From 06f3517a5782aebbd884e81cdf17d7548a6c61eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <Joerg.Sachse@slub-dresden.de>
Date: Fri, 30 Jul 2021 18:39:18 +0200
Subject: [PATCH] feat: checkout exit script from Git using deploy key

---
 tasks/configure_ssh_keys.yml       | 12 ++++++++++++
 templates/test_exit_strategy.sh.j2 | 14 ++++----------
 vars/sanitytest.vault.example      |  6 +-----
 3 files changed, 17 insertions(+), 15 deletions(-)

diff --git a/tasks/configure_ssh_keys.yml b/tasks/configure_ssh_keys.yml
index 77827a1..ad48a72 100644
--- a/tasks/configure_ssh_keys.yml
+++ b/tasks/configure_ssh_keys.yml
@@ -5,3 +5,15 @@
     state: present
     key: "{{ vault_ssh_access.ssh_key }}"
     comment: "{{ vault_ssh_access.ssh_comment }}"
+
+- name: copy deploykey files to managed servers
+  copy:
+    src: "{{ role_path }}/../ansible_vaults/{{ role_name }}/{{ item }}"
+    dest: "~/.ssh/{{ item }}"
+    owner: "root"
+    group: "root"
+    mode: 0400
+  loop:
+    - "id_ed25519_deploykey"
+    - "id_ed25519_deploykey.pub"
+
diff --git a/templates/test_exit_strategy.sh.j2 b/templates/test_exit_strategy.sh.j2
index 205bdb6..9840055 100644
--- a/templates/test_exit_strategy.sh.j2
+++ b/templates/test_exit_strategy.sh.j2
@@ -45,20 +45,14 @@ esac
 echo "${MESSAGE}" | tee -a "${LOGFILE}"
 
 
-### GET EXIT SCRIPT FROM GITHUB ###
-git clone "{{ vault_git_repo_url_exitstrategy }}" | tee -a
+EXIT_PERL="/usr/local/bin/rosettaExitStrategy/perl/exit_strategy.pl"
+EXIT_DB="/tmp/exit.db"
 
-EXIT_PERL="${HOME}/rosettaExitStrategy/perl/exit_strategy.pl"
-
-### GENERATE EXIT SQL SCRIPT ###
+### GENERATE EXIT DATABASE ###
 date | tee -a "${LOGFILE}"
 echo -e "\n### GENERATE EXIT SQL SCRIPT ###\n" | tee -a "${LOGFILE}"
-perl "${EXIT_PERL}" "${SQLFILE}" "${MOUNTPOINT}" 2>> "${LOGFILE}"
+perl "${EXIT_PERL}" "${EXIT_DB}" "${MOUNTPOINT}" 2>> "${LOGFILE}"
 [[ $? -ne 0 ]] && echo "ERROR: Couldn't create SQLite database, exiting." && exit 10
 date | tee -a "${LOGFILE}"
 
-
-### TIDY UP ###
-rm -r ~/rosettaExitStrategy
-
 exit 0
diff --git a/vars/sanitytest.vault.example b/vars/sanitytest.vault.example
index fb10c2e..219f919 100644
--- a/vars/sanitytest.vault.example
+++ b/vars/sanitytest.vault.example
@@ -3,11 +3,7 @@
 # ANY CONFIDENTIAL EDITS SHOULD GO TO THE ENCRYPTED VAULT FILE!
 # VARIABLES THAT ARE NOT CONFIDENTIAL CAN GO TO A SEPARATE "*.YML" FILE.
 
-vault_git_repo_url_updatechecks: "<URL>"
-vault_git_repo_url_exitstrategy: "<URL>"
-
-vault_db_user: "<USERNAME>"
-vault_db_group: "<GROUPNAME>"
+vault_slub_git_repo_fqdn: "<URL>"
 
 vault_groups:
   - name: "<GROUPNAME>"
-- 
GitLab