From 4c66a9b62488b5e344f2e65cda6bc2ba3e0f2933 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 15 Jun 2016 13:19:59 -0400 Subject: Add options for specifying named ca certificates to be added to the openshift ca bundle. --- roles/openshift_node_certificates/tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) (limited to 'roles/openshift_node_certificates') diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml index 0e69dc6f0..8768fb0c2 100644 --- a/roles/openshift_node_certificates/tasks/main.yml +++ b/roles/openshift_node_certificates/tasks/main.yml @@ -42,6 +42,9 @@ - name: Generate the node client config command: > {{ openshift.common.admin_binary }} create-api-client-config + {% for named_ca_certificate in hostvars[openshift_ca_host].openshift.master.named_certificates | default([]) | oo_collect('cafile') %} + --certificate-authority {{ named_ca_certificate }} + {% endfor %} --certificate-authority={{ openshift_ca_cert }} --client-dir={{ openshift_node_generated_config_dir }} --groups=system:nodes -- cgit v1.2.3