summaryrefslogtreecommitdiffstats
path: root/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml')
-rw-r--r--playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml17
1 files changed, 12 insertions, 5 deletions
diff --git a/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml b/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml
index e8a20aa2b..23cf8cf76 100644
--- a/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml
+++ b/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml
@@ -9,6 +9,7 @@
local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX
register: local_cert_sync_tmpdir
changed_when: false
+ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
- name: Create service signer certificate
hosts: oo_first_master
@@ -17,16 +18,18 @@
command: mktemp -d /tmp/openshift-ansible-XXXXXXX
register: remote_cert_create_tmpdir
changed_when: false
+ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
- name: Create service signer certificate
command: >
- {{ openshift.common.admin_binary }} ca create-signer-cert
- --cert=service-signer.crt
- --key=service-signer.key
- --name=openshift-service-serving-signer
- --serial=service-signer.serial.txt
+ {{ openshift.common.client_binary }} adm ca create-signer-cert
+ --cert="{{ remote_cert_create_tmpdir.stdout }}/"service-signer.crt
+ --key="{{ remote_cert_create_tmpdir.stdout }}/"service-signer.key
+ --name="{{ remote_cert_create_tmpdir.stdout }}/"openshift-service-serving-signer
+ --serial="{{ remote_cert_create_tmpdir.stdout }}/"service-signer.serial.txt
args:
chdir: "{{ remote_cert_create_tmpdir.stdout }}/"
+ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
- name: Retrieve service signer certificate
fetch:
@@ -38,12 +41,14 @@
with_items:
- "service-signer.crt"
- "service-signer.key"
+ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
- name: Delete remote temp directory
file:
name: "{{ remote_cert_create_tmpdir.stdout }}"
state: absent
changed_when: false
+ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
- name: Deploy service signer certificate
hosts: oo_masters_to_config
@@ -55,6 +60,7 @@
with_items:
- "service-signer.crt"
- "service-signer.key"
+ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
- name: Delete local temp directory
hosts: localhost
@@ -67,3 +73,4 @@
name: "{{ local_cert_sync_tmpdir.stdout }}"
state: absent
changed_when: false
+ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 11:44:28 +0000