Ansible 기능 추가

2025-05-21 01:08:10 +09:00
parent 69aca7ae85
commit ed5c62b1e5
10 changed files with 161 additions and 109 deletions
--- a/ansible/services.py
+++ b/ansible/services.py
@ -1,9 +1,20 @@
-# services.py
+# msa-django-ansible/services.py
 import os
+import requests
 import tempfile
 import subprocess
-from .models import AnsibleTask
 from django.conf import settings
+from .models import AnsibleTask
+
+
+def get_ssh_key_from_auth_server(access_token: str) -> str:
+    url = settings.AUTH_VERIFY_URL + "/api/auth/ssh-key/view/"
+    print(url)
+    headers = {"Authorization": f"Bearer {access_token}"}
+    response = requests.get(url, headers=headers)
+    if response.status_code != 200:
+        raise Exception("🔐 Auth 서버에서 SSH 키 조회 실패")
+    return response.json().get("ssh_key")


 def run_ansible_job(task: AnsibleTask, ssh_key: str):
@ -16,12 +27,11 @@ def run_ansible_job(task: AnsibleTask, ssh_key: str):
             tempfile.NamedTemporaryFile(delete=False, mode="w") as private_key_file:

            playbook_file.write(task.playbook_content.strip())
-            playbook_file.close()
-
            inventory_file.write(task.inventory_content.strip())
-            inventory_file.close()
-
            private_key_file.write(ssh_key.strip() + "\n")
+
+            playbook_file.close()
+            inventory_file.close()
            private_key_file.close()
            os.chmod(private_key_file.name, 0o600)

@ -45,5 +55,4 @@ def run_ansible_job(task: AnsibleTask, ssh_key: str):
        for f in [playbook_file.name, inventory_file.name, private_key_file.name]:
            if os.path.exists(f):
                os.remove(f)
-
        task.save()