diff options
-rw-r--r-- | roles/lib_openshift/library/oc_adm_ca_server_cert.py (renamed from roles/lib_openshift/library/oadm_ca.py) | 80 | ||||
-rw-r--r-- | roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py (renamed from roles/lib_openshift/src/ansible/oadm_certificate_authority.py) | 20 | ||||
-rw-r--r-- | roles/lib_openshift/src/class/oc_adm_ca_server_cert.py (renamed from roles/lib_openshift/src/class/oadm_certificate_authority.py) | 48 | ||||
-rw-r--r-- | roles/lib_openshift/src/doc/ca_server_cert (renamed from roles/lib_openshift/src/doc/certificate_authority) | 0 | ||||
-rw-r--r-- | roles/lib_openshift/src/sources.yml | 8 |
5 files changed, 60 insertions, 96 deletions
diff --git a/roles/lib_openshift/library/oadm_ca.py b/roles/lib_openshift/library/oc_adm_ca_server_cert.py index 1482ab591..19031f956 100644 --- a/roles/lib_openshift/library/oadm_ca.py +++ b/roles/lib_openshift/library/oc_adm_ca_server_cert.py @@ -45,7 +45,7 @@ from ansible.module_utils.basic import AnsibleModule # -*- -*- -*- End included fragment: lib/import.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: doc/certificate_authority -*- -*- -*- +# -*- -*- -*- Begin included fragment: doc/ca_server_cert -*- -*- -*- DOCUMENTATION = ''' --- @@ -186,7 +186,7 @@ EXAMPLES = ''' key: /etc/origin/master/registry.key ''' -# -*- -*- -*- End included fragment: doc/certificate_authority -*- -*- -*- +# -*- -*- -*- End included fragment: doc/ca_server_cert -*- -*- -*- # -*- -*- -*- Begin included fragment: ../../lib_utils/src/class/yedit.py -*- -*- -*- # noqa: E301,E302 @@ -1325,9 +1325,9 @@ class OpenShiftCLIConfig(object): # -*- -*- -*- End included fragment: lib/base.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: class/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- Begin included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*- -class CertificateAuthorityConfig(OpenShiftCLIConfig): +class CAServerCertConfig(OpenShiftCLIConfig): ''' CertificateAuthorityConfig is a DTO for the oadm ca command ''' def __init__(self, cmd, kubeconfig, verbose, ca_options): super(CertificateAuthorityConfig, self).__init__('ca', None, kubeconfig, ca_options) @@ -1336,13 +1336,13 @@ class CertificateAuthorityConfig(OpenShiftCLIConfig): self.verbose = verbose self._ca = ca_options -class CertificateAuthority(OpenShiftCLI): +class CAServerCert(OpenShiftCLI): ''' Class to wrap the oc command line tools ''' def __init__(self, config, verbose=False): ''' Constructor for oadm ca ''' - super(CertificateAuthority, self).__init__(None, config.kubeconfig, verbose) + super(CAServerCert, self).__init__(None, config.kubeconfig, verbose) self.config = config self.verbose = verbose @@ -1358,7 +1358,7 @@ class CertificateAuthority(OpenShiftCLI): return None def create(self): - '''Create a deploymentconfig ''' + '''run openshift ca cmd''' options = self.config.to_option_list() cmd = ['ca'] @@ -1388,26 +1388,20 @@ class CertificateAuthority(OpenShiftCLI): def run_ansible(params, check_mode): '''run the idempotent ansible code''' - config = CertificateAuthorityConfig(params['cmd'], - params['kubeconfig'], - params['debug'], - {'cert_dir': {'value': params['cert_dir'], 'include': True}, - 'cert': {'value': params['cert'], 'include': True}, - 'hostnames': {'value': ','.join(params['hostnames']), 'include': True}, - 'master': {'value': params['master'], 'include': True}, - 'public_master': {'value': params['public_master'], 'include': True}, - 'overwrite': {'value': params['overwrite'], 'include': True}, - 'signer_name': {'value': params['signer_name'], 'include': True}, - 'private_key': {'value': params['private_key'], 'include': True}, - 'public_key': {'value': params['public_key'], 'include': True}, - 'key': {'value': params['key'], 'include': True}, - 'signer_cert': {'value': params['signer_cert'], 'include': True}, - 'signer_key': {'value': params['signer_key'], 'include': True}, - 'signer_serial': {'value': params['signer_serial'], 'include': True}, - }) - - - oadm_ca = CertificateAuthority(config) + config = CAServerCertConfig(params['cmd'], + params['kubeconfig'], + params['debug'], + {'cert': {'value': params['cert'], 'include': True}, + 'hostnames': {'value': ','.join(params['hostnames']), 'include': True}, + 'overwrite': {'value': params['overwrite'], 'include': True}, + 'signer_name': {'value': params['signer_name'], 'include': True}, + 'key': {'value': params['key'], 'include': True}, + 'signer_cert': {'value': params['signer_cert'], 