From df2024ea268e93bf00ccc44b00f95ca0cb128219 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 1 Mar 2017 13:39:27 -0500 Subject: Defaulting variables properly to avoid undefined route in dict error. --- roles/openshift_hosted/tasks/registry/registry.yml | 6 ++--- roles/openshift_hosted/tasks/registry/secure.yml | 27 +++++++++++----------- 2 files changed, 16 insertions(+), 17 deletions(-) (limited to 'roles') diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml index 5e9d5d06a..d49967837 100644 --- a/roles/openshift_hosted/tasks/registry/registry.yml +++ b/roles/openshift_hosted/tasks/registry/registry.yml @@ -40,9 +40,9 @@ openshift_hosted_registry_images: "{{ openshift.hosted.registry.registryurl | default('openshift3/ose-${component}:${version}')}}" openshift_hosted_registry_volumes: [] openshift_hosted_registry_env_vars: {} - openshift_hosted_registry_route_certificates: "{{ openshift.hosted.registry.route.certificates | default(false) }}" - openshift_hosted_registry_route_host: "{{ openshift.hosted.registry.route.host | default(false) }}" - openshift_hosted_registry_route_termination: "{{ openshift.hosted.registry.route.termination | default('passthrough') }}" + openshift_hosted_registry_routecertificates: "{{ ('routecertificates' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routecertificates, {}) }}" + openshift_hosted_registry_routehost: "{{ ('routehost' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routehost, False) }}" + openshift_hosted_registry_routetermination: "{{ ('routetermination' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routetermination, 'passthrough') }}" openshift_hosted_registry_edits: # These edits are being specified only to prevent 'changed' on rerun - key: spec.strategy.rollingParams diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml index 7b85c1076..9a0108a93 100644 --- a/roles/openshift_hosted/tasks/registry/secure.yml +++ b/roles/openshift_hosted/tasks/registry/secure.yml @@ -4,17 +4,16 @@ docker_registry_route_hostname: "{{ 'docker-registry-default.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}" run_once: true +- debug: var=openshift_hosted_registry_routecertificates + - name: Get the certificate contents for registry copy: backup: True - dest: "/etc/origin/master/named_certificates/{{ item | basename }}" - src: "{{ item }}" - register: openshift_hosted_registry_certificate_content - with_items: - - "{{ (openshift_hosted_registry_route_certificates | default({'certfile':none})).certfile }}" - - "{{ (openshift_hosted_registry_route_certificates | default({'keyfile':none})).keyfile }}" - - "{{ (openshift_hosted_registry_route_certificates | default({'cafile':none})).cafile }}" - when: openshift_hosted_registry_route_certificates + dest: "/etc/origin/master/named_certificates/{{ item.value | basename }}" + src: "{{ item.value }}" + when: item.key in ['certfile', 'keyfile', 'cafile'] and item.value is not None + with_dict: "{{ openshift_hosted_registry_routecertificates }}" + when: openshift_hosted_registry_routecertificates - debug: var=openshift_hosted_registry_route_termination @@ -23,12 +22,12 @@ name: docker-registry namespace: "{{ openshift_hosted_registry_namespace }}" service_name: docker-registry - tls_termination: "{{ openshift_hosted_registry_route_termination }}" - host: "{{ openshift_hosted_registry_route_host | default(docker_registry_route_hostname) }}" - cert_path: "{{ ('certfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.certfile | basename), omit) }}" - key_path: "{{ ('keyfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.keyfile | basename), omit) }}" - cacert_path: "{{ ('cafile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.cafile | basename), omit) }}" - dest_cacert_path: "{{ (openshift_hosted_registry_route_termination == 'reencrypt') | ternary('/etc/origin/master/ca.crt', omit) }}" + tls_termination: "{{ openshift_hosted_registry_routetermination }}" + host: "{{ openshift_hosted_registry_routehost | default(docker_registry_route_hostname) }}" + cert_path: "{{ ('certfile' in openshift_hosted_registry_routecertificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_routecertificates.certfile | basename), omit) }}" + key_path: "{{ ('keyfile' in openshift_hosted_registry_routecertificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_routecertificates.keyfile | basename), omit) }}" + cacert_path: "{{ ('cafile' in openshift_hosted_registry_routecertificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_routecertificates.cafile | basename), omit) }}" + dest_cacert_path: "{{ (openshift_hosted_registry_routetermination == 'reencrypt') | ternary('/etc/origin/master/ca.crt', omit) }}" run_once: true - name: Retrieve registry service IP -- cgit v1.2.3