summaryrefslogtreecommitdiffstats
path: root/roles/lib_openshift/library
diff options
context:
space:
mode:
Diffstat (limited to 'roles/lib_openshift/library')
-rw-r--r--roles/lib_openshift/library/oc_adm_ca_server_cert.py (renamed from roles/lib_openshift/library/oadm_ca.py)80
1 files changed, 31 insertions, 49 deletions
diff --git a/roles/lib_openshift/library/oadm_ca.py b/roles/lib_openshift/library/oc_adm_ca_server_cert.py
index 1482ab591..19031f956 100644
--- a/roles/lib_openshift/library/oadm_ca.py
+++ b/roles/lib_openshift/library/oc_adm_ca_server_cert.py
@@ -45,7 +45,7 @@ from ansible.module_utils.basic import AnsibleModule
# -*- -*- -*- End included fragment: lib/import.py -*- -*- -*-
-# -*- -*- -*- Begin included fragment: doc/certificate_authority -*- -*- -*-
+# -*- -*- -*- Begin included fragment: doc/ca_server_cert -*- -*- -*-
DOCUMENTATION = '''
---
@@ -186,7 +186,7 @@ EXAMPLES = '''
key: /etc/origin/master/registry.key
'''
-# -*- -*- -*- End included fragment: doc/certificate_authority -*- -*- -*-
+# -*- -*- -*- End included fragment: doc/ca_server_cert -*- -*- -*-
# -*- -*- -*- Begin included fragment: ../../lib_utils/src/class/yedit.py -*- -*- -*-
# noqa: E301,E302
@@ -1325,9 +1325,9 @@ class OpenShiftCLIConfig(object):
# -*- -*- -*- End included fragment: lib/base.py -*- -*- -*-
-# -*- -*- -*- Begin included fragment: class/oadm_certificate_authority.py -*- -*- -*-
+# -*- -*- -*- Begin included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*-
-class CertificateAuthorityConfig(OpenShiftCLIConfig):
+class CAServerCertConfig(OpenShiftCLIConfig):
''' CertificateAuthorityConfig is a DTO for the oadm ca command '''
def __init__(self, cmd, kubeconfig, verbose, ca_options):
super(CertificateAuthorityConfig, self).__init__('ca', None, kubeconfig, ca_options)
@@ -1336,13 +1336,13 @@ class CertificateAuthorityConfig(OpenShiftCLIConfig):
self.verbose = verbose
self._ca = ca_options
-class CertificateAuthority(OpenShiftCLI):
+class CAServerCert(OpenShiftCLI):
''' Class to wrap the oc command line tools '''
def __init__(self,
config,
verbose=False):
''' Constructor for oadm ca '''
- super(CertificateAuthority, self).__init__(None, config.kubeconfig, verbose)
+ super(CAServerCert, self).__init__(None, config.kubeconfig, verbose)
self.config = config
self.verbose = verbose
@@ -1358,7 +1358,7 @@ class CertificateAuthority(OpenShiftCLI):
return None
def create(self):
- '''Create a deploymentconfig '''
+ '''run openshift ca cmd'''
options = self.config.to_option_list()
cmd = ['ca']
@@ -1388,26 +1388,20 @@ class CertificateAuthority(OpenShiftCLI):
def run_ansible(params, check_mode):
'''run the idempotent ansible code'''
- config = CertificateAuthorityConfig(params['cmd'],
- params['kubeconfig'],
- params['debug'],
- {'cert_dir': {'value': params['cert_dir'], 'include': True},
- 'cert': {'value': params['cert'], 'include': True},
- 'hostnames': {'value': ','.join(params['hostnames']), 'include': True},
- 'master': {'value': params['master'], 'include': True},
- 'public_master': {'value': params['public_master'], 'include': True},
- 'overwrite': {'value': params['overwrite'], 'include': True},
- 'signer_name': {'value': params['signer_name'], 'include': True},
- 'private_key': {'value': params['private_key'], 'include': True},
- 'public_key': {'value': params['public_key'], 'include': True},
- 'key': {'value': params['key'], 'include': True},
- 'signer_cert': {'value': params['signer_cert'], 'include': True},
