Skip to content
/ cookbook-deploy_key Public

Idempotent Chef LWRP for creating, adding, removing and deleting SSH Deploy Keys on Bitbucket and Github

supermarket.getchef.com/cookbooks/deploy_key

License

View license
44 stars 27 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

c10l/cookbook-deploy_key

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
libraries
libraries
 
 
.gitignore
.gitignore
 
 
.kitchen.yml
.kitchen.yml
 
 
Berksfile
Berksfile
 
 
Gemfile
Gemfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Thorfile
Thorfile
 
 
Vagrantfile
Vagrantfile
 
 
chefignore
chefignore
 
 
metadata.rb
metadata.rb
 
 

Repository files navigation

deploy_key cookbook

This is a Chef cookbook to manage deploy_keys on SaaS VCSs. Currently, it supports Bitbucket, Github and GitLab.

This work is heavily based on the ideas and code of ZippyKid's github-deploy-key cookbook.

Usage

Use this cookbook as a dependency of whatever cookbook will manage your deploy keys.

Declare a deploy_key resource and configure the provider:

deploy_key "app_deploy_key" do
  provider Chef::Provider::DeployKeyGithub
  ...
end

Supported providers:

  • Chef::Provider::DeployKeyGithub
  • Chef::Provider::DeployKeyBitbucket
  • Chef::Provider::DeployKeyGitlab

Attributes

  • label: Used as both the name of the key pair files on disk and the deploy key label on the provider. Defaults to name;

  • path: The directory where the private and public keys are stored

  • credentials: The credentials used to authenticate on the API - see below

  • repo: The repository where the deploy key will be installed. The format varies between providers:

    Provider Format
    GitHub / Bitbucket username/repo_slug (e.g.: cassianoleal/cookbook-deploy_key)
    GitLab an Integer (e.g.: 1, 2, 999)

  • owner: The owner of the key files on disk. Defaults to root

  • group: The group of the key files on disk. Defaults to root

  • mode: The mode that will be passed on to chmod. Defaults to 0600

The following attributes apply only to the GitLab provider:
  • api_url: The url of the GitLab server
  • client_cert: Client certificate
  • client_key: Client cert's key

Actions

  • :create - Runs ssh-keygen to create a key pair on the designed path;
  • :delete - Deletes the key pair from the disk;
  • :add - Adds the public key as a deploy key for the repository;
  • :remove - Removes the key from the list of deploy keys on the repository

Authentication

Authentication can be done either via username/password:

deploy_key "app_deploy_key" do
  provider Chef::Provider::DeployKeyGithub
  credentials({
    :user => 'username@org.com',
    :password => 'very_secure_password'
  })
  ...
end

or OAuth token ( Github | Bitbucket ):

deploy_key "app_deploy_key" do
  provider Chef::Provider::DeployKeyGithub
  credentials({
    :token => 'awesome_and_much_more_secure_token'
  })
  ...
end

A full example

deploy_key "bitbucket_key" do
  provider Chef::Provider::DeployKeyBitbucket
  path '/home/app_user/.ssh'
  credentials({
    :token => 'my_bitbucket_oauth_token'
  })
  repo 'organization/million_dollar_app'
  owner 'deploy'
  group 'deploy'
  mode '0640'
  action :add
end

ChefSpec matchers

As of version 0.2.0, the following ChefSpec matchers are available:

  • create_deploy_key(resource_name)
  • delete_deploy_key(resource_name)
  • add_deploy_key(resource_name)
  • remove_deploy_key(resource_name)

Author

Cassiano Leal ( email | twitter | github )

About

Idempotent Chef LWRP for creating, adding, removing and deleting SSH Deploy Keys on Bitbucket and Github

supermarket.getchef.com/cookbooks/deploy_key

Resources

Readme

License

View license
Activity

Stars

44 stars

Watchers

6 watching

Forks

27 forks
Report repository

Releases

8 tags

Packages

 
 
 

Contributors 4

  •  
  •  
  •  
  •  

Languages