From 5ff3071297b0bd91e5135bbe9def3a59dadfe885 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 17 Feb 2017 09:34:10 -0500 Subject: Rename of oadm_ca to oc_adm_ca. Decided to whittle down to the direct call, server_cert. --- .../src/ansible/oc_adm_ca_server_cert.py | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py (limited to 'roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py') diff --git a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py new file mode 100644 index 000000000..91d8c83b0 --- /dev/null +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -0,0 +1,36 @@ +# pylint: skip-file +# flake8: noqa + +def main(): + ''' + ansible oc adm module for ca create-server-cert + ''' + + module = AnsibleModule( + argument_spec=dict( + state=dict(default='present', type='str', choices=['present']), + debug=dict(default=False, type='bool'), + kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), + cmd=dict(default=None, require=True, type='str'), + # oadm ca create-server-cert [options] + cert=dict(default=None, type='str'), + key=dict(default=None, type='str'), + signer_cert=dict(default=None, type='str'), + signer_key=dict(default=None, type='str'), + signer_serial=dict(default=None, type='str'), + hostnames=dict(default=[], type='list'), + overwrite=dict(default=False, type='bool'), + ), + supports_check_mode=True, + ) + + # pylint: disable=line-too-long + results = CAServerCert.run_ansible(module.params, module.check_mode) + if 'failed' in results: + return module.fail_json(**results) + + return module.exit_json(**results) + + +if __name__ == '__main__': + main() -- cgit v1.2.3 From a330de2153a66c458a21fd506c3220a4b3acd563 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 17 Feb 2017 15:46:06 -0500 Subject: Updated doc and defined defaults for signer_* --- roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py') diff --git a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py index 91d8c83b0..3518a2de4 100644 --- a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -15,16 +15,15 @@ def main(): # oadm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), - signer_cert=dict(default=None, type='str'), - signer_key=dict(default=None, type='str'), - signer_serial=dict(default=None, type='str'), + signer_cert=dict(default='/etc/origin/master/ca.crt', type='str'), + signer_key=dict(default='/etc/origin/master/ca.key', type='str'), + signer_serial=dict(default='/etc/origin/master/ca.serial.txt', type='str'), hostnames=dict(default=[], type='list'), overwrite=dict(default=False, type='bool'), ), supports_check_mode=True, ) - # pylint: disable=line-too-long results = CAServerCert.run_ansible(module.params, module.check_mode) if 'failed' in results: return module.fail_json(**results) -- cgit v1.2.3 From 8200377dbb3d0e6aa2b35ea369cceb03976b508b Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 21 Feb 2017 10:26:17 -0500 Subject: Added copy support when modifying cert and key on existence --- roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py') diff --git a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py index 3518a2de4..367f6d932 100644 --- a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -11,7 +11,7 @@ def main(): state=dict(default='present', type='str', choices=['present']), debug=dict(default=False, type='bool'), kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), - cmd=dict(default=None, require=True, type='str'), + backup=dict(default=True, type='bool'), # oadm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), -- cgit v1.2.3 From 3effaa96c8e843a5820b98cf9c2dab608481c259 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 21 Feb 2017 20:15:28 -0500 Subject: Added backup feature. Fixed a bug with reading the certificate and verifying names. Added force option. --- roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py') diff --git a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py index 367f6d932..197095cac 100644 --- a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -19,7 +19,7 @@ def main(): signer_key=dict(default='/etc/origin/master/ca.key', type='str'), signer_serial=dict(default='/etc/origin/master/ca.serial.txt', type='str'), hostnames=dict(default=[], type='list'), - overwrite=dict(default=False, type='bool'), + force=dict(default=False, type='bool'), ), supports_check_mode=True, ) -- cgit v1.2.3 From 9c49ba4bb0b69604e98fc3dda65f8ccd40f19552 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 22 Feb 2017 11:19:51 -0500 Subject: Removing reference to oadm. Moved parameter under general params. --- roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py') diff --git a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py index 197095cac..c80c2eb44 100644 --- a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -12,14 +12,14 @@ def main(): debug=dict(default=False, type='bool'), kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), backup=dict(default=True, type='bool'), - # oadm ca create-server-cert [options] + force=dict(default=False, type='bool'), + # oc adm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), signer_cert=dict(default='/etc/origin/master/ca.crt', type='str'), signer_key=dict(default='/etc/origin/master/ca.key', type='str'), signer_serial=dict(default='/etc/origin/master/ca.serial.txt', type='str'), hostnames=dict(default=[], type='list'), - force=dict(default=False, type='bool'), ), supports_check_mode=True, ) -- cgit v1.2.3