diff options
| author | Kenny Woodson <kwoodson@redhat.com> | 2017-02-21 10:26:17 -0500 |
|---|---|---|
| committer | Kenny Woodson <kwoodson@redhat.com> | 2017-02-21 10:26:17 -0500 |
| commit | 8200377dbb3d0e6aa2b35ea369cceb03976b508b (patch) | |
| tree | 47812b638e00ecd55dc22803c29e6906e3647319 /roles/lib_openshift/library | |
| parent | c0a264e4c220bf086760acd6ab1d27bfe36a06dc (diff) | |
Added copy support when modifying cert and key on existence
Diffstat (limited to 'roles/lib_openshift/library')
| -rw-r--r-- | roles/lib_openshift/library/oc_adm_ca_server_cert.py | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/roles/lib_openshift/library/oc_adm_ca_server_cert.py b/roles/lib_openshift/library/oc_adm_ca_server_cert.py index 9c8c62621..9c57435e7 100644 --- a/roles/lib_openshift/library/oc_adm_ca_server_cert.py +++ b/roles/lib_openshift/library/oc_adm_ca_server_cert.py @@ -124,6 +124,12 @@ options: required: false default: None aliases: [] + backup: + description: + - Whether to backup the cert and key files before writing them. + required: false + default: True + aliases: [] author: - "Kenny Woodson <kwoodson@redhat.com>" extends_documentation_fragment: [] @@ -1345,6 +1351,17 @@ class CAServerCert(OpenShiftCLI): def create(self): '''run openshift oc adm ca create-server-cert cmd''' + + # Added this here as a safegaurd for stomping on the + # cert and key files if they exist + if self.config.config_options['backup']['value']: + if os.path.exists(self.config.config_options['key']['value']): + shutil.copy(self.config.config_options['key']['value'], + "%s.orig" % self.config.config_options['key']['value']) + if os.path.exists(self.config.config_options['cert']['value']): + shutil.copy(self.config.config_options['cert']['value'], + "%s.orig" % self.config.config_options['cert']['value']) + options = self.config.to_option_list() cmd = ['ca', 'create-server-cert'] @@ -1384,6 +1401,7 @@ class CAServerCert(OpenShiftCLI): 'signer_cert': {'value': params['signer_cert'], 'include': True}, 'signer_key': {'value': params['signer_key'], 'include': True}, 'signer_serial': {'value': params['signer_serial'], 'include': True}, + 'backup': {'value': params['backup'], 'include': False}, }) server_cert = CAServerCert(config) @@ -1429,7 +1447,7 @@ def main(): state=dict(default='present', type='str', choices=['present']), debug=dict(default=False, type='bool'), kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), - cmd=dict(default=None, require=True, type='str'), + backup=dict(default=True, type='bool'), # oadm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), |