diff options
author | Scott Dodson <sdodson@redhat.com> | 2017-11-07 13:27:52 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-07 13:27:52 -0500 |
commit | dbf69689ce5a7250d8a8438491ddbff96ee033cb (patch) | |
tree | 9d9abaf8fe77d6a84023fe6ddce5a6ad15ea203d /roles | |
parent | 7a068268ed83cc3e86c8cbc0c2e62c667ba9e109 (diff) | |
parent | fabf4ca065397ce85164d7bc20facbb40d96a9da (diff) | |
download | openshift-dbf69689ce5a7250d8a8438491ddbff96ee033cb.tar.gz openshift-dbf69689ce5a7250d8a8438491ddbff96ee033cb.tar.bz2 openshift-dbf69689ce5a7250d8a8438491ddbff96ee033cb.tar.xz openshift-dbf69689ce5a7250d8a8438491ddbff96ee033cb.zip |
Merge pull request #6044 from fabianvf/1510546-asb-fix-cert-conditional
Fix ansible service broker etcd cert generation logic.
Diffstat (limited to 'roles')
-rw-r--r-- | roles/ansible_service_broker/tasks/generate_certs.yml | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/roles/ansible_service_broker/tasks/generate_certs.yml b/roles/ansible_service_broker/tasks/generate_certs.yml index 50156a35c..b1cb5fc58 100644 --- a/roles/ansible_service_broker/tasks/generate_certs.yml +++ b/roles/ansible_service_broker/tasks/generate_certs.yml @@ -9,25 +9,25 @@ mode: 0755 check_mode: no - - set_fact: - ansible_service_broker_certs_dir: "{{ openshift.common.config_base }}/ansible-service-broker" - - name: Create self signing ca cert - command: 'openssl req -nodes -x509 -newkey rsa:4096 -keyout {{ ansible_service_broker_certs_dir }}/key.pem -out {{ ansible_service_broker_certs_dir }}/cert.pem -days 365 -subj "/CN=asb-etcd.openshift-ansible-service-broker.svc"' + command: 'openssl req -nodes -x509 -newkey rsa:4096 -keyout {{ openshift.common.config_base }}/ansible-service-broker/key.pem -out {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -days 365 -subj "/CN=asb-etcd.openshift-ansible-service-broker.svc"' args: - creates: '{{ ansible_service_broker_certs_dir }}/cert.pem' + creates: '{{ openshift.common.config_base }}/ansible-service-broker/cert.pem' - name: Create self signed client cert command: '{{ item.cmd }}' args: creates: '{{ item.creates }}' with_items: - - cmd: openssl genrsa -out {{ ansible_service_broker_certs_dir }}/client.key 2048 - creates: '{{ ansible_service_broker_certs_dir }}/client.key' - - cmd: 'openssl req -new -key {{ ansible_service_broker_certs_dir }}/client.key -out {{ ansible_service_broker_certs_dir }}/client.csr -subj "/CN=client"' - creates: '{{ ansible_service_broker_certs_dir }}/client.csr' - - cmd: openssl x509 -req -in {{ ansible_service_broker_certs_dir }}/client.csr -CA {{ ansible_service_broker_certs_dir }}/cert.pem -CAkey {{ ansible_service_broker_certs_dir }}/key.pem -CAcreateserial -out {{ ansible_service_broker_certs_dir }}/client.pem -days 1024 - creates: '{{ ansible_service_broker_certs_dir }}/client.pem' + - cmd: openssl genrsa -out {{ openshift.common.config_base }}/ansible-service-broker/client.key 2048 + creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.key' + - cmd: 'openssl req -new -key {{ openshift.common.config_base }}/ansible-service-broker/client.key -out {{ openshift.common.config_base }}/ansible-service-broker/client.csr -subj "/CN=client"' + creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.csr' + - cmd: openssl x509 -req -in {{ openshift.common.config_base }}/ansible-service-broker/client.csr -CA {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -CAkey {{ openshift.common.config_base }}/ansible-service-broker/key.pem -CAcreateserial -out {{ openshift.common.config_base }}/ansible-service-broker/client.pem -days 1024 + creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.pem' + + - set_fact: + ansible_service_broker_certs_dir: "{{ openshift.common.config_base }}/ansible-service-broker" - set_fact: etcd_ca_cert: "{{ lookup('file', '{{ ansible_service_broker_certs_dir }}/cert.pem') }}" |