majic-ansible-roles Files · roles/bootstrap/molecule/default/prepare.yml

Files @ 770551dc8c6f

Branch filter:

Location: majic-ansible-roles/roles/bootstrap/molecule/default/prepare.yml

770551dc8c6f 822 B text/x-yaml Show Annotation Show as Raw Download as Raw

branko

MAR-148: Improve the SSH connectivity tests in backup_server role to be more reliable:

- Introduce a session-level fixture for setting permissions for client
SSH private keys (fixes errors related to SSH requesting tighter
permissions).
- Add assertions for the tests that verify the backup clients cannot
connect to the regular SSH server in case the SSH private keys do
not have correct permissions (just in case).

---

- name: Prepare
  hosts: all
  gather_facts: false
  tasks:
    - name: Install python for Ansible
      raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
      become: true
      changed_when: false

# Put Ansible key into root's authorized_keys to test its removal.
- hosts: parameters-mandatory
  become: true
  tasks:

    - name: Deploy authorized_keys to mimic set-up via preseed file
      authorized_key:
        user: root
        key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"

# Put Ansible key into root's authorized_keys to test its removal.
- hosts: parameters-optional
  become: true
  tasks:

    - name: Deploy authorized_keys to mimic set-up via preseed file
      authorized_key:
        user: root
        key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"