Ansible access on Gitlab

[Aden Fissihaie]

Hello all,

I have a lab that is trying to integrate with Ansible and the lab participants need a way to all  access Gitlab without having to give each member ssh keys, but rather a service account that allows all users access...is this possible to do?

I am a newbie to Ansible by the way.

I appreciate any input, suggestions or information anyone could provide.

Best,

Eden

[Andreas Härpfer]

> On 8. Sep 2020, at 06:36, Aden Fissihaie <ade...@gmail.com> wrote:
>
> Hello all,
>
> I have a lab that is trying to integrate with Ansible and the lab participants need a way to all access Gitlab without having to give each member ssh keys, but rather a service account that allows all users access...is this possible to do?

Hi, not exactly sure what you are trying to achieve. Gitlab has a
concept for both a deploy key and a deploy token:

https://docs.gitlab.com/ee/user/project/deploy_keys/
https://docs.gitlab.com/ee/user/project/deploy_tokens/

There is not much difference in distributing one or the other to
your lab participants.

The Ansible `git` module itself shouldn't care:

* With a deploy key you simply load it into your SSH agent as you
do with your personal key.

* With a deploy token, the token is part of the repo URL (see
usage section of above docs link) and can be filled in e.g.
from an env variable.


Personally, I prefer a deploy key. (In particular for the technical
reason that you can't recursively clone Git submodules when using
a token.)

Hope this helps

Cheers
-Andi