From fb2bf36d4e20fadac275d364c88a6586dd08bcb8 Mon Sep 17 00:00:00 2001
From: Kenny Woodson <kwoodson@redhat.com>
Date: Tue, 21 Feb 2017 20:31:09 -0500
Subject: if no key, cert, cacert, or default_cert is passed then do not pass
 to oc

---
 roles/lib_openshift/library/oc_adm_router.py     | 13 +++++++++++--
 roles/lib_openshift/src/ansible/oc_adm_router.py |  1 +
 roles/lib_openshift/src/class/oc_adm_router.py   | 12 ++++++++++--
 3 files changed, 22 insertions(+), 4 deletions(-)

(limited to 'roles')

diff --git a/roles/lib_openshift/library/oc_adm_router.py b/roles/lib_openshift/library/oc_adm_router.py
index e6d0f795e..577772564 100644
--- a/roles/lib_openshift/library/oc_adm_router.py
+++ b/roles/lib_openshift/library/oc_adm_router.py
@@ -2613,8 +2613,11 @@ class Router(OpenShiftCLI):
 
     def _prepare_router(self):
         '''prepare router for instantiation'''
-        # We need to create the pem file
-        if self.config.config_options['default_cert']['value'] is None:
+        # if cacert, key, and cert were passed, combine them into a pem file
+        if (self.config.config_options['cacert_file']['value'] and
+             self.config.config_options['cert_file']['value'] and
+             self.config.config_options['key_file']['value']):
+
             router_pem = '/tmp/router.pem'
             with open(router_pem, 'w') as rfd:
                 rfd.write(open(self.config.config_options['cert_file']['value']).read())
@@ -2624,8 +2627,13 @@ class Router(OpenShiftCLI):
                     rfd.write(open(self.config.config_options['cacert_file']['value']).read())
 
             atexit.register(Utils.cleanup, [router_pem])
+
             self.config.config_options['default_cert']['value'] = router_pem
 
+        elif self.config.config_options['default_cert']['value'] is None:
+            # No certificate was passed to us.  do not pass one to oc adm router
+            self.config.config_options['default_cert']['include'] = False
+
         options = self.config.to_option_list()
 
         cmd = ['router', self.config.name, '-n', self.config.namespace]
@@ -2937,6 +2945,7 @@ def main():
         mutually_exclusive=[["router_type", "images"],
                             ["key_file", "default_cert"],
                             ["cert_file", "default_cert"],
+                            ["cacert_file", "default_cert"],
                            ],
 
         supports_check_mode=True,
diff --git a/roles/lib_openshift/src/ansible/oc_adm_router.py b/roles/lib_openshift/src/ansible/oc_adm_router.py
index 48c9f0ec1..794eff3c2 100644
--- a/roles/lib_openshift/src/ansible/oc_adm_router.py
+++ b/roles/lib_openshift/src/ansible/oc_adm_router.py
@@ -51,6 +51,7 @@ def main():
         mutually_exclusive=[["router_type", "images"],
                             ["key_file", "default_cert"],
                             ["cert_file", "default_cert"],
+                            ["cacert_file", "default_cert"],
                            ],
 
         supports_check_mode=True,
diff --git a/roles/lib_openshift/src/class/oc_adm_router.py b/roles/lib_openshift/src/class/oc_adm_router.py
index 9d61cfdf2..1c4e17cf6 100644
--- a/roles/lib_openshift/src/class/oc_adm_router.py
+++ b/roles/lib_openshift/src/class/oc_adm_router.py
@@ -182,8 +182,11 @@ class Router(OpenShiftCLI):
 
     def _prepare_router(self):
         '''prepare router for instantiation'''
-        # We need to create the pem file
-        if self.config.config_options['default_cert']['value'] is None:
+        # if cacert, key, and cert were passed, combine them into a pem file
+        if (self.config.config_options['cacert_file']['value'] and
+             self.config.config_options['cert_file']['value'] and
+             self.config.config_options['key_file']['value']):
+
             router_pem = '/tmp/router.pem'
             with open(router_pem, 'w') as rfd:
                 rfd.write(open(self.config.config_options['cert_file']['value']).read())
@@ -193,8 +196,13 @@ class Router(OpenShiftCLI):
                     rfd.write(open(self.config.config_options['cacert_file']['value']).read())
 
             atexit.register(Utils.cleanup, [router_pem])
+
             self.config.config_options['default_cert']['value'] = router_pem
 
