summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMaciej Szulik <maszulik@redhat.com>2017-01-04 16:05:42 +0100
committerMaciej Szulik <maszulik@redhat.com>2017-01-05 12:28:48 +0100
commit83648d22eb2d057ab99e0a97d325601f61cef011 (patch)
tree18595acca6cc8f9880965d6b3ef0f17489c9b1d4
parent616ca82429b16a84feb9d205a34d03dff7517adb (diff)
downloadopenshift-83648d22eb2d057ab99e0a97d325601f61cef011.tar.gz
openshift-83648d22eb2d057ab99e0a97d325601f61cef011.tar.bz2
openshift-83648d22eb2d057ab99e0a97d325601f61cef011.tar.xz
openshift-83648d22eb2d057ab99e0a97d325601f61cef011.zip
Fix jsonpath expected output when checking registry volume secrets
In k8s 1.5 (see rebase PR: origin 12143) jsonpath output is slightly different than previously. Causing this line to fail. We need to pick secret or secretName when checking this task failure condition.
-rw-r--r--roles/openshift_hosted/tasks/registry/secure.yml11
1 files changed, 5 insertions, 6 deletions
diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml
index b6d007835..31cc63281 100644
--- a/roles/openshift_hosted/tasks/registry/secure.yml
+++ b/roles/openshift_hosted/tasks/registry/secure.yml
@@ -34,13 +34,12 @@
- name: Create registry certificates if they do not exist
command: >
{{ openshift.common.client_binary }} adm ca create-server-cert
- --signer-cert=/etc/origin/master/ca.crt
- --signer-key=/etc/origin/master/ca.key
- --signer-serial=/etc/origin/master/ca.serial.txt
+ --signer-cert={{ openshift_master_config_dir }}/ca.crt
+ --signer-key={{ openshift_master_config_dir }}/ca.key
+ --signer-serial={{ openshift_master_config_dir }}/ca.serial.txt
--hostnames="{{ docker_registry_service_ip.stdout }},docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}"
--cert={{ openshift_master_config_dir }}/registry.crt
--key={{ openshift_master_config_dir }}/registry.key
- when: False in (docker_registry_certificates_stat_result.results | default([]) | oo_collect(attribute='stat.exists') | list)
- name: Create the secret for the registry certificates
command: >
@@ -65,12 +64,12 @@
- name: Determine if registry-certificates secret volume attached
command: >
{{ openshift.common.client_binary }} get dc/docker-registry
- -o jsonpath='{.spec.template.spec.volumes[*].secret.secretName}'
+ -o jsonpath='{.spec.template.spec.volumes[?(@.secret)].secret.secretName}'
--config={{ openshift_hosted_kubeconfig }}
-n default
register: docker_registry_volumes
changed_when: false
- failed_when: "'secretName is not found' not in docker_registry_volumes.stdout and docker_registry_volumes.rc != 0"
+ failed_when: "docker_registry_volumes.stdout != '' and 'secretName is not found' not in docker_registry_volumes.stdout and docker_registry_volumes.rc != 0"
- name: Attach registry-certificates secret volume
command: >