diff options
Diffstat (limited to 'roles/lib_openshift/library')
-rw-r--r-- | roles/lib_openshift/library/oc_adm_ca_server_cert.py (renamed from roles/lib_openshift/library/oadm_ca.py) | 80 |
1 files changed, 31 insertions, 49 deletions
diff --git a/roles/lib_openshift/library/oadm_ca.py b/roles/lib_openshift/library/oc_adm_ca_server_cert.py index 1482ab591..19031f956 100644 --- a/roles/lib_openshift/library/oadm_ca.py +++ b/roles/lib_openshift/library/oc_adm_ca_server_cert.py @@ -45,7 +45,7 @@ from ansible.module_utils.basic import AnsibleModule # -*- -*- -*- End included fragment: lib/import.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: doc/certificate_authority -*- -*- -*- +# -*- -*- -*- Begin included fragment: doc/ca_server_cert -*- -*- -*- DOCUMENTATION = ''' --- @@ -186,7 +186,7 @@ EXAMPLES = ''' key: /etc/origin/master/registry.key ''' -# -*- -*- -*- End included fragment: doc/certificate_authority -*- -*- -*- +# -*- -*- -*- End included fragment: doc/ca_server_cert -*- -*- -*- # -*- -*- -*- Begin included fragment: ../../lib_utils/src/class/yedit.py -*- -*- -*- # noqa: E301,E302 @@ -1325,9 +1325,9 @@ class OpenShiftCLIConfig(object): # -*- -*- -*- End included fragment: lib/base.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: class/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- Begin included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*- -class CertificateAuthorityConfig(OpenShiftCLIConfig): +class CAServerCertConfig(OpenShiftCLIConfig): ''' CertificateAuthorityConfig is a DTO for the oadm ca command ''' def __init__(self, cmd, kubeconfig, verbose, ca_options): super(CertificateAuthorityConfig, self).__init__('ca', None, kubeconfig, ca_options) @@ -1336,13 +1336,13 @@ class CertificateAuthorityConfig(OpenShiftCLIConfig): self.verbose = verbose self._ca = ca_options -class CertificateAuthority(OpenShiftCLI): +class CAServerCert(OpenShiftCLI): ''' Class to wrap the oc command line tools ''' def __init__(self, config, verbose=False): ''' Constructor for oadm ca ''' - super(CertificateAuthority, self).__init__(None, config.kubeconfig, verbose) + super(CAServerCert, self).__init__(None, config.kubeconfig, verbose) self.config = config self.verbose = verbose @@ -1358,7 +1358,7 @@ class CertificateAuthority(OpenShiftCLI): return None def create(self): - '''Create a deploymentconfig ''' + '''run openshift ca cmd''' options = self.config.to_option_list() cmd = ['ca'] @@ -1388,26 +1388,20 @@ class CertificateAuthority(OpenShiftCLI): def run_ansible(params, check_mode): '''run the idempotent ansible code''' - config = CertificateAuthorityConfig(params['cmd'], - params['kubeconfig'], - params['debug'], - {'cert_dir': {'value': params['cert_dir'], 'include': True}, - 'cert': {'value': params['cert'], 'include': True}, - 'hostnames': {'value': ','.join(params['hostnames']), 'include': True}, - 'master': {'value': params['master'], 'include': True}, - 'public_master': {'value': params['public_master'], 'include': True}, - 'overwrite': {'value': params['overwrite'], 'include': True}, - 'signer_name': {'value': params['signer_name'], 'include': True}, - 'private_key': {'value': params['private_key'], 'include': True}, - 'public_key': {'value': params['public_key'], 'include': True}, - 'key': {'value': params['key'], 'include': True}, - 'signer_cert': {'value': params['signer_cert'], 'include': True}, - 'signer_key': {'value': params['signer_key'], 'include': True}, - 'signer_serial': {'value': params['signer_serial'], 'include': True}, - }) - - - oadm_ca = CertificateAuthority(config) + config = CAServerCertConfig(params['cmd'], + params['kubeconfig'], + params['debug'], + {'cert': {'value': params['cert'], 'include': True}, + 'hostnames': {'value': ','.join(params['hostnames']), 'include': True}, + 'overwrite': {'value': params['overwrite'], 'include': True}, + 'signer_name': {'value': params['signer_name'], 'include': True}, + 'key': {'value': params['key'], 'include': True}, + 'signer_cert': {'value': params['signer_cert'], 'include': True}, + 'signer_key': {'value': params['signer_key'], 'include': True}, + 'signer_serial': {'value': params['signer_serial'], 'include': True}, + }) + + server_cert = CAServerCert(config) state = params['state'] @@ -1415,34 +1409,34 @@ class CertificateAuthority(OpenShiftCLI): ######## # Create ######## - if not oadm_ca.exists() or params['overwrite']: + if not server_cert.exists() or params['overwrite']: if check_mode: return {'changed': True, 'msg': "CHECK_MODE: Would have created the certificate.", 'state': state} - api_rval = oadm_ca.create() + api_rval = server_cert.create() return {'changed': True, 'results': api_rval, 'state': state} ######## # Exists ######## - api_rval = oadm_ca.get() + api_rval = server_cert.get() return {'changed': False, 'results': api_rval, 'state': state} return {'failed': True, 'msg': 'Unknown state passed. %s' % state} -# -*- -*- -*- End included fragment: class/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- End included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: ansible/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- Begin included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*- def main(): ''' - ansible oadm module for ca + ansible oc adm module for ca create-server-cert ''' module = AnsibleModule( @@ -1451,32 +1445,20 @@ def main(): debug=dict(default=False, type='bool'), kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), cmd=dict(default=None, require=True, type='str'), - - # oadm ca create-master-certs [options] - cert_dir=dict(default=None, type='str'), - hostnames=dict(default=[], type='list'), - master=dict(default=None, type='str'), - public_master=dict(default=None, type='str'), - overwrite=dict(default=False, type='bool'), - signer_name=dict(default=None, type='str'), - - # oadm ca create-key-pair [options] - private_key=dict(default=None, type='str'), - public_key=dict(default=None, type='str'), - # oadm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), signer_cert=dict(default=None, type='str'), signer_key=dict(default=None, type='str'), signer_serial=dict(default=None, type='str'), - + hostnames=dict(default=[], type='list'), + overwrite=dict(default=False, type='bool'), ), supports_check_mode=True, ) # pylint: disable=line-too-long - results = CertificateAuthority.run_ansible(module.params, module.check_mode) + results = CAServerCert.run_ansible(module.params, module.check_mode) if 'failed' in results: return module.fail_json(**results) @@ -1486,4 +1468,4 @@ def main(): if __name__ == '__main__': main() -# -*- -*- -*- End included fragment: ansible/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- End included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*- |