ansible-jenkins-php-v1/roles/jenkins-php-v1/tasks/30_users.yml

---

- name: Check if Gitea user has already been created
  stat:
    path: "{{ jenkins_gitea_password_file }}"
  register: result

- name: Do we have to create the Gitea user
  set_fact:
    createGiteaUser: "{{ result.stat.exists is undefined or result.stat.exists == False }}"

- name: Generate a password for the Gitea user
  set_fact:
    giteaPassword: "{{ lookup('password', '/dev/null chars=ascii_letters') }}"  # preferably no colons in password, for HTTP's URL simplicity
  when: createGiteaUser
  no_log: yes

- name: Retrieve the password for the post_install message
  slurp:
    src: "{{ jenkins_gitea_password_file }}"
  register: tmp
  when: not createGiteaUser
  no_log: yes
- name: Set the password as a fact
  set_fact:
    giteaPassword: "{{ tmp.content | b64decode | trim }}"
  when: not createGiteaUser
  no_log: yes

- name: Create webhook dedicated user
  shell: echo 'jenkins.model.Jenkins.instance.securityRealm.createAccount("{{ giteaUsername | quote }}", "{{ giteaPassword | quote }}")' | {{ jenkins_cli_command }} groovy =
  when: createGiteaUser
  no_log: yes

- name: Upload the new password
  copy:
    content: "{{ giteaPassword }}"
    dest: "{{ jenkins_gitea_password_file }}"
    owner: jenkins
    group: jenkins
    mode: 0600
  when: createGiteaUser
  # Note : We still need a way to tell the user how to be authenticated for the webhook.
  #        For the time being, we store it here and display it at the end of the playbook.
  no_log: yes
First commit 2020-01-17 23:35:15 +01:00			`---`

			`- name: Check if Gitea user has already been created`
			`stat:`
			`path: "{{ jenkins_gitea_password_file }}"`
			`register: result`

			`- name: Do we have to create the Gitea user`
			`set_fact:`
			`createGiteaUser: "{{ result.stat.exists is undefined or result.stat.exists == False }}"`

			`- name: Generate a password for the Gitea user`
			`set_fact:`
Add a conclusion/todo-list + more generic on the gitea username + several corrections 2020-01-18 23:48:17 +01:00			`giteaPassword: "{{ lookup('password', '/dev/null chars=ascii_letters') }}" # preferably no colons in password, for HTTP's URL simplicity`
First commit 2020-01-17 23:35:15 +01:00			`when: createGiteaUser`
Add a conclusion/todo-list + more generic on the gitea username + several corrections 2020-01-18 23:48:17 +01:00			`no_log: yes`
First commit 2020-01-17 23:35:15 +01:00
Add a conclusion/todo-list + more generic on the gitea username + several corrections 2020-01-18 23:48:17 +01:00			`- name: Retrieve the password for the post_install message`
			`slurp:`
			`src: "{{ jenkins_gitea_password_file }}"`
			`register: tmp`
			`when: not createGiteaUser`
			`no_log: yes`
			`- name: Set the password as a fact`
			`set_fact:`
			`giteaPassword: "{{ tmp.content \| b64decode \| trim }}"`
			`when: not createGiteaUser`
			`no_log: yes`

			`- name: Create webhook dedicated user`
			`shell: echo 'jenkins.model.Jenkins.instance.securityRealm.createAccount("{{ giteaUsername \| quote }}", "{{ giteaPassword \| quote }}")' \| {{ jenkins_cli_command }} groovy =`
First commit 2020-01-17 23:35:15 +01:00			`when: createGiteaUser`
Add a conclusion/todo-list + more generic on the gitea username + several corrections 2020-01-18 23:48:17 +01:00			`no_log: yes`
First commit 2020-01-17 23:35:15 +01:00
			`- name: Upload the new password`
			`copy:`
			`content: "{{ giteaPassword }}"`
			`dest: "{{ jenkins_gitea_password_file }}"`
			`owner: jenkins`
			`group: jenkins`
			`mode: 0600`
			`when: createGiteaUser`
Add a conclusion/todo-list + more generic on the gitea username + several corrections 2020-01-18 23:48:17 +01:00			`# Note : We still need a way to tell the user how to be authenticated for the webhook.`
			`# For the time being, we store it here and display it at the end of the playbook.`
			`no_log: yes`