diff options
| author | Andrew Butcher <abutcher@redhat.com> | 2015-12-03 14:09:42 -0500 |
|---|---|---|
| committer | Andrew Butcher <abutcher@redhat.com> | 2016-01-04 09:16:11 -0500 |
| commit | 9b760b0a89a77c5be0b3521a2c35b5afcb2a20d2 (patch) | |
| tree | 751b98c15e57c828d84eecb9a3f086133f53178e /roles/openshift_master/tasks/main.yml | |
| parent | fb1b9ff7d3293c821a8569ae95dcc8a98dfbf967 (diff) | |
| download | openshift-9b760b0a89a77c5be0b3521a2c35b5afcb2a20d2.tar.gz openshift-9b760b0a89a77c5be0b3521a2c35b5afcb2a20d2.tar.bz2 openshift-9b760b0a89a77c5be0b3521a2c35b5afcb2a20d2.tar.xz openshift-9b760b0a89a77c5be0b3521a2c35b5afcb2a20d2.zip | |
Clean up idempotency issues with session secrets.
Diffstat (limited to 'roles/openshift_master/tasks/main.yml')
| -rw-r--r-- | roles/openshift_master/tasks/main.yml | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index a22654678..1c7fdfcf9 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -9,6 +9,13 @@ Invalid OAuth grant method: {{ openshift_master_oauth_grant_method }} when: openshift_master_oauth_grant_method is defined and openshift_master_oauth_grant_method not in openshift_master_valid_grant_methods +# Session Options Validation +- fail: + msg: "Both openshift_master_session_auth_secrets and openshift_master_session_encryption_secrets must be provided if either variable is set" + when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is not defined) or (openshift_master_session_encryption_secrets is defined and openshift_master_session_auth_secrets is not defined) +- fail: + msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length" + when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length) # HA Variable Validation - fail: @@ -55,9 +62,9 @@ portal_net: "{{ openshift_master_portal_net | default(None) }}" session_max_seconds: "{{ openshift_master_session_max_seconds | default(None) }}" session_name: "{{ openshift_master_session_name | default(None) }}" + session_secrets_file: "{{ openshift_master_session_secrets_file | default(None) }}" session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(None) }}" session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(None) }}" - session_secrets_file: "{{ openshift_master_session_secrets_file | default(None) }}" access_token_max_seconds: "{{ openshift_master_access_token_max_seconds | default(None) }}" auth_token_max_seconds: "{{ openshift_master_auth_token_max_seconds | default(None) }}" identity_providers: "{{ openshift_master_identity_providers | default(None) }}" @@ -221,7 +228,7 @@ template: dest: "{{ openshift.master.session_secrets_file }}" src: sessionSecretsFile.yaml.v1.j2 - force: no + when: openshift.master.session_auth_secrets is defined and openshift.master.session_encryption_secrets is defined notify: - restart master - restart master api |