+        elif self.config.config_options['default_cert']['value'] is None:
+            # No certificate was passed to us.  do not pass one to oc adm router
+            self.config.config_options['default_cert']['include'] = False
+
         options = self.config.to_option_list()
 
         cmd = ['router', self.config.name, '-n', self.config.namespace]
-- 
cgit v1.2.3


From 060455ecd15a8ee714cac32aab667e747df1074e Mon Sep 17 00:00:00 2001
From: Kenny Woodson <kwoodson@redhat.com>
Date: Wed, 22 Feb 2017 11:52:43 -0500
Subject: Added required_together.  Added two minor bug fixes for when data is
 not passed.

---
 roles/lib_openshift/library/oc_adm_registry.py   |  4 ++--
 roles/lib_openshift/library/oc_adm_router.py     | 12 ++++++++----
 roles/lib_openshift/src/ansible/oc_adm_router.py |  1 +
 roles/lib_openshift/src/class/oc_adm_registry.py |  4 ++--
 roles/lib_openshift/src/class/oc_adm_router.py   | 11 +++++++----
 5 files changed, 20 insertions(+), 12 deletions(-)

(limited to 'roles')

diff --git a/roles/lib_openshift/library/oc_adm_registry.py b/roles/lib_openshift/library/oc_adm_registry.py
index 32a4f8637..5b5d823e6 100644
--- a/roles/lib_openshift/library/oc_adm_registry.py
+++ b/roles/lib_openshift/library/oc_adm_registry.py
@@ -2226,7 +2226,7 @@ class Registry(OpenShiftCLI):
         # probably need to parse this
         # pylint thinks results is a string
         # pylint: disable=no-member
-        if results['returncode'] != 0 and results['results'].has_key('items'):
+        if results['returncode'] != 0 and 'items' in results['results']:
             return results
 
         service = None
@@ -2307,7 +2307,7 @@ class Registry(OpenShiftCLI):
         # Currently we know that our deployment of a registry requires a few extra modifications
         # Modification 1
         # we need specific environment variables to be set
-        for key, value in self.config.config_options['env_vars']['value'].items():
+        for key, value in self.config.config_options['env_vars'].get('value', {}).items():
             if not deploymentconfig.exists_env_key(key):
                 deploymentconfig.add_env_value(key, value)
             else:
diff --git a/roles/lib_openshift/library/oc_adm_router.py b/roles/lib_openshift/library/oc_adm_router.py
index 577772564..aa645970a 100644
--- a/roles/lib_openshift/library/oc_adm_router.py
+++ b/roles/lib_openshift/library/oc_adm_router.py
@@ -2611,12 +2611,13 @@ class Router(OpenShiftCLI):
 
         return deploymentconfig
 
+    # pylint: disable=too-many-branches
     def _prepare_router(self):
         '''prepare router for instantiation'''
         # if cacert, key, and cert were passed, combine them into a pem file
         if (self.config.config_options['cacert_file']['value'] and
-             self.config.config_options['cert_file']['value'] and
-             self.config.config_options['key_file']['value']):
+                self.config.config_options['cert_file']['value'] and
+                self.config.config_options['key_file']['value']):
 
             router_pem = '/tmp/router.pem'
             with open(router_pem, 'w') as rfd:
@@ -2674,7 +2675,8 @@ class Router(OpenShiftCLI):
         oc_objects['DeploymentConfig']['obj'] = self.add_modifications(oc_objects['DeploymentConfig']['obj'])
 
         for oc_type, oc_data in oc_objects.items():
-            oc_data['path'] = Utils.create_tmp_file_from_contents(oc_type, oc_data['obj'].yaml_dict)
+            if oc_data['obj'] is not None:
+                oc_data['path'] = Utils.create_tmp_file_from_contents(oc_type, oc_data['obj'].yaml_dict)
 
         return oc_objects
 
@@ -2684,7 +2686,8 @@ class Router(OpenShiftCLI):
 
