summaryrefslogtreecommitdiffstats
path: root/roles/openshift_logging/tasks
diff options
context:
space:
mode:
authorJeff Cantrill <jcantril@redhat.com>2017-02-09 13:28:47 -0500
committerJeff Cantrill <jcantril@redhat.com>2017-02-10 11:18:17 -0500
commitf1e622ae0acb52fbd7ecd1b07b26b1b6884deb65 (patch)
treebbfc56032e9aea8808f6b7afd3eaaa12f7d1a943 /roles/openshift_logging/tasks
parent094fd21ceab111900c518dfad874b434c81e62ee (diff)
downloadopenshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.tar.gz
openshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.tar.bz2
openshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.tar.xz
openshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.zip
bug 1420425. Allow setting of public facing certs for kibana in openshift_logging role
Diffstat (limited to 'roles/openshift_logging/tasks')
-rw-r--r--roles/openshift_logging/tasks/generate_routes.yaml20
1 files changed, 19 insertions, 1 deletions
diff --git a/roles/openshift_logging/tasks/generate_routes.yaml b/roles/openshift_logging/tasks/generate_routes.yaml
index 60694f67e..3c462378b 100644
--- a/roles/openshift_logging/tasks/generate_routes.yaml
+++ b/roles/openshift_logging/tasks/generate_routes.yaml
@@ -1,4 +1,20 @@
---
+- set_fact: kibana_key={{ lookup('file', openshift_logging_kibana_key) | b64encode }}
+ when: "{{ openshift_logging_kibana_key | trim | length > 0 }}"
+ changed_when: false
+
+- set_fact: kibana_cert={{ lookup('file', openshift_logging_kibana_cert)| b64encode }}
+ when: "{{openshift_logging_kibana_cert | trim | length > 0}}"
+ changed_when: false
+
+- set_fact: kibana_ca={{ lookup('file', openshift_logging_kibana_ca)| b64encode }}
+ when: "{{openshift_logging_kibana_ca | trim | length > 0}}"
+ changed_when: false
+
+- set_fact: kibana_ca={{key_pairs | entry_from_named_pair('ca_file') }}
+ when: kibana_ca is not defined
+ changed_when: false
+
- name: Generating logging routes
template: src=route_reencrypt.j2 dest={{mktemp.stdout}}/templates/logging-{{route_info.name}}-route.yaml
tags: routes
@@ -6,7 +22,9 @@
obj_name: "{{route_info.name}}"
route_host: "{{route_info.host}}"
service_name: "{{route_info.name}}"
- tls_ca_cert: "{{key_pairs | entry_from_named_pair('ca_file')| b64decode }}"
+ tls_key: "{{kibana_key | default('') | b64decode}}"
+ tls_cert: "{{kibana_cert | default('') | b64decode}}"
+ tls_ca_cert: "{{kibana_ca | b64decode}}"
tls_dest_ca_cert: "{{key_pairs | entry_from_named_pair('ca_file')| b64decode }}"
labels:
component: support