diff options
| author | Michael Gugino <mgugino@redhat.com> | 2017-08-31 18:01:56 -0400 |
|---|---|---|
| committer | Michael Gugino <mgugino@redhat.com> | 2017-09-25 09:40:01 -0400 |
| commit | 82d61ae9e23c2ae1f722ed3b458a6e39721e71fd (patch) | |
| tree | 54b79f1033aa3d210597e285e1346239ce7fad86 /roles/openshift_hosted/tasks/registry/secure/passthrough.yml | |
| parent | c390d382a2c1783964179490eec810ee2206fa32 (diff) | |
| download | openshift-82d61ae9e23c2ae1f722ed3b458a6e39721e71fd.tar.gz openshift-82d61ae9e23c2ae1f722ed3b458a6e39721e71fd.tar.bz2 openshift-82d61ae9e23c2ae1f722ed3b458a6e39721e71fd.tar.xz openshift-82d61ae9e23c2ae1f722ed3b458a6e39721e71fd.zip | |
Refactor openshift_hosted plays and role
Currently, openshift_hosted role duplicates some logic
across separate task chains. This commit cleans up
the openshift_hosted role and converts it to be
primarily used with include_role to give better
logic to the playbooks that utilize this role.
This commit also refactors the playbook that calls
various openshift_hosted roles into individual playbooks.
This allows more granularity for advanced users.
Diffstat (limited to 'roles/openshift_hosted/tasks/registry/secure/passthrough.yml')
| -rw-r--r-- | roles/openshift_hosted/tasks/registry/secure/passthrough.yml | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/roles/openshift_hosted/tasks/registry/secure/passthrough.yml b/roles/openshift_hosted/tasks/registry/secure/passthrough.yml deleted file mode 100644 index 5b44fda10..000000000 --- a/roles/openshift_hosted/tasks/registry/secure/passthrough.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -# Generate a self-signed certificate when there is no user-supplied certificate -- name: Configure self-signed certificate file paths - set_fact: - docker_registry_cert_path: "{{ openshift_master_config_dir }}/registry.crt" - docker_registry_key_path: "{{ openshift_master_config_dir }}/registry.key" - docker_registry_cacert_path: "{{ openshift_master_config_dir }}/ca.crt" - docker_registry_self_signed: true - when: - - "'certfile' not in openshift_hosted_registry_routecertificates" - - "'keyfile' not in openshift_hosted_registry_routecertificates" - -# Retrieve user supplied certificate files if they are provided -- when: - - "'certfile' in openshift_hosted_registry_routecertificates" - - "'keyfile' in openshift_hosted_registry_routecertificates" - block: - - name: Configure provided certificate file paths - set_fact: - docker_registry_cert_path: "{{ openshift_master_config_dir }}/named_certificates/{{ openshift_hosted_registry_routecertificates['certfile'] | basename }}" - docker_registry_key_path: "{{ openshift_master_config_dir }}/named_certificates/{{ openshift_hosted_registry_routecertificates['keyfile'] | basename }}" - docker_registry_self_signed: false - - # Since we end up bundling the cert, cacert and key in a .pem file, the 'cafile' - # is optional - - name: Configure provided ca certificate file path - set_fact: - docker_registry_cacert_path: "{{ openshift_master_config_dir }}/named_certificates/{{ openshift_hosted_registry_routecertificates['cafile'] | basename }}" - when: "'cafile' in openshift_hosted_registry_routecertificates" - - - name: Retrieve provided certificate files - copy: - backup: True - dest: "{{ openshift_master_config_dir }}/named_certificates/{{ item.value | basename }}" - src: "{{ item.value }}" - when: item.key in ['certfile', 'keyfile', 'cafile'] and item.value - with_dict: "{{ openshift_hosted_registry_routecertificates }}" - -- name: Configure a passthrough route for docker-registry - oc_route: - name: docker-registry - namespace: "{{ openshift_hosted_registry_namespace }}" - service_name: docker-registry - tls_termination: "{{ openshift_hosted_registry_routetermination }}" - host: "{{ openshift_hosted_registry_routehost | default(omit, true) }}" |