From e2581e5e873bc855d1dd1b6aad1105dee36c069f Mon Sep 17 00:00:00 2001
From: Simon Cornet <simon.cornet@itcreation.nl>
Date: Sat, 7 Dec 2024 20:32:43 +0100
Subject: [PATCH] [usermanagement] feat: added registry rules for drone user

---
 templates/usermanagement/sudoers.d/sudoers.j2 | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/templates/usermanagement/sudoers.d/sudoers.j2 b/templates/usermanagement/sudoers.d/sudoers.j2
index d496384..049eb8d 100644
--- a/templates/usermanagement/sudoers.d/sudoers.j2
+++ b/templates/usermanagement/sudoers.d/sudoers.j2
@@ -1,15 +1,21 @@
 {% if __user['username'] == 'drone' %}
 # ansible.siempie.internal
+{% if inventory_hostname == 'ansible.siempie.internal' %}
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible *
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy install -r /etc/ansible/ansible_requirements.yaml
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook *
-
-# packer.siempie.internal
-drone packer.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /mnt/packer *
-drone packer.siempie.internal=(root) NOPASSWD:/usr/local/bin/packer *
+{% endif %}
 
 # mgmt01.siempie.local
+{% if inventory_hostname == 'mgmt01.infra.vpn.mirahsimon.us' %}
 drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl *
+{% endif %}
+
+# registry.siempie.internal
+{% if inventory_hostname == 'mgmt01.infra.vpn.mirahsimon.us' %}
+drone registry.siempie.internal=(root) NOPASSWD:/
+{% endif %}
+
 {% else %}
 {% if sudo_pwless == False %}
 {{ __user['username'] }} ALL=(ALL) ALL