From ca0dc1c5898189cf42a6ef2b4b68b37c4e9648a9 Mon Sep 17 00:00:00 2001
From: Kenny Woodson <kwoodson@redhat.com>
Date: Tue, 15 Aug 2017 18:54:18 -0400
Subject: First attempt at creating the cert signer.

---
 roles/lib_openshift/src/ansible/oc_adm_csr.py | 36 +++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 roles/lib_openshift/src/ansible/oc_adm_csr.py

(limited to 'roles/lib_openshift/src/ansible')

diff --git a/roles/lib_openshift/src/ansible/oc_adm_csr.py b/roles/lib_openshift/src/ansible/oc_adm_csr.py
new file mode 100644
index 000000000..9e43a810b
--- /dev/null
+++ b/roles/lib_openshift/src/ansible/oc_adm_csr.py
@@ -0,0 +1,36 @@
+# pylint: skip-file
+# flake8: noqa
+
+def main():
+    '''
+    ansible oc module for approving certificate signing requests
+    '''
+
+    module = AnsibleModule(
+        argument_spec=dict(
+            kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
+            state=dict(default='approve', type='str',
+                       choices=['approve', 'deny', 'list']),
+            debug=dict(default=False, type='bool'),
+            nodes=dict(default=None, type='list'),
+            timeout=dict(default=30, type='int'),
+            approve_all=dict(default=False, type='bool'),
+            service_account=dict(default='node-bootstrapper', type='str'),
+        ),
+        supports_check_mode=True,
+        mutually_exclusive=[['approve_all', 'nodes']],
+    )
+
+    if module.params['nodes'] == []:
+        module.fail_json(**dict(failed=True, msg='Please specify hosts.'))
+
+    rval = OCcsr.run_ansible(module.params, module.check_mode)
+
+    if 'failed' in rval:
+        return module.fail_json(**rval)
+
+    return module.exit_json(**rval)
+
+
+if __name__ == '__main__':
+    main()
-- 
cgit v1.2.3