From 3e5d38caf39d53c917a78542a04ebb6a109e7e6f Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Tue, 13 Sep 2016 16:33:26 -0400 Subject: [upgrade] Create/configure service signer cert when missing. --- .../common/openshift-cluster/upgrades/upgrade.yml | 24 +++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'playbooks/common/openshift-cluster/upgrades/upgrade.yml') diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/upgrade.yml index e8bf133e6..ba4fc63be 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade.yml @@ -34,7 +34,7 @@ ############################################################################### # Upgrade Masters ############################################################################### -- name: Upgrade master +- name: Upgrade master packages hosts: oo_masters_to_config handlers: - include: ../../../../roles/openshift_master/handlers/main.yml @@ -45,6 +45,28 @@ - include: rpm_upgrade.yml component=master when: not openshift.common.is_containerized | bool +- name: Determine if service signer cert must be created + hosts: oo_first_master + tasks: + - name: Determine if service signer certificate must be created + stat: + path: "{{ openshift.common.config_base }}/master/service-signer.crt" + register: service_signer_cert_stat + changed_when: false + +# Create service signer cert when missing. Service signer certificate +# is added to master config in the master config hook for v3_3. +- include: create_service_signer_cert.yml + when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool) + +- name: Upgrade master config and systemd units + hosts: oo_masters_to_config + handlers: + - include: ../../../../roles/openshift_master/handlers/main.yml + static: yes + roles: + - openshift_facts + tasks: - include: "{{ master_config_hook }}" when: master_config_hook is defined -- cgit v1.2.3