diff options
author | Andrew Butcher <abutcher@afrolegs.com> | 2017-02-07 10:12:58 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-07 10:12:58 -0500 |
commit | af24a2d38995d1eba94baddd0e3c746f1d9887da (patch) | |
tree | d0073e42b18c74fdc8488512bb35b4b424894cb1 /roles | |
parent | 880547d938e5b8a3918f812d71fb10358d5681e5 (diff) | |
parent | 10ef2f931240e473581bf22f15e3d4c81d334c97 (diff) | |
download | openshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.tar.gz openshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.tar.bz2 openshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.tar.xz openshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.zip |
Merge pull request #3260 from ashcrow/1395168
Copies CloudFront pem file to registry hosts
Diffstat (limited to 'roles')
-rw-r--r-- | roles/openshift_hosted/tasks/registry/storage/s3.yml | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/roles/openshift_hosted/tasks/registry/storage/s3.yml b/roles/openshift_hosted/tasks/registry/storage/s3.yml index 707be9c00..f73d9f0ae 100644 --- a/roles/openshift_hosted/tasks/registry/storage/s3.yml +++ b/roles/openshift_hosted/tasks/registry/storage/s3.yml @@ -10,3 +10,24 @@ openshift_hosted_registry_storage_s3_bucket and openshift_hosted_registry_storage_s3_region are required when: openshift.hosted.registry.storage.s3.bucket | default(none) is none or openshift.hosted.registry.storage.s3.region | default(none) is none + +# If cloudfront is being used, fail if we don't have all the required variables +- assert: + that: + - "openshift_hosted_registry_storage_s3_cloudfront_baseurl is not defined or openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile | default(none) is not none" + - "openshift_hosted_registry_storage_s3_cloudfront_baseurl is not defined or openshift_hosted_registry_storage_s3_cloudfront_keypairid | default(none) is not none" + msg: > + When openshift_hosted_registry_storage_s3_cloudfront_baseurl is provided + openshift_hosted_registry_storage_s3_cloudfront_keypairid and + openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile are required + +# Copy the cloudfront.pem to the host if the baseurl is given +- name: Copy cloudfront.pem to the registry + copy: + src: "{{ openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile }}" + dest: /etc/s3-cloudfront/cloudfront.pem + backup: true + owner: root + group: root + mode: 0600 + when: openshift_hosted_registry_storage_s3_cloudfront_baseurl | default(none) is not none |