Skip to content

Commit

Permalink
ansible: store cloudflare credentials on release builders
Browse files Browse the repository at this point in the history
  • Loading branch information
@MoLow
MoLow committed Sep 26, 2023
1 parent e3059d7 commit 95a6fd5
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 0 deletions.
1 change: 1 addition & 0 deletions ansible/roles/read-secrets/tasks/partials/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,4 @@
with_items:
- { 'key': 'staging_key', 'file': "staging_id_rsa_private.key" }
- { 'key': 'known_hosts', 'file': "known_hosts" }
- { 'key': 'worker_credentials', 'file': "release-cloudflare-worker-credentials" }
1 change: 1 addition & 0 deletions ansible/roles/release-builder/files/worker_config
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
[profile worker]
21 changes: 21 additions & 0 deletions ansible/roles/release-builder/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,3 +36,24 @@
state: present
become: yes
become_user: "{{ server_user }}"

- name: create .aws directory
ansible.builtin.file:
dest: "{{ release_home_dir }}/.aws"
owner: "{{ server_user }}"
group: "{{ server_user }}"
state: directory

- name: copy credentials to deploy release artifacts
ansible.builtin.copy:
content: "{{ secrets.worker_credentials }}"
dest: "{{ release_home_dir }}/.aws/credentials"
owner: "{{ server_user }}"
group: "{{ server_user }}"

- name: write worker_config
ansible.builtin.copy:
dest: "{{ release_home_dir }}/.aws/config"
src: "{{ role_path }}/files/worker_config"
owner: "{{ server_user }}"
group: "{{ server_user }}"

0 comments on commit 95a6fd5

Please sign in to comment.