent 4d9f64f3dc
commit 2438809884
1 changed files with 50 additions and 7 deletions
--- a/playbooks/getting_started/clone-repository.yml
+++ b/playbooks/getting_started/clone-repository.yml
@ -1,16 +1,59 @@
 - name: Clone a Git Repository
  hosts: linux
  gather_facts: no
+  vars:
+    git_repo_path: "~/nwl-ci"
+    ssh_auto_sshadd_file: "~/auto-sshadd"
+    ssh_keyfile: "~/.ssh/testvm_ed25519"
+    ssh_passphrase: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          61323235356163363166663139613464303262333231656236313335313133373330316431333139
+          3135643639363966653938663666653831393132633765340a306665393864343466376637386661
+          39353535616366393631333161613065356666626266396138633866346462316365663339613263
+          6564643935326565630a386266376230613230336564363066373730363239303763663666363462
+          35353634626464656436633165316336323839616463333064633363306337353534
  tasks:
+    - name: Check if auto-sshadd file exists
+      stat:
+        path: "{{ ssh_auto_sshadd_file }}"
+      register: auto_sshadd_stat
+
+    - name: Check if repo exists
+      stat:
+        path: "{{ git_repo_path }}"
+      register: repo_dir_stat
+
+    - name: Prepare auto ssh-add file
+      register: prepareAutoSshAdd
+      ansible.builtin.shell: |
+        echo -e '#!/bin/bash\necho $SSH_PASS' > {{ ssh_auto_sshadd_file }}
+      when: not auto_sshadd_stat.stat.exists
+
+    - name: Load SSH key
+      register: loadingSshKey
+      ansible.builtin.shell: |
+        eval `ssh-agent -s`
+        SSH_PASS={{ssh_passphrase}} DISPLAY=1 SSH_ASKPASS="{{ssh_auto_sshadd_file}}" ssh-add {{ssh_keyfile}} < /dev/null
+    - name: Display ssh key loading output
+      debug:
+        msg: "{{loadingSshKey.stdout_lines}}"
+
    - name: Clone a develop branch
      register: clonerepo
-      git:
-        repo: ssh://git@bitbucket.gad.local:7999/nm-nsp/nwl-ci.git
-        dest: /home/user
-        clone: yes
-        update: yes
-        single_branch: yes
-        version: develop
+      ansible.builtin.shell: |
+        git clone ssh://git@bitbucket.gad.local:7999/nm-nsp/{{git_repo_path}}.git {{git_repo_path}}
+      when: not auto_sshadd_stat.stat.exists
    - name: Display cloning output
      debug:
        msg: "{{clonerepo.stdout_lines}}"
+
+    - name: Checkout and update branch
+      register: updaterepo
+      ansible.builtin.shell: |
+        cd nwl-ci
+        git checkout develop
+        git fetch -ap
+        git pull
+    - name: Display repo update output
+      debug:
+        msg: "{{updaterepo.stdout_lines}}"