From 8d3843833e13c01456f54cf7716ada3e829160a3 Mon Sep 17 00:00:00 2001
From: Dennis Ahrens <dennis.ahrens@hs-hannover.de>
Date: Thu, 30 Jun 2022 14:28:07 +0200
Subject: [PATCH] Deprecate the ssh key for deployments

---
 README.md       | 1 +
 deploy/user.sls | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 82e288c..797b494 100644
--- a/README.md
+++ b/README.md
@@ -80,6 +80,7 @@ It usually should not differ between deployments and might be assigned to many m
 
 - `deploy.config.key` **no default value**
   A private key that is able to access repositories.
+  **Deprecated** Use [gitlab deploy tokens](https://doc.it.hs-hannover.de/books/sysadmin/page/gitlab-deploy-with-token-and-without-ssh) instead:
 - `deploy.config.deploy_directory` _default: `/srv/repo`_
   The directory in which git clones are located.
 - `deploy.config.venv_directory` _default: `/srv/venv`_
diff --git a/deploy/user.sls b/deploy/user.sls
index 6289b41..611a44b 100644
--- a/deploy/user.sls
+++ b/deploy/user.sls
@@ -4,6 +4,7 @@ deployer:
   user.absent: []
   group.absent: []
 
+{% if salt.pillar.get('deploy:config:key:', None) is not None %}
 
 deploy_user_ssh_known_hosts_file_present:
   file.managed:
@@ -50,6 +51,8 @@ deploy_key:
     - group: root
     - makedirs: True
 
+{% endif %}
+
 {% for project_name, project_config in deploy.projects.items() %}
 
 {% set config_user_groups = project_config.get('user_groups', []) %}
-- 
GitLab