summaryrefslogtreecommitdiffstats
path: root/playbooks/certificate_expiry
diff options
context:
space:
mode:
authorTim Bielawa <timbielawa@gmail.com>2017-02-13 07:39:13 -0800
committerGitHub <noreply@github.com>2017-02-13 07:39:13 -0800
commitb47cb60817bfea53cfead10632341f2fdfcad6eb (patch)
tree5a5e88974fa6cccf411fe606f7c3df83c0da5a1b /playbooks/certificate_expiry
parentdb243097dabeaf8d3c5c906dd819e2f43fec891a (diff)
parentf9b74b54c833a6254342a84533a1086571872cb5 (diff)
downloadopenshift-b47cb60817bfea53cfead10632341f2fdfcad6eb.tar.gz
openshift-b47cb60817bfea53cfead10632341f2fdfcad6eb.tar.bz2
openshift-b47cb60817bfea53cfead10632341f2fdfcad6eb.tar.xz
openshift-b47cb60817bfea53cfead10632341f2fdfcad6eb.zip
Merge pull request #3313 from tbielawa/fix_expiry_playbook_paths
Make the cert expiry playbooks runnable
Diffstat (limited to 'playbooks/certificate_expiry')
-rw-r--r--playbooks/certificate_expiry/default.yaml10
-rw-r--r--playbooks/certificate_expiry/easy-mode.yaml18
-rw-r--r--playbooks/certificate_expiry/html_and_json_default_paths.yaml12
-rw-r--r--playbooks/certificate_expiry/longer-warning-period-json-results.yaml13
-rw-r--r--playbooks/certificate_expiry/longer_warning_period.yaml12
l---------playbooks/certificate_expiry/roles1
6 files changed, 66 insertions, 0 deletions
diff --git a/playbooks/certificate_expiry/default.yaml b/playbooks/certificate_expiry/default.yaml
new file mode 100644
index 000000000..630135cae
--- /dev/null
+++ b/playbooks/certificate_expiry/default.yaml
@@ -0,0 +1,10 @@
+---
+# Default behavior, you will need to ensure you run ansible with the
+# -v option to see report results:
+
+- name: Check cert expirys
+ hosts: nodes:masters:etcd
+ become: yes
+ gather_facts: no
+ roles:
+ - role: openshift_certificate_expiry
diff --git a/playbooks/certificate_expiry/easy-mode.yaml b/playbooks/certificate_expiry/easy-mode.yaml
new file mode 100644
index 000000000..ae41c7c14
--- /dev/null
+++ b/playbooks/certificate_expiry/easy-mode.yaml
@@ -0,0 +1,18 @@
+---
+# This example playbook is great if you're just wanting to try the
+# role out.
+#
+# This example enables HTML and JSON reports
+#
+# All certificates (healthy or not) are included in the results
+
+- name: Check cert expirys
+ hosts: nodes:masters:etcd
+ become: yes
+ gather_facts: no
+ vars:
+ openshift_certificate_expiry_save_json_results: yes
+ openshift_certificate_expiry_generate_html_report: yes
+ openshift_certificate_expiry_show_all: yes
+ roles:
+ - role: openshift_certificate_expiry
diff --git a/playbooks/certificate_expiry/html_and_json_default_paths.yaml b/playbooks/certificate_expiry/html_and_json_default_paths.yaml
new file mode 100644
index 000000000..d80cb6ff4
--- /dev/null
+++ b/playbooks/certificate_expiry/html_and_json_default_paths.yaml
@@ -0,0 +1,12 @@
+---
+# Generate HTML and JSON artifacts in their default paths:
+
+- name: Check cert expirys
+ hosts: nodes:masters:etcd
+ become: yes
+ gather_facts: no
+ vars:
+ openshift_certificate_expiry_generate_html_report: yes
+ openshift_certificate_expiry_save_json_results: yes
+ roles:
+ - role: openshift_certificate_expiry
diff --git a/playbooks/certificate_expiry/longer-warning-period-json-results.yaml b/playbooks/certificate_expiry/longer-warning-period-json-results.yaml
new file mode 100644
index 000000000..87a0f3be4
--- /dev/null
+++ b/playbooks/certificate_expiry/longer-warning-period-json-results.yaml
@@ -0,0 +1,13 @@
+---
+# Change the expiration warning window to 1500 days (good for testing
+# the module out) and save the results as a JSON file:
+
+- name: Check cert expirys
+ hosts: nodes:masters:etcd
+ become: yes
+ gather_facts: no
+ vars:
+ openshift_certificate_expiry_warning_days: 1500
+ openshift_certificate_expiry_save_json_results: yes
+ roles:
+ - role: openshift_certificate_expiry
diff --git a/playbooks/certificate_expiry/longer_warning_period.yaml b/playbooks/certificate_expiry/longer_warning_period.yaml
new file mode 100644
index 000000000..960457c4b
--- /dev/null
+++ b/playbooks/certificate_expiry/longer_warning_period.yaml
@@ -0,0 +1,12 @@
+---
+# Change the expiration warning window to 1500 days (good for testing
+# the module out):
+
+- name: Check cert expirys
+ hosts: nodes:masters:etcd
+ become: yes
+ gather_facts: no
+ vars:
+ openshift_certificate_expiry_warning_days: 1500
+ roles:
+ - role: openshift_certificate_expiry
diff --git a/playbooks/certificate_expiry/roles b/playbooks/certificate_expiry/roles
new file mode 120000
index 000000000..b741aa3db
--- /dev/null
+++ b/playbooks/certificate_expiry/roles
@@ -0,0 +1 @@
+../../roles \ No newline at end of file