summaryrefslogtreecommitdiffstats
path: root/playbooks/common/openshift-cluster/redeploy-certificates
diff options
context:
space:
mode:
authorSteve Milner <smilner@redhat.com>2017-02-08 17:31:53 -0500
committerSteve Milner <smilner@redhat.com>2017-02-10 16:28:30 -0500
commita064a673ae40a4c5a62b6bf2d619d72bbc5fd967 (patch)
tree6a0ecc9736a6a83caca4920aa298b3c44815c665 /playbooks/common/openshift-cluster/redeploy-certificates
parent07ca54fe406a533e70350aa9273d5a3df297f156 (diff)
downloadopenshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.tar.gz
openshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.tar.bz2
openshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.tar.xz
openshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.zip
oc secrets now done via oc_secret module
Diffstat (limited to 'playbooks/common/openshift-cluster/redeploy-certificates')
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/registry.yml20
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/router.yml12
2 files changed, 21 insertions, 11 deletions
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
index 18b93e1d6..999e4af65 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
@@ -2,6 +2,8 @@
- name: Update registry certificates
hosts: oo_first_master
vars:
+ roles:
+ - lib_openshift
tasks:
- name: Create temp directory for kubeconfig
command: mktemp -d /tmp/openshift-ansible-XXXXXX
@@ -70,13 +72,17 @@
--key={{ openshift.common.config_base }}/master/registry.key
- name: Update registry certificates secret
- shell: >
- {{ openshift.common.client_binary }} secret new registry-certificates
- {{ openshift.common.config_base }}/master/registry.crt
- {{ openshift.common.config_base }}/master/registry.key
- --config={{ mktemp.stdout }}/admin.kubeconfig
- -n default
- -o json | oc replace -f -
+ oc_secret:
+ kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
+ name: registry-certificates
+ namespace: default
+ state: present
+ files:
+ - name: registry.crt
+ path: "{{ openshift.common.config_base }}/master/registry.crt"
+ - name: registry.key
+ path: "{{ openshift.common.config_base }}/master/registry.key"
+ run_once: true
when: l_docker_registry_dc.rc == 0 and 'registry-certificates' in docker_registry_secrets and 'REGISTRY_HTTP_TLS_CERTIFICATE' in docker_registry_env_vars and 'REGISTRY_HTTP_TLS_KEY' in docker_registry_env_vars
- name: Redeploy docker registry
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
index a9e9f0915..707fb6424 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
@@ -7,6 +7,8 @@
command: mktemp -d /tmp/openshift-ansible-XXXXXX
register: mktemp
changed_when: false
+ roles:
+ - lib_openshift
- name: Copy admin client config(s)
command: >
@@ -45,10 +47,12 @@
- block:
- name: Delete existing router certificate secret
- command: >
- {{ openshift.common.client_binary }} delete secret/router-certs
- --config={{ mktemp.stdout }}/admin.kubeconfig
- -n default
+ oc_secret:
+ kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
+ name: router-certs
+ namespace: default
+ state: absent
+ run_once: true
- name: Remove router service annotations
command: >