'include': True}, + 'signer_key': {'value': params['signer_key'], 'include': True}, + 'signer_serial': {'value': params['signer_serial'], 'include': True}, + }) + + server_cert = CAServerCert(config) state = params['state'] @@ -1415,34 +1409,34 @@ class CertificateAuthority(OpenShiftCLI): ######## # Create ######## - if not oadm_ca.exists() or params['overwrite']: + if not server_cert.exists() or params['overwrite']: if check_mode: return {'changed': True, 'msg': "CHECK_MODE: Would have created the certificate.", 'state': state} - api_rval = oadm_ca.create() + api_rval = server_cert.create() return {'changed': True, 'results': api_rval, 'state': state} ######## # Exists ######## - api_rval = oadm_ca.get() + api_rval = server_cert.get() return {'changed': False, 'results': api_rval, 'state': state} return {'failed': True, 'msg': 'Unknown state passed. %s' % state} -# -*- -*- -*- End included fragment: class/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- End included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: ansible/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- Begin included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*- def main(): ''' - ansible oadm module for ca + ansible oc adm module for ca create-server-cert ''' module = AnsibleModule( @@ -1451,32 +1445,20 @@ def main(): debug=dict(default=False, type='bool'), kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), cmd=dict(default=None, require=True, type='str'), - - # oadm ca create-master-certs [options] - cert_dir=dict(default=None, type='str'), - hostnames=dict(default=[], type='list'), - master=dict(default=None, type='str'), - public_master=dict(default=None, type='str'), - overwrite=dict(default=False, type='bool'), - signer_name=dict(default=None, type='str'), - - # oadm ca create-key-pair [options] - private_key=dict(default=None, type='str'), - public_key=dict(default=None, type='str'), - # oadm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), signer_cert=dict(default=None, type='str'), signer_key=dict(default=None, type='str'), signer_serial=dict(default=None, type='str'), - + hostnames=dict(default=[], type='list'), + overwrite=dict(default=False, type='bool'), ), supports_check_mode=True, ) # pylint: disable=line-too-long - results = CertificateAuthority.run_ansible(module.params, module.check_mode) + results = CAServerCert.run_ansible(module.params, module.check_mode) if 'failed' in results: return module.fail_json(**results) @@ -1486,4 +1468,4 @@ def main(): if __name__ == '__main__': main() -# -*- -*- -*- End included fragment: ansible/oadm_certificate_authority.py -*- -*- -*- +# -*- -*- -*- End included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*- diff --git a/roles/lib_openshift/src/ansible/oadm_certificate_authority.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py index ad00b25b4..91d8c83b0 100644 --- a/roles/lib_openshift/src/ansible/oadm_certificate_authority.py +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -3,7 +3,7 @@ def main(): ''' - ansible oadm module for ca + ansible oc adm module for ca create-server-cert ''' module = AnsibleModule( @@ -12,32 +12,20 @@ def main(): debug=dict(default=False, type='bool'), kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), cmd=dict(default=None, require=True, type='str'), - - # oadm ca create-master-certs [options] - cert_dir=dict(default=None, type='str'), - hostnames=dict(default=[], type='list'), - master=dict(default=None, type='str'), - public_master=dict(default=None, type='str'), - overwrite=dict(default=False, type='bool'), - signer_name=dict(default=None, type='str'), - - # oadm ca create-key-pair [options] - private_key=dict(default=None, type='str'), - public_key=dict(default=None, type='str'), - # oadm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), signer_cert=dict(default=None, type='str'), signer_key=dict(default=None, type='str'), signer_serial=dict(default=None, type='str'), - + hostnames=dict(default=[], type='list'), + overwrite=dict(default=False, type='bool'), ), supports_check_mode=True, ) # pylint: disable=line-too-long - results = CertificateAuthority.run_ansible(module.params, module.check_mode) + results = CAServerCert.run_ansible(module.params, module.check_mode) if 'failed' in results: return module.fail_json(**results) diff --git a/roles/lib_openshift/src/class/oadm_certificate_authority.py b/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py index 34bd0f0a9..92505c08e 100644 --- a/roles/lib_openshift/src/class/oadm_certificate_authority.py +++ b/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py @@ -1,6 +1,6 @@ # pylint: skip-file -class CertificateAuthorityConfig(OpenShiftCLIConfig): +class CAServerCertConfig(OpenShiftCLIConfig): ''' CertificateAuthorityConfig is a DTO for the oadm ca command ''' def __init__(self, cmd, kubeconfig, verbose, ca_options): super(CertificateAuthorityConfig, self).