From f22dabb4ab776d2b55c1272a36e647bda7257a1e Mon Sep 17 00:00:00 2001 From: Richard Lau Date: Wed, 26 Mar 2025 17:44:31 +0000 Subject: [PATCH] ansible: write `known_hosts` entry for `binary_tmp` Add a `known_hosts` entry to allow the machines running the arm-fanned jobs to be able to reach the `binary_tmp` git repository over ssh. --- ansible/roles/github/files/binary_tmp_known_hosts | 1 + ansible/roles/github/tasks/main.yml | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 ansible/roles/github/files/binary_tmp_known_hosts diff --git a/ansible/roles/github/files/binary_tmp_known_hosts b/ansible/roles/github/files/binary_tmp_known_hosts new file mode 100644 index 000000000..78311bf0c --- /dev/null +++ b/ansible/roles/github/files/binary_tmp_known_hosts @@ -0,0 +1 @@ +|1|RV0GwLebKrcRLruG88I/orbmg6Y=|dlBrqkgVnCQwmAOFNylzKj3M2E0= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDNWFPALrB+TJ1XSdEcL+0LApTQKaTWG2MDsdeMbT852 \ No newline at end of file diff --git a/ansible/roles/github/tasks/main.yml b/ansible/roles/github/tasks/main.yml index 5108d590c..9a47cfc57 100644 --- a/ansible/roles/github/tasks/main.yml +++ b/ansible/roles/github/tasks/main.yml @@ -28,3 +28,16 @@ become: yes become_user: "{{ server_user }}" loop: "{{ lookup('file', 'files/github_bad_hosts').splitlines() }}" + +# Entries in `files/binary_tmp_known_hosts` are generated via +# `ssh-keyscan -H -t ed25519 `, where `` should match +# the `TEMP_REPO_SERVER` environment variable set in Jenkins. +- name: add binary_tmp entry in known_hosts + ansible.builtin.lineinfile: + path: "{{ user_home_dir }}/.ssh/known_hosts" + line: "{{ item }}" + state: present + become: yes + become_user: "{{ server_user }}" + loop: "{{ lookup('file', 'files/binary_tmp_known_hosts').splitlines() }}" + when: (user_home_dir.find('_arm_cross') != -1) or (user_home_dir.find('armv7l') != -1)