From 8e91ce82be1585c31401664c00d753035ed7f33e Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Tue, 27 Jun 2017 10:01:09 -0400 Subject: Update master configuration for named certificates during master cert redeploy. --- .../redeploy-certificates/masters.yml | 10 ++++++++++ .../filter_plugins/openshift_named_certificates.py | 21 +++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml index c30889d64..51b196299 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml @@ -51,3 +51,13 @@ | oo_collect('openshift.common.hostname') | default(none, true) }}" openshift_certificates_redeploy: true + - role: lib_utils + post_tasks: + - yedit: + src: "{{ openshift.common.config_base }}/master/master-config.yaml" + key: servingInfo.namedCertificates + value: "{{ openshift.master.named_certificates | default([]) | oo_named_certificates_list }}" + when: + - ('named_certificates' in openshift.master) + - openshift.master.named_certificates | default([]) | length > 0 + - openshift_master_overwrite_named_certificates | default(false) | bool diff --git a/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py b/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py new file mode 100644 index 000000000..6ed6d404c --- /dev/null +++ b/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py @@ -0,0 +1,21 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +''' +Custom filters for use with openshift named certificates +''' + + +class FilterModule(object): + ''' Custom ansible filters for use with openshift named certificates''' + + @staticmethod + def oo_named_certificates_list(named_certificates): + ''' Returns named certificates list with correct fields for the master + config file.''' + return [{'certFile': named_certificate['certfile'], + 'keyFile': named_certificate['keyfile'], + 'names': named_certificate['names']} for named_certificate in named_certificates] + + def filters(self): + ''' returns a mapping of filters to methods ''' + return {"oo_named_certificates_list": self.oo_named_certificates_list} -- cgit v1.2.3