Skip to content

c10l/cookbook-deploy_key

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits

libraries

libraries

 
 

.gitignore

.gitignore

 
 

.kitchen.yml

.kitchen.yml

 
 

Berksfile

Berksfile

 
 

Gemfile

Gemfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Thorfile

Thorfile

 
 

Vagrantfile

Vagrantfile

 
 

chefignore

chefignore

 
 

metadata.rb

metadata.rb

 
 

Repository files navigation

deploy_key cookbook

This is a Chef cookbook to manage deploy_keys on SaaS VCSs. Currently, it supports Bitbucket, Github and GitLab.

This work is heavily based on the ideas and code of ZippyKid's github-deploy-key cookbook.

Usage

Use this cookbook as a dependency of whatever cookbook will manage your deploy keys.

Declare a deploy_key resource and configure the provider:

deploy_key "app_deploy_key" do
  provider Chef::Provider::DeployKeyGithub
  ...
end

Supported providers:

  • Chef::Provider::DeployKeyGithub
  • Chef::Provider::DeployKeyBitbucket
  • Chef::Provider::DeployKeyGitlab

Attributes

  • label: Used as both the name of the key pair files on disk and the deploy key label on the provider. Defaults to name;

  • path: The directory where the private and public keys are stored

  • credentials: The credentials used to authenticate on the API - see below

  • repo: The repository where the deploy key will be installed. The format varies between providers:

    Provider Format
    GitHub / Bitbucket username/repo_slug (e.g.: cassianoleal/cookbook-deploy_key)
    GitLab an Integer (e.g.: 1, 2, 999)

  • owner: The owner of the key files on disk. Defaults to root

  • group: The group of the key files on disk. Defaults to root

  • mode: The mode that will be passed on to chmod. Defaults to 0600

The following attributes apply only to the GitLab provider:
  • api_url: The url of the GitLab server
  • client_cert: Client certificate
  • client_key: Client cert's key

Actions

  • :create - Runs ssh-keygen to create a key pair on the designed path;
  • :delete - Deletes the key pair from the disk;
  • :add - Adds the public key as a deploy key for the repository;
  • :remove - Removes the key from the list of deploy keys on the repository

Authentication

Authentication can be done either via username/password:

deploy_key "app_deploy_key" do
  provider Chef::Provider::DeployKeyGithub
  credentials({
    :user => 'username@org.com',
    :password => 'very_secure_password'
  })
  ...
end

or OAuth token ( Github | Bitbucket ):

deploy_key "app_deploy_key" do
  provider Chef::Provider::DeployKeyGithub
  credentials({
    :token => 'awesome_and_much_more_secure_token'
  })
  ...
end

A full example

deploy_key "bitbucket_key" do
  provider Chef::Provider::DeployKeyBitbucket
  path '/home/app_user/.ssh'
  credentials({
    :token => 'my_bitbucket_oauth_token'
  })
  repo 'organization/million_dollar_app'
  owner 'deploy'
  group 'deploy'
  mode '0640'
  action :add
end

ChefSpec matchers

As of version 0.2.0, the following ChefSpec matchers are available:

  • create_deploy_key(resource_name)
  • delete_deploy_key(resource_name)
  • add_deploy_key(resource_name)
  • remove_deploy_key(resource_name)

Author

Cassiano Leal ( email | twitter | github )

About

Idempotent Chef LWRP for creating, adding, removing and deleting SSH Deploy Keys on Bitbucket and Github

supermarket.getchef.com/cookbooks/deploy_key

Resources

Readme

License

View license
Activity

Stars

44 stars

Watchers

6 watching

Forks

27 forks
Report repository

Releases

8 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages