diff options
author | Scott Dodson <sdodson@redhat.com> | 2017-04-07 18:20:23 -0400 |
---|---|---|
committer | Scott Dodson <sdodson@redhat.com> | 2017-05-01 14:50:48 -0400 |
commit | 28bcb25d55fab7f4fe0c8b3cd1a260057f163b62 (patch) | |
tree | c5f277321aed647f04fca9ccf7f59c98469ba5f2 | |
parent | f029779f50fe1fa9b56060ede2fcaeea29f5b198 (diff) | |
download | openshift-28bcb25d55fab7f4fe0c8b3cd1a260057f163b62.tar.gz openshift-28bcb25d55fab7f4fe0c8b3cd1a260057f163b62.tar.bz2 openshift-28bcb25d55fab7f4fe0c8b3cd1a260057f163b62.tar.xz openshift-28bcb25d55fab7f4fe0c8b3cd1a260057f163b62.zip |
Use openshift_ca_host's hostnames to sign the CA
If for some reason oo_first_master and openshift_ca_host are different
we could've signed the CA with the wrong hostnames.
-rw-r--r-- | roles/openshift_ca/tasks/main.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml index 3b17d9ed6..c7b906949 100644 --- a/roles/openshift_ca/tasks/main.yml +++ b/roles/openshift_ca/tasks/main.yml @@ -95,7 +95,7 @@ {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | oo_collect('path') %} --certificate-authority {{ legacy_ca_certificate }} {% endfor %} - --hostnames={{ openshift.common.all_hostnames | join(',') }} + --hostnames={{ hostvars[openshift_ca_host].openshift.common.all_hostnames | join(',') }} --master={{ openshift.master.api_url }} --public-master={{ openshift.master.public_api_url }} --cert-dir={{ openshift_ca_config_dir }} |