diff options
author | Steve Milner <smilner@redhat.com> | 2017-02-08 17:31:53 -0500 |
---|---|---|
committer | Steve Milner <smilner@redhat.com> | 2017-02-10 16:28:30 -0500 |
commit | a064a673ae40a4c5a62b6bf2d619d72bbc5fd967 (patch) | |
tree | 6a0ecc9736a6a83caca4920aa298b3c44815c665 /playbooks/common/openshift-cluster/redeploy-certificates | |
parent | 07ca54fe406a533e70350aa9273d5a3df297f156 (diff) | |
download | openshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.tar.gz openshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.tar.bz2 openshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.tar.xz openshift-a064a673ae40a4c5a62b6bf2d619d72bbc5fd967.zip |
oc secrets now done via oc_secret module
Diffstat (limited to 'playbooks/common/openshift-cluster/redeploy-certificates')
-rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/registry.yml | 20 | ||||
-rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/router.yml | 12 |
2 files changed, 21 insertions, 11 deletions
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml index 18b93e1d6..999e4af65 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml @@ -2,6 +2,8 @@ - name: Update registry certificates hosts: oo_first_master vars: + roles: + - lib_openshift tasks: - name: Create temp directory for kubeconfig command: mktemp -d /tmp/openshift-ansible-XXXXXX @@ -70,13 +72,17 @@ --key={{ openshift.common.config_base }}/master/registry.key - name: Update registry certificates secret - shell: > - {{ openshift.common.client_binary }} secret new registry-certificates - {{ openshift.common.config_base }}/master/registry.crt - {{ openshift.common.config_base }}/master/registry.key - --config={{ mktemp.stdout }}/admin.kubeconfig - -n default - -o json | oc replace -f - + oc_secret: + kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig" + name: registry-certificates + namespace: default + state: present + files: + - name: registry.crt + path: "{{ openshift.common.config_base }}/master/registry.crt" + - name: registry.key + path: "{{ openshift.common.config_base }}/master/registry.key" + run_once: true when: l_docker_registry_dc.rc == 0 and 'registry-certificates' in docker_registry_secrets and 'REGISTRY_HTTP_TLS_CERTIFICATE' in docker_registry_env_vars and 'REGISTRY_HTTP_TLS_KEY' in docker_registry_env_vars - name: Redeploy docker registry diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml index a9e9f0915..707fb6424 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml @@ -7,6 +7,8 @@ command: mktemp -d /tmp/openshift-ansible-XXXXXX register: mktemp changed_when: false + roles: + - lib_openshift - name: Copy admin client config(s) command: > @@ -45,10 +47,12 @@ - block: - name: Delete existing router certificate secret - command: > - {{ openshift.common.client_binary }} delete secret/router-certs - --config={{ mktemp.stdout }}/admin.kubeconfig - -n default + oc_secret: + kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig" + name: router-certs + namespace: default + state: absent + run_once: true - name: Remove router service annotations command: > |