Rename semaphore task for clarity

And documentation, wow what a difference it could make.
openfoodfoundation · Sep 25, 2024 · afc4dd8 · afc4dd8
1 parent 33d7478
commit afc4dd8
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -24,6 +24,8 @@ Other playbooks include:
 * `backup.yml` - Backup database and image files on the server to the local machine.
 * `rollback.yml` - Rollback the database and codebase to the previous version.
 * `db_transfer.yml` - Transfer the database directly from one host to another (see [Refreshing a staging server](https://github.com/openfoodfoundation/ofn-install/wiki/Refreshing-a-staging-server))
+* `setup_remote_deployment.yml` - Set up a staging server to allow remote triggering of the deploy playbook (eg from a GitHub Action)
+* and more...
 
 You may want to use the [ansible option "checkrun"](http://docs.ansible.com/playbooks_checkmode.html) to do a dry-run of the playbooks. With this option, Ansible will run the playbooks, but not actually make changes on the server.
 

diff --git a/playbooks/setup_semaphore_deployment.yml → playbooks/setup_remote_deployment.yml b/playbooks/setup_semaphore_deployment.yml → playbooks/setup_remote_deployment.yml
@@ -1,8 +1,8 @@
 ---
-- name: setup_semaphore_deployment
+- name: setup_remote_deployment
   hosts: ofn_servers
   remote_user: "{{ user }}"
   become: yes
 
   roles:
-    - role: semaphore_deployment
+    - role: remote_deployment
diff --git a/roles/semaphore_deployment/tasks/main.yml → roles/remote_deployment/tasks/main.yml b/roles/semaphore_deployment/tasks/main.yml → roles/remote_deployment/tasks/main.yml
@@ -1,4 +1,4 @@
---- # Set up Ansible and restricted deployment user for deployment via Semaphore
+--- # Set up Ansible and restricted user for deployment via CI runner (eg GitHub Actions)
 
 - name: add ansible ppa
   apt_repository:
@@ -48,20 +48,20 @@
     owner: "{{ user }}"
     mode: 0700
 
-- name: generate semaphore key pair
-  command: "ssh-keygen -f /home/{{ user }}/keys/semaphore -t rsa -b 4096 -C semaphore -N '' "
+- name: generate deployer key pair
+  command: "ssh-keygen -f /home/{{ user }}/keys/deployer -t rsa -b 4096 -C deployer -N '' "
   args:
-    creates: "/home/{{ user }}/keys/semaphore.pub"
+    creates: "/home/{{ user }}/keys/deployer.pub"
 
 - name: copy public key
   slurp:
-    src: "/home/{{ user }}/keys/semaphore.pub"
-  register: semaphore_public_key
+    src: "/home/{{ user }}/keys/deployer.pub"
+  register: deployer_public_key
   changed_when: False
 
-- name: add semaphore public key to deployment user's authorized_keys
+- name: add deployer public key to deployment user's authorized_keys
   authorized_key:
     user: "{{ deployment_user }}"
-    key: "{{ semaphore_public_key.content | b64decode }}"
+    key: "{{ deployer_public_key.content | b64decode }}"
     state: present
     key_options: 'restrict,command="sudo /home/{{ deployment_user }}/deploy \"$SSH_ORIGINAL_COMMAND\""'
diff --git a/.../semaphore_deployment/templates/deploy.j2 → roles/remote_deployment/templates/deploy.j2 b/.../semaphore_deployment/templates/deploy.j2 → roles/remote_deployment/templates/deploy.j2
diff --git a/...semaphore_deployment/templates/sudoers.j2 → roles/remote_deployment/templates/sudoers.j2 b/...semaphore_deployment/templates/sudoers.j2 → roles/remote_deployment/templates/sudoers.j2