summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node_certificates
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openshift_node_certificates')
-rw-r--r--roles/openshift_node_certificates/meta/main.yml2
-rw-r--r--roles/openshift_node_certificates/tasks/main.yml15
-rw-r--r--roles/openshift_node_certificates/vars/main.yml5
3 files changed, 21 insertions, 1 deletions
diff --git a/roles/openshift_node_certificates/meta/main.yml b/roles/openshift_node_certificates/meta/main.yml
index a099db115..50a862ee9 100644
--- a/roles/openshift_node_certificates/meta/main.yml
+++ b/roles/openshift_node_certificates/meta/main.yml
@@ -13,4 +13,4 @@ galaxy_info:
- cloud
- system
dependencies:
-- role: openshift_ca
+- role: openshift_facts
diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml
index 72567132c..0e69dc6f0 100644
--- a/roles/openshift_node_certificates/tasks/main.yml
+++ b/roles/openshift_node_certificates/tasks/main.yml
@@ -1,4 +1,19 @@
---
+- name: Ensure CA certificate exists on openshift_ca_host
+ stat:
+ path: "{{ openshift_ca_cert }}"
+ register: g_ca_cert_stat_result
+ delegate_to: "{{ openshift_ca_host }}"
+ run_once: true
+
+- fail:
+ msg: >
+ CA certificate {{ openshift_ca_cert }} doesn't exist on CA host
+ {{ openshift_ca_host }}. Apply 'openshift_ca' role to
+ {{ openshift_ca_host }}.
+ when: not g_ca_cert_stat_result.stat.exists | bool
+ run_once: true
+
- name: Check status of node certificates
stat:
path: "{{ openshift.common.config_base }}/node/{{ item }}"
diff --git a/roles/openshift_node_certificates/vars/main.yml b/roles/openshift_node_certificates/vars/main.yml
index 2fafc7387..17ad8106d 100644
--- a/roles/openshift_node_certificates/vars/main.yml
+++ b/roles/openshift_node_certificates/vars/main.yml
@@ -4,3 +4,8 @@ openshift_node_cert_dir: "{{ openshift.common.config_base }}/node"
openshift_node_cert_subdir: "node-{{ openshift.common.hostname }}"
openshift_node_config_dir: "{{ openshift.common.config_base }}/node"
openshift_node_generated_config_dir: "{{ openshift_generated_configs_dir }}/{{ openshift_node_cert_subdir }}"
+
+openshift_ca_config_dir: "{{ openshift.common.config_base }}/master"
+openshift_ca_cert: "{{ openshift_ca_config_dir }}/ca.crt"
+openshift_ca_key: "{{ openshift_ca_config_dir }}/ca.key"
+openshift_ca_serial: "{{ openshift_ca_config_dir }}/ca.serial.txt"