Hello,
We manage an on-premise platform completely via Ansible playbooks.
I’m currently investigating how to best integrate these runs in a CICD setup on Azure DevOps.
Our security team is also asking to manage the SSH keys via Azure DevOps’ system of managed service connections. Azure DevOps supports SSH connections which actually stores the private keys. You use these service connection by e.g. running an SSH task in your pipeline for which you can select a service connection to use. The connection defines, server to target, user to authenticate, key to use etc. This part works.
Now, if I run ansible within such SSH task on the pipeline, the server on which the pipeline runs, fuctions as control node. Ansible then makes additional SSH connections to the other servers in its inventory. For those secondary connections Ansible should use the security information of the service connection.
Would anybody know how to properly set this up?
Thank you!
-wim