         # pylint: disable=no-member
         for _, oc_data in self.prepared_router.items():
-            results.append(self._create(oc_data['path']))
+            if oc_data['obj'] is not None:
+                results.append(self._create(oc_data['path']))
 
         rval = 0
         for result in results:
@@ -2948,6 +2951,7 @@ def main():
                             ["cacert_file", "default_cert"],
                            ],
 
+        required_together=[['cacert_file', 'cert_file', 'key_file']],
         supports_check_mode=True,
     )
     results = Router.run_ansible(module.params, module.check_mode)
diff --git a/roles/lib_openshift/src/ansible/oc_adm_router.py b/roles/lib_openshift/src/ansible/oc_adm_router.py
index 794eff3c2..b6f8e90d0 100644
--- a/roles/lib_openshift/src/ansible/oc_adm_router.py
+++ b/roles/lib_openshift/src/ansible/oc_adm_router.py
@@ -54,6 +54,7 @@ def main():
                             ["cacert_file", "default_cert"],
                            ],
 
+        required_together=[['cacert_file', 'cert_file', 'key_file']],
         supports_check_mode=True,
     )
     results = Router.run_ansible(module.params, module.check_mode)
diff --git a/roles/lib_openshift/src/class/oc_adm_registry.py b/roles/lib_openshift/src/class/oc_adm_registry.py
index 8cb7aea31..eb78667ca 100644
--- a/roles/lib_openshift/src/class/oc_adm_registry.py
+++ b/roles/lib_openshift/src/class/oc_adm_registry.py
@@ -154,7 +154,7 @@ class Registry(OpenShiftCLI):
         # probably need to parse this
         # pylint thinks results is a string
         # pylint: disable=no-member
-        if results['returncode'] != 0 and results['results'].has_key('items'):
+        if results['returncode'] != 0 and 'items' in results['results']:
             return results
 
         service = None
@@ -235,7 +235,7 @@ class Registry(OpenShiftCLI):
         # Currently we know that our deployment of a registry requires a few extra modifications
         # Modification 1
         # we need specific environment variables to be set
-        for key, value in self.config.config_options['env_vars']['value'].items():
+        for key, value in self.config.config_options['env_vars'].get('value', {}).items():
             if not deploymentconfig.exists_env_key(key):
                 deploymentconfig.add_env_value(key, value)
             else:
diff --git a/roles/lib_openshift/src/class/oc_adm_router.py b/roles/lib_openshift/src/class/oc_adm_router.py
index 1c4e17cf6..ab7c96927 100644
--- a/roles/lib_openshift/src/class/oc_adm_router.py
+++ b/roles/lib_openshift/src/class/oc_adm_router.py
@@ -180,12 +180,13 @@ class Router(OpenShiftCLI):
 
         return deploymentconfig
 
+    # pylint: disable=too-many-branches
     def _prepare_router(self):
         '''prepare router for instantiation'''
         # if cacert, key, and cert were passed, combine them into a pem file
         if (self.config.config_options['cacert_file']['value'] and
-             self.config.config_options['cert_file']['value'] and
-             self.config.config_options['key_file']['value']):
+                self.config.config_options['cert_file']['value'] and
+                self.config.config_options['key_file']['value']):
 
             router_pem = '/tmp/router.pem'
             with open(router_pem, 'w') as rfd:
@@ -243,7 +244,8 @@ class Router(OpenShiftCLI):
         oc_objects['DeploymentConfig']['obj'] = self.add_modifications(oc_objects['DeploymentConfig']['obj'])
 
         for oc_type, oc_data in oc_objects.items():
-            oc_data['path'] = Utils.create_tmp_file_from_contents(oc_type, oc_data['obj'].yaml_dict)
+            if oc_data['obj'] is not None:
+                oc_data['path'] = Utils.create_tmp_file_from_contents(oc_type, oc_data['obj'].yaml_dict)
 
         return oc_objects
 
@@ -253,7 +255,8 @@ class Router(OpenShiftCLI):
 
         # pylint: disable=no-member
         for _, oc_data in self.prepared_router.items():
-            results.append(self._create(oc_data['path']))
+            if oc_data['obj'] is not None:
+                results.append(self._create(oc_data['path']))
 
         rval = 0
         for result in results:
-- 
cgit v1.2.3