diff options
author | Jeff Cantrill <jcantril@redhat.com> | 2017-02-09 13:28:47 -0500 |
---|---|---|
committer | Jeff Cantrill <jcantril@redhat.com> | 2017-02-10 11:18:17 -0500 |
commit | f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65 (patch) | |
tree | bbfc56032e9aea8808f6b7afd3eaaa12f7d1a943 /roles/openshift_logging/tasks | |
parent | 094fd21ceab111900c518dfad874b434c81e62ee (diff) | |
download | openshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.tar.gz openshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.tar.bz2 openshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.tar.xz openshift-f1e622ae0acb52fbd7ecd1b07b26b1b6884deb65.zip |
bug 1420425. Allow setting of public facing certs for kibana in openshift_logging role
Diffstat (limited to 'roles/openshift_logging/tasks')
-rw-r--r-- | roles/openshift_logging/tasks/generate_routes.yaml | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/roles/openshift_logging/tasks/generate_routes.yaml b/roles/openshift_logging/tasks/generate_routes.yaml index 60694f67e..3c462378b 100644 --- a/roles/openshift_logging/tasks/generate_routes.yaml +++ b/roles/openshift_logging/tasks/generate_routes.yaml @@ -1,4 +1,20 @@ --- +- set_fact: kibana_key={{ lookup('file', openshift_logging_kibana_key) | b64encode }} + when: "{{ openshift_logging_kibana_key | trim | length > 0 }}" + changed_when: false + +- set_fact: kibana_cert={{ lookup('file', openshift_logging_kibana_cert)| b64encode }} + when: "{{openshift_logging_kibana_cert | trim | length > 0}}" + changed_when: false + +- set_fact: kibana_ca={{ lookup('file', openshift_logging_kibana_ca)| b64encode }} + when: "{{openshift_logging_kibana_ca | trim | length > 0}}" + changed_when: false + +- set_fact: kibana_ca={{key_pairs | entry_from_named_pair('ca_file') }} + when: kibana_ca is not defined + changed_when: false + - name: Generating logging routes template: src=route_reencrypt.j2 dest={{mktemp.stdout}}/templates/logging-{{route_info.name}}-route.yaml tags: routes @@ -6,7 +22,9 @@ obj_name: "{{route_info.name}}" route_host: "{{route_info.host}}" service_name: "{{route_info.name}}" - tls_ca_cert: "{{key_pairs | entry_from_named_pair('ca_file')| b64decode }}" + tls_key: "{{kibana_key | default('') | b64decode}}" + tls_cert: "{{kibana_cert | default('') | b64decode}}" + tls_ca_cert: "{{kibana_ca | b64decode}}" tls_dest_ca_cert: "{{key_pairs | entry_from_named_pair('ca_file')| b64decode }}" labels: component: support |