__init__('ca', None, kubeconfig, ca_options) @@ -9,13 +9,13 @@ class CertificateAuthorityConfig(OpenShiftCLIConfig): self.verbose = verbose self._ca = ca_options -class CertificateAuthority(OpenShiftCLI): +class CAServerCert(OpenShiftCLI): ''' Class to wrap the oc command line tools ''' def __init__(self, config, verbose=False): ''' Constructor for oadm ca ''' - super(CertificateAuthority, self).__init__(None, config.kubeconfig, verbose) + super(CAServerCert, self).__init__(None, config.kubeconfig, verbose) self.config = config self.verbose = verbose @@ -31,7 +31,7 @@ class CertificateAuthority(OpenShiftCLI): return None def create(self): - '''Create a deploymentconfig ''' + '''run openshift ca cmd''' options = self.config.to_option_list() cmd = ['ca'] @@ -61,26 +61,20 @@ class CertificateAuthority(OpenShiftCLI): def run_ansible(params, check_mode): '''run the idempotent ansible code''' - config = CertificateAuthorityConfig(params['cmd'], - params['kubeconfig'], - params['debug'], - {'cert_dir': {'value': params['cert_dir'], 'include': True}, - 'cert': {'value': params['cert'], 'include': True}, - 'hostnames': {'value': ','.join(params['hostnames']), 'include': True}, - 'master': {'value': params['master'], 'include': True}, - 'public_master': {'value': params['public_master'], 'include': True}, - 'overwrite': {'value': params['overwrite'], 'include': True}, - 'signer_name': {'value': params['signer_name'], 'include': True}, - 'private_key': {'value': params['private_key'], 'include': True}, - 'public_key': {'value': params['public_key'], 'include': True}, - 'key': {'value': params['key'], 'include': True}, - 'signer_cert': {'value': params['signer_cert'], 'include': True}, - 'signer_key': {'value': params['signer_key'], 'include': True}, - 'signer_serial': {'value': params['signer_serial'], 'include': True}, - }) - - - oadm_ca = CertificateAuthority(config) + config = CAServerCertConfig(params['cmd'], + params['kubeconfig'], + params['debug'], + {'cert': {'value': params['cert'], 'include': True}, + 'hostnames': {'value': ','.join(params['hostnames']), 'include': True}, + 'overwrite': {'value': params['overwrite'], 'include': True}, + 'signer_name': {'value': params['signer_name'], 'include': True}, + 'key': {'value': params['key'], 'include': True}, + 'signer_cert': {'value': params['signer_cert'], 'include': True}, + 'signer_key': {'value': params['signer_key'], 'include': True}, + 'signer_serial': {'value': params['signer_serial'], 'include': True}, + }) + + server_cert = CAServerCert(config) state = params['state'] @@ -88,21 +82,21 @@ class CertificateAuthority(OpenShiftCLI): ######## # Create ######## - if not oadm_ca.exists() or params['overwrite']: + if not server_cert.exists() or params['overwrite']: if check_mode: return {'changed': True, 'msg': "CHECK_MODE: Would have created the certificate.", 'state': state} - api_rval = oadm_ca.create() + api_rval = server_cert.create() return {'changed': True, 'results': api_rval, 'state': state} ######## # Exists ######## - api_rval = oadm_ca.get() + api_rval = server_cert.get() return {'changed': False, 'results': api_rval, 'state': state} return {'failed': True, diff --git a/roles/lib_openshift/src/doc/certificate_authority b/roles/lib_openshift/src/doc/ca_server_cert index bf299f0cb..bf299f0cb 100644 --- a/roles/lib_openshift/src/doc/certificate_authority +++ b/roles/lib_openshift/src/doc/ca_server_cert diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml index 7f0de6a65..b49f7b490 100644 --- a/roles/lib_openshift/src/sources.yml +++ b/roles/lib_openshift/src/sources.yml @@ -1,13 +1,13 @@ --- -oadm_ca.py: +oc_adm_ca_server_cert.py: - doc/generated - doc/license - lib/import.py -- doc/certificate_authority +- doc/ca_server_cert - ../../lib_utils/src/class/yedit.py - lib/base.py -- class/oadm_certificate_authority.py -- ansible/oadm_certificate_authority.py +- class/oc_adm_ca_server_cert.py +- ansible/oc_adm_ca_server_cert.py oadm_manage_node.py: - doc/generated |