diff options
| author | Jason DeTiberus <detiber@gmail.com> | 2016-05-26 13:06:56 -0400 |
|---|---|---|
| committer | Jason DeTiberus <detiber@gmail.com> | 2016-05-26 13:06:56 -0400 |
| commit | b5cdb506d814723aa53c1389037d6b641dadb445 (patch) | |
| tree | e7e1120e19b947a95132770a2b8530ff2f566eba /roles/openshift_ca/tasks | |
| parent | 00eba039c9312fbd04cc05a8a890ef48f2311769 (diff) | |
| parent | c9cd222f8eab56a31c6ff237739653672c7010af (diff) | |
| download | openshift-b5cdb506d814723aa53c1389037d6b641dadb445.tar.gz openshift-b5cdb506d814723aa53c1389037d6b641dadb445.tar.bz2 openshift-b5cdb506d814723aa53c1389037d6b641dadb445.tar.xz openshift-b5cdb506d814723aa53c1389037d6b641dadb445.zip | |
Merge pull request #1908 from abutcher/openshift-certificates
Refactor openshift certificate roles
Diffstat (limited to 'roles/openshift_ca/tasks')
| -rw-r--r-- | roles/openshift_ca/tasks/main.yml | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml new file mode 100644 index 000000000..497473f22 --- /dev/null +++ b/roles/openshift_ca/tasks/main.yml @@ -0,0 +1,56 @@ +--- +- fail: + msg: "openshift_ca_host variable must be defined for this role" + when: openshift_ca_host is not defined + +- name: Install the base package for admin tooling + action: > + {{ ansible_pkg_mgr }} + name={{ openshift.common.service_type }}{{ openshift_version }} + state=present + when: not openshift.common.is_containerized | bool + register: install_result + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Reload generated facts + openshift_facts: + when: install_result | changed + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Create openshift_ca_config_dir if it does not exist + file: + path: "{{ openshift_ca_config_dir }}" + state: directory + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Determine if CA must be created + stat: + path: "{{ openshift_ca_config_dir }}/{{ item }}" + register: g_master_ca_stat_result + with_items: + - ca.crt + - ca.key + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- set_fact: + master_ca_missing: "{{ False in (g_master_ca_stat_result.results + | oo_collect(attribute='stat.exists') + | list) }}" + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Create the master certificates if they do not already exist + command: > + {{ openshift.common.admin_binary }} create-master-certs + --hostnames={{ openshift_master_hostnames | join(',') }} + --master={{ openshift.master.api_url }} + --public-master={{ openshift.master.public_api_url }} + --cert-dir={{ openshift_ca_config_dir }} + --overwrite=false + when: hostvars[openshift_ca_host].master_ca_missing | bool + delegate_to: "{{ openshift_ca_host }}" + run_once: true |