[upd] cluster keypair name & host.ini & gitlab-ci & add cluster keypair in .ssh

.gitlab-ci.yml

@@ -57,7 +57,7 @@ apply_step:
     when: on_success
     expire_in: "6h"
     paths:
-      - ./tfplan
+      - ./terraform.tfstate
       - .ssh/
       - ./ip_files/
       - ./hosts.ini

.terraform.tfstate.lock.info

+{"ID":"3e626215-4856-220c-a2d0-28f99ab42a2d","Operation":"OperationTypeApply","Info":"","Who":"user@SYS-Ubuntu20","Version":"1.3.6","Created":"2023-02-22T14:08:01.143574977Z","Path":"terraform.tfstate"}
\ No newline at end of file

main.tf

@@ -14,7 +14,7 @@ module "mod-os-private-network" {
   INSTANCE_ORCHEST_NAME            = ["node01", "node02", "node03"]
   INSTANCE_ORCHEST_IMAGE           = "imta-docker"
   INSTANCE_ORCHEST_FLAVOR          = "s10.medium"
-  INSTANCE_ORCHEST_KEY_PAIR        = "id_rsa"
+  INSTANCE_ORCHEST_KEY_PAIR        = "cluster_key"
   SECGROUP_BASTION_NAME            = "secgroup_bastion"
   SECGROUP_APPLICATION_NAME        = "secgroup_application"
   SECGROUP_INTERNAL_NETWORK_NAME   = "secgroup_internal_network"

mod-os-private-network/instance.tf

@@ -14,7 +14,7 @@ resource "openstack_compute_instance_v2" "bastion_instance" {
   # Copie des IP locales dans un fichier .txt sur la machine hébergeante
   # Inventaire Ansible
   provisioner "local-exec" {
-    command = "echo '${self.name} : ${self.access_ip_v4}' > ip_files/private_ips.txt; echo '[app]' > hosts.ini; echo ${self.name} ansible_host=${openstack_networking_floatingip_v2.floatip_admin.address} ansible_user=ubuntu ansible_ssh_private_key_file='.ssh/${var.INSTANCE_BASTION_KEY_PAIR}.pem' >> hosts.ini; echo '[node]' >> hosts.ini"  
+    command = "echo '${self.name} : ${self.access_ip_v4}' > ip_files/private_ips.txt; echo '[admin]' > hosts.ini; echo ${self.name} ansible_host=${openstack_networking_floatingip_v2.floatip_admin.address} ansible_user=ubuntu ansible_ssh_private_key_file='.ssh/${var.INSTANCE_BASTION_KEY_PAIR}.pem' >> hosts.ini; echo '[node]' >> hosts.ini"  
   }
 
   depends_on = [openstack_compute_keypair_v2.keypair_project,

mod-os-private-network/keypair.tf

@@ -11,6 +11,13 @@ resource "openstack_compute_keypair_v2" "keypair_project" {
 # Création d'une paire de clés pour le cluster
 resource "openstack_compute_keypair_v2" "keypair_cluster" {
   name = var.INSTANCE_ORCHEST_KEY_PAIR
+
+  # Copie de la paire de clés du cluster sur la machine hébergeante
+  provisioner "local-exec" {
+    command = "echo '${self.private_key}' > .ssh/${var.INSTANCE_ORCHEST_KEY_PAIR}.pem; echo '${self.public_key}' > .ssh/${var.INSTANCE_ORCHEST_KEY_PAIR}.pub; chmod 600 .ssh/${var.INSTANCE_ORCHEST_KEY_PAIR}.pem; chmod 600 .ssh/${var.INSTANCE_ORCHEST_KEY_PAIR}.pub"
+  }
+
+  depends_on = [openstack_compute_keypair_v2.keypair_project]
 }
 
 # Copie de la paire de clés du cluster sur l'instance bastion

mod-os-private-network/variable.tf

@@ -65,7 +65,7 @@ variable "INSTANCE_BASTION_KEY_PAIR" {
 
 variable "INSTANCE_ORCHEST_KEY_PAIR" {
   type    = string
-  default = "id_rsa"
+  default = "cluster_key"
 }
 
 variable "SECGROUP_BASTION_NAME" {