summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorAndrew Butcher <abutcher@afrolegs.com>2017-02-07 10:12:58 -0500
committerGitHub <noreply@github.com>2017-02-07 10:12:58 -0500
commitaf24a2d38995d1eba94baddd0e3c746f1d9887da (patch)
treed0073e42b18c74fdc8488512bb35b4b424894cb1 /roles
parent880547d938e5b8a3918f812d71fb10358d5681e5 (diff)
parent10ef2f931240e473581bf22f15e3d4c81d334c97 (diff)
downloadopenshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.tar.gz
openshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.tar.bz2
openshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.tar.xz
openshift-af24a2d38995d1eba94baddd0e3c746f1d9887da.zip
Merge pull request #3260 from ashcrow/1395168
Copies CloudFront pem file to registry hosts
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_hosted/tasks/registry/storage/s3.yml21
1 files changed, 21 insertions, 0 deletions
diff --git a/roles/openshift_hosted/tasks/registry/storage/s3.yml b/roles/openshift_hosted/tasks/registry/storage/s3.yml
index 707be9c00..f73d9f0ae 100644
--- a/roles/openshift_hosted/tasks/registry/storage/s3.yml
+++ b/roles/openshift_hosted/tasks/registry/storage/s3.yml
@@ -10,3 +10,24 @@
openshift_hosted_registry_storage_s3_bucket and
openshift_hosted_registry_storage_s3_region are required
when: openshift.hosted.registry.storage.s3.bucket | default(none) is none or openshift.hosted.registry.storage.s3.region | default(none) is none
+
+# If cloudfront is being used, fail if we don't have all the required variables
+- assert:
+ that:
+ - "openshift_hosted_registry_storage_s3_cloudfront_baseurl is not defined or openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile | default(none) is not none"
+ - "openshift_hosted_registry_storage_s3_cloudfront_baseurl is not defined or openshift_hosted_registry_storage_s3_cloudfront_keypairid | default(none) is not none"
+ msg: >
+ When openshift_hosted_registry_storage_s3_cloudfront_baseurl is provided
+ openshift_hosted_registry_storage_s3_cloudfront_keypairid and
+ openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile are required
+
+# Copy the cloudfront.pem to the host if the baseurl is given
+- name: Copy cloudfront.pem to the registry
+ copy:
+ src: "{{ openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile }}"
+ dest: /etc/s3-cloudfront/cloudfront.pem
+ backup: true
+ owner: root
+ group: root
+ mode: 0600
+ when: openshift_hosted_registry_storage_s3_cloudfront_baseurl | default(none) is not none