working version

Author: RicHincapie

.github/workflows/gcp-vm.yaml

@@ -27,10 +27,11 @@ jobs:
           ansible --version
           ansible-galaxy collection install google.cloud
 
-      # - name: Save SSH key for ansible
-      #   run: |
-      #     echo "${{ secrets.GCP_SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
-      #     chmod 600 ~/id_ed25519
+      # Had to do it outside Ansible because the builtin copy module breaks the ssh file somehow
+      - name: Save SSH key for ansible
+        run: |
+          echo "${{ secrets.GCP_SSH_PRIVATE_KEY }}" > ${{ env.SSH_PATH }}
+          chmod 600 ${{ env.SSH_PATH }}
 
       - name: Extract branch/tag name
         id: extract
@@ -53,20 +54,16 @@ jobs:
           OWNER_LABEL: ${{ env.OWNER_LABEL }}
           TEAM_LABEL: ${{ env.TEAM_LABEL }}
           SSH_USER: ${{ env.SSH_USER }}
+          SSH_PATH: ${{ env.SSH_PATH }}
           TSB_SYNC_PASS: ${{ secrets.TSB_SYNC_PASS }}
           TSB_SYNC_USR: ${{ secrets.TSB_SYNC_USR }}
         run: |
           ansible-playbook -i "localhost ansible_connection=local", ansible/playbook-gcp-vm-create.yaml
 
-      - name: Check ssh file
-        run: |
-          ssh-keygen -l -f ~/id_ed25519
-
       - name: Run Ansible playbook on the VM
         run: |
           ansible-playbook -i /tmp/inventory.ini ansible/playbook.yaml
 
-
       - name: Always delete VM after failure
         if: failure()
         env:

ansible/playbook-gcp-vm-create.yaml

@@ -12,7 +12,7 @@
     ssh_private_key: "{{ lookup('env', 'GCP_SSH_PRIVATE_KEY') }}"
     ssh_public_key: "{{ lookup('env', 'GCP_SSH_PUBLIC_KEY') }}"
     ansible_user: "{{ ssh_user }}"
-    ssh_path: "~/id_ed25519"
+    ssh_path: "{{ lookup('env', 'SSH_PATH') }}"
   tasks:
     - name: Create GCP Auth file
       ansible.builtin.copy:
@@ -26,41 +26,6 @@
         cmd: "{{ ansible_playbook_python }} -m pip install requests google-auth google-cloud-storage"
       changed_when: true
 
-    # - name: Ensure ~/.ssh directory exists
-    #   file:
-    #     path: /home/runner/.ssh
-    #     state: directory
-
-    - name: Save SSH private key
-      copy:
-        content: "{{ lookup('env', 'GCP_SSH_PRIVATE_KEY') }}"
-        dest: "{{ ssh_path }}"
-        mode: '0600'
-
-    # - name: Configure SSH client
-    #   copy:
-    #     content: |
-    #       Host *
-    #         StrictHostKeyChecking no
-    #         UserKnownHostsFile=/dev/null
-    #     dest: "~/.ssh/config"
-    #     mode: 0600
-
-    # - name: Who am I
-    #   command: whoami
-    #   register: whoami_out
-
-    # - debug:
-    #     var: whoami_out.stdout
-
-    - name: Stat SSH private key
-      stat:
-        path: "{{ ssh_path }}"
-      register: key_stat
-
-    - debug:
-        var: key_stat.stat
-
     - name: Create GCP VM instance
       google.cloud.gcp_compute_instance:
         state: present
@@ -89,7 +54,7 @@
       debug:
         var: vm_result.name
 
-    - name: Get external IP of the VM
+    - name: Get VM's external IP
       set_fact:
         external_ip: "{{ vm_result.networkInterfaces[0].accessConfigs[0].natIP }}"
 
@@ -104,7 +69,3 @@
       import_tasks: tasks/task-vm-check-ready.yaml
       vars:
         wait_for_ssh_on: "{{ external_ip }}"
-
-    - name: DEBUG print ssh_private_key
-      debug:
-        msg: "{{ ssh_private_key.split('\n') }}"

github-deploy.yaml

@@ -3,9 +3,10 @@ IMAGE_NAME: tsb-1-12-0
 OWNER_LABEL: ric
 TEAM_LABEL: eng_cre
 SSH_USER: ubuntu
+SSH_PATH: ~/.ssh/id_ed25519
 GCP_PROJECT_ID: tsb-vm-images-repo
 GCP_ZONE: europe-west9-a
 TSB_SCENARIO: main
 TSB_TOPOLOGY: tsb-training
 TSB_INSTALL_METHOD: tctl
-TSB_VERSION: 1.12.2
+TSB_VERSION: 1.12.2