- 'signer_key': {'value': params['signer_key'], 'include': True},
- 'signer_serial': {'value': params['signer_serial'], 'include': True},
- })
-
-
- oadm_ca = CertificateAuthority(config)
+ config = CAServerCertConfig(params['cmd'],
+ params['kubeconfig'],
+ params['debug'],
+ {'cert': {'value': params['cert'], 'include': True},
+ 'hostnames': {'value': ','.join(params['hostnames']), 'include': True},
+ 'overwrite': {'value': params['overwrite'], 'include': True},
+ 'signer_name': {'value': params['signer_name'], 'include': True},
+ 'key': {'value': params['key'], 'include': True},
+ 'signer_cert': {'value': params['signer_cert'], 'include': True},
+ 'signer_key': {'value': params['signer_key'], 'include': True},
+ 'signer_serial': {'value': params['signer_serial'], 'include': True},
+ })
+
+ server_cert = CAServerCert(config)
state = params['state']
@@ -1415,34 +1409,34 @@ class CertificateAuthority(OpenShiftCLI):
########
# Create
########
- if not oadm_ca.exists() or params['overwrite']:
+ if not server_cert.exists() or params['overwrite']:
if check_mode:
return {'changed': True,
'msg': "CHECK_MODE: Would have created the certificate.",
'state': state}
- api_rval = oadm_ca.create()
+ api_rval = server_cert.create()
return {'changed': True, 'results': api_rval, 'state': state}
########
# Exists
########
- api_rval = oadm_ca.get()
+ api_rval = server_cert.get()
return {'changed': False, 'results': api_rval, 'state': state}
return {'failed': True,
'msg': 'Unknown state passed. %s' % state}
-# -*- -*- -*- End included fragment: class/oadm_certificate_authority.py -*- -*- -*-
+# -*- -*- -*- End included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*-
-# -*- -*- -*- Begin included fragment: ansible/oadm_certificate_authority.py -*- -*- -*-
+# -*- -*- -*- Begin included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*-
def main():
'''
- ansible oadm module for ca
+ ansible oc adm module for ca create-server-cert
'''
module = AnsibleModule(
@@ -1451,32 +1445,20 @@ def main():
debug=dict(default=False, type='bool'),
kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
cmd=dict(default=None, require=True, type='str'),
-
- # oadm ca create-master-certs [options]
- cert_dir=dict(default=None, type='str'),
- hostnames=dict(default=[], type='list'),
- master=dict(default=None, type='str'),
- public_master=dict(default=None, type='str'),
- overwrite=dict(default=False, type='bool'),
- signer_name=dict(default=None, type='str'),
-
- # oadm ca create-key-pair [options]
- private_key=dict(default=None, type='str'),
- public_key=dict(default=None, type='str'),
-
# oadm ca create-server-cert [options]
cert=dict(default=None, type='str'),
key=dict(default=None, type='str'),
signer_cert=dict(default=None, type='str'),
signer_key=dict(default=None, type='str'),
signer_serial=dict(default=None, type='str'),
-
+ hostnames=dict(default=[], type='list'),
+ overwrite=dict(default=False, type='bool'),
),
supports_check_mode=True,
)
# pylint: disable=line-too-long
- results = CertificateAuthority.run_ansible(module.params, module.check_mode)
+ results = CAServerCert.run_ansible(module.params, module.check_mode)
if 'failed' in results:
return module.fail_json(**results)
@@ -1486,4 +1468,4 @@ def main():
if __name__ == '__main__':
main()
-# -*- -*- -*- End included fragment: ansible/oadm_certificate_authority.py -*- -*- -*-
+# -*- -*- -*- End included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*-