Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Grab ACCESS_TOKEN from envvar #9

Merged
merged 6 commits into from
Jul 5, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@ jobs:
strategy:
matrix:
distro:
- centos8
- ubuntu1804
# - centos8
# - ubuntu1804
- ubuntu2004
# - ubuntu2204
- debian10
Expand Down
11 changes: 9 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# Motley-cue Role

This ansible role installs the [motley-cue](https://motley-cue.readthedocs.io/en/latest/) software.
This ansible role installs the [motley-cue](https://motley-cue.readthedocs.io/) software.
The github repository of the motley-cue is [here](https://github.com/dianagudu/motley_cue).

## Example Playbook
Expand All @@ -14,6 +14,13 @@ This an example of how to install this role:
roles:
- { role: 'grycap.motley-cue', ssh_oidc_my_vo: true, ssh_oidc_other_vos: 'vo_name' }

And then execute it with:

ansible-playbook --extra-vars ACCESS_TOKEN=$(oidc-token <account>) playbook.yaml

To get the `oidc-token` command working please check [ssh-oidc](https://github.com/EOSC-synergy/ssh-oidc)

# Contributing to the role
In order to keep the code clean, pushing changes to the master branch has been disabled. If you want to contribute, you have to create a branch, upload your changes and then create a pull request.

In order to keep the code clean, pushing changes to the master branch has been disabled. If you want to contribute, you have to create a branch, upload your changes and then create a pull request.
Thanks
2 changes: 1 addition & 1 deletion tasks/Debian.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@

- name: Add apt KIT repository debian
apt_repository:
repo: deb [signed-by=/etc/apt/trusted.gpg.d/kitrepo-archive.asc] https://repo.data.kit.edu/debian/{{ansible_distribution_version}} ./
repo: deb [signed-by=/etc/apt/trusted.gpg.d/kitrepo-archive.asc] https://repo.data.kit.edu/debian/{{ansible_distribution_major_version}} ./
state: present
14 changes: 12 additions & 2 deletions tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -88,13 +88,23 @@
line: '#!/usr/bin/python3.8'
when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "18"

- name: Set access token with IM for contextualise_ssh_server
set_fact:
OIDC_ACCESS_TOKEN: "{{ IM_INFRASTRUCTURE_AUTH }}"
when: IM_INFRASTRUCTURE_AUTH is defined and IM_INFRASTRUCTURE_AUTH is not search(":")

- name: Set access token as extra-var for contextualise_ssh_server
set_fact:
OIDC_ACCESS_TOKEN: "{{ ACCESS_TOKEN }}"
when: ACCESS_TOKEN is defined

- name: Execute contextualise_ssh_server command
command: contextualise_ssh_server {{IM_INFRASTRUCTURE_AUTH}}
command: contextualise_ssh_server {{OIDC_ACCESS_TOKEN}}
args:
chdir: /opt/motley_cue
creates: /opt/motley_cue/motley_cue.conf
when: IM_INFRASTRUCTURE_AUTH is defined and IM_INFRASTRUCTURE_AUTH is not search(":")
register: contextualise_ssh_server
when: OIDC_ACCESS_TOKEN is defined
environment: "{{command_env}}"

- name: Copy conf files to /etc
Expand Down
Loading