X-Git-Url: https://gerrit.nordix.org/gitweb?p=infra%2Fstack%2Fkubernetes.git;a=blobdiff_plain;f=apps%2Fspinnaker-halyard%2Froles%2Finstall%2Ftasks%2Fcreate-user.yml;fp=apps%2Fspinnaker-halyard%2Froles%2Finstall%2Ftasks%2Fcreate-user.yml;h=eb02b384637cace94f4254a5cb7e0af30c812024;hp=0000000000000000000000000000000000000000;hb=d52a7575ba4f39e5c1f18bc9ac63fbe0a6664df7;hpb=c4317e1cd152b955596e333a4c3b52a7f028d14b

diff --git a/apps/spinnaker-halyard/roles/install/tasks/create-user.yml b/apps/spinnaker-halyard/roles/install/tasks/create-user.yml
new file mode 100644
index 0000000..eb02b38
--- /dev/null
+++ b/apps/spinnaker-halyard/roles/install/tasks/create-user.yml
@@ -0,0 +1,49 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2022 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Create halyard OS user
+  user:
+    name: halyard
+    shell: /bin/bash
+
+- name: Allow 'halyard' group to have passwordless sudo
+  lineinfile:
+    dest: /etc/sudoers
+    state: present
+    regexp: '^%halyard'
+    line: '%halyard ALL=(ALL) NOPASSWD: ALL'
+    validate: 'visudo -cf %s'
+
+- name: Copy ssh config
+  copy:
+    src: "{{ user_home }}/.ssh"
+    dest: /home/halyard
+    remote_src: true
+    owner: halyard
+    group: halyard
+    mode: preserve
+
+- name: Copy kube config
+  copy:
+    src: "{{ user_home }}/.kube"
+    dest: /home/halyard
+    remote_src: true
+    owner: halyard
+    group: halyard
+    mode: preserve