Remove ssh-key-copying tasks, ssh_key_name config

Preferring ssh-agent forwarding to copying user's ssh keys. As a bonus, ansible tasks don't need to know or care about the name or path of the user's ssh private key file, and the configuration is simplified.
2019-02-14 15:38:58 -07:00 · 2019-02-14 15:38:58 -07:00 · 038ea71dc4
parent 4445214926
commit 038ea71dc4
4 changed files with 1 additions and 33 deletions
--- a/README.md
+++ b/README.md
@ -165,7 +165,7 @@ $ git clone git@github.com:zcash/zcash-gitian.git



-## Add git and ssh config values to gitian.yml
+## Add git config values to gitian.yml

 The `gitian.yml` file in the root of the project has some blank values that need to be updated or
 filled in:
@ -173,8 +173,6 @@ filled in:
 - `zcash_version`: The git tag name of the version of zcash you want to build
 - `git_name`: You probably want the output from `git config user.name`
 - `git_email`: You probably want the output from `git config user.email`
- `ssh_key_name`: The filename of your private key. In the steps above we used the name
-`github_id_rsa`.



--- a/gitian.yml
+++ b/gitian.yml
@ -9,7 +9,6 @@
    git_name: ''
    git_email: ''
    gpg_key_id: ''
-    ssh_key_name: '' # optional
  roles:
    - role: common
      tags: common
--- a/roles/gitian/tasks/main.yml
+++ b/roles/gitian/tasks/main.yml
@ -211,11 +211,6 @@
  become: no
  when: gpg_key_id is defined and gpg_key_id != ''

- include_tasks: ssh.yml
-  tags: ssh
-  become: no
-  when: ssh_key_name is defined and ssh_key_name != ''
-
 - name: Display help message.
  debug:
    msg: >-
--- a/roles/gitian/tasks/ssh.yml
+++ b/roles/gitian/tasks/ssh.yml
@ -1,24 +0,0 @@
---
- name: Check that the SSH key exists locally.
-  local_action: "stat path={{ lookup('env', 'HOME') }}/.ssh/{{ ssh_key_name }}"
-  become: no
-  register: ssh_key
-
- name: Make SSH home directory.
-  file:
-    path: "/home/{{ gitian_user }}/.ssh"
-    state: directory
-    mode: "0700"
-    owner: "{{ gitian_user }}"
-    group: "{{ gitian_user }}"
-
- name: Copy the SSH public and private key.
-  synchronize:
-    src: "{{ lookup('env', 'HOME') }}/.ssh/{{ item }}"
-    dest: "/home/{{ gitian_user }}/.ssh/{{ item }}"
-    archive: yes
-    owner: yes
-  with_items:
-    - "{{ ssh_key_name }}"
-    - "{{ ssh_key_name }}.pub"
-  when: ssh_key.stat.exists