diff options
author | Eric Sauer <esauer@redhat.com> | 2017-03-31 07:37:35 -0400 |
---|---|---|
committer | Eric Sauer <esauer@redhat.com> | 2017-03-31 07:37:35 -0400 |
commit | 6c4941a7dd63de9fd07408c87a91e46493f96f6c (patch) | |
tree | 95a625b0a323dfc7b686297239248d65be34e90a /roles/openshift_logging | |
parent | 929d0b74b88b98d9ab339185807292b7f102f6f6 (diff) | |
download | openshift-6c4941a7dd63de9fd07408c87a91e46493f96f6c.tar.gz openshift-6c4941a7dd63de9fd07408c87a91e46493f96f6c.tar.bz2 openshift-6c4941a7dd63de9fd07408c87a91e46493f96f6c.tar.xz openshift-6c4941a7dd63de9fd07408c87a91e46493f96f6c.zip |
Compatibility updates to openshift_logging role for ansible 2.2.2.0+
Diffstat (limited to 'roles/openshift_logging')
-rw-r--r-- | roles/openshift_logging/tasks/generate_pems.yaml | 3 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/procure_server_certs.yaml | 30 |
2 files changed, 20 insertions, 13 deletions
diff --git a/roles/openshift_logging/tasks/generate_pems.yaml b/roles/openshift_logging/tasks/generate_pems.yaml index 289b72ea6..e8cececfb 100644 --- a/roles/openshift_logging/tasks/generate_pems.yaml +++ b/roles/openshift_logging/tasks/generate_pems.yaml @@ -15,6 +15,7 @@ -subj "/CN={{component}}/OU=OpenShift/O=Logging/subjectAltName=DNS.1=localhost{{cert_ext.stdout}}" -days 712 -nodes when: - not key_file.stat.exists + - cert_ext is defined - cert_ext.stdout is defined check_mode: no @@ -24,7 +25,7 @@ -subj "/CN={{component}}/OU=OpenShift/O=Logging" -days 712 -nodes when: - not key_file.stat.exists - - cert_ext.stdout is undefined + - cert_ext is undefined or cert_ext is defined and cert_ext.stdout is undefined check_mode: no - name: Sign cert request with CA for {{component}} diff --git a/roles/openshift_logging/tasks/procure_server_certs.yaml b/roles/openshift_logging/tasks/procure_server_certs.yaml index 44dd5e894..19e03aba4 100644 --- a/roles/openshift_logging/tasks/procure_server_certs.yaml +++ b/roles/openshift_logging/tasks/procure_server_certs.yaml @@ -11,12 +11,18 @@ - name: Trying to discover server cert variable name for {{ cert_info.procure_component }} set_fact: procure_component_crt={{ lookup('env', '{{cert_info.procure_component}}' + '_crt') }} - when: cert_info.hostnames is undefined and {{ cert_info.procure_component }}_crt is defined and {{ cert_info.procure_component }}_key is defined + when: + - cert_info.hostnames is undefined + - cert_info[ cert_info.procure_component + '_crt' ] is defined + - cert_info[ cert_info.procure_component + '_key' ] is defined check_mode: no - name: Trying to discover the server key variable name for {{ cert_info.procure_component }} set_fact: procure_component_key={{ lookup('env', '{{cert_info.procure_component}}' + '_key') }} - when: cert_info.hostnames is undefined and {{ cert_info.procure_component }}_crt is defined and {{ cert_info.procure_component }}_key is defined + when: + - cert_info.hostnames is undefined + - cert_info[ cert_info.procure_component + '_crt' ] is defined + - cert_info[ cert_info.procure_component + '_key' ] is defined check_mode: no - name: Creating signed server cert and key for {{ cert_info.procure_component }} @@ -35,18 +41,18 @@ copy: content="{{procure_component_key}}" dest={{generated_certs_dir}}/{{cert_info.procure_component}}.key check_mode: no when: - - cert_info.hostnames is undefined - - "{{ cert_info.procure_component }}_crt is defined" - - "{{ cert_info.procure_component }}_key is defined" - - not component_key_file.stat.exists - - not component_cert_file.stat.exists + - cert_info.hostnames is undefined + - cert_info[ cert_info.procure_component + '_crt' ] is defined + - cert_info[ cert_info.procure_component + '_key' ] is defined + - not component_key_file.stat.exists + - not component_cert_file.stat.exists - name: Copying Server cert for {{ cert_info.procure_component }} to generated certs directory copy: content="{{procure_component_crt}}" dest={{generated_certs_dir}}/{{cert_info.procure_component}}.crt check_mode: no when: - - cert_info.hostnames is undefined - - "{{ cert_info.procure_component }}_crt is defined" - - "{{ cert_info.procure_component }}_key is defined" - - not component_key_file.stat.exists - - not component_cert_file.stat.exists + - cert_info.hostnames is undefined + - cert_info[ cert_info.procure_component + '_crt' ] is defined + - cert_info[ cert_info.procure_component + '_key' ] is defined + - not component_key_file.stat.exists + - not component_cert_file.stat.exists |