summaryrefslogtreecommitdiffstats
path: root/roles/lib_openshift
diff options
context:
space:
mode:
authorKenny Woodson <kwoodson@redhat.com>2017-02-21 20:31:09 -0500
committerKenny Woodson <kwoodson@redhat.com>2017-02-21 20:32:37 -0500
commitfb2bf36d4e20fadac275d364c88a6586dd08bcb8 (patch)
treedccde620083a18cb73fcf4dfb039f06f6820d71a /roles/lib_openshift
parentb718955622da88c875aa5814fd87bcb3f53599f6 (diff)
downloadopenshift-fb2bf36d4e20fadac275d364c88a6586dd08bcb8.tar.gz
openshift-fb2bf36d4e20fadac275d364c88a6586dd08bcb8.tar.bz2
openshift-fb2bf36d4e20fadac275d364c88a6586dd08bcb8.tar.xz
openshift-fb2bf36d4e20fadac275d364c88a6586dd08bcb8.zip
if no key, cert, cacert, or default_cert is passed then do not pass to oc
Diffstat (limited to 'roles/lib_openshift')
-rw-r--r--roles/lib_openshift/library/oc_adm_router.py13
-rw-r--r--roles/lib_openshift/src/ansible/oc_adm_router.py1
-rw-r--r--roles/lib_openshift/src/class/oc_adm_router.py12
3 files changed, 22 insertions, 4 deletions
diff --git a/roles/lib_openshift/library/oc_adm_router.py b/roles/lib_openshift/library/oc_adm_router.py
index e6d0f795e..577772564 100644
--- a/roles/lib_openshift/library/oc_adm_router.py
+++ b/roles/lib_openshift/library/oc_adm_router.py
@@ -2613,8 +2613,11 @@ class Router(OpenShiftCLI):
def _prepare_router(self):
'''prepare router for instantiation'''
- # We need to create the pem file
- if self.config.config_options['default_cert']['value'] is None:
+ # if cacert, key, and cert were passed, combine them into a pem file
+ if (self.config.config_options['cacert_file']['value'] and
+ self.config.config_options['cert_file']['value'] and
+ self.config.config_options['key_file']['value']):
+
router_pem = '/tmp/router.pem'
with open(router_pem, 'w') as rfd:
rfd.write(open(self.config.config_options['cert_file']['value']).read())
@@ -2624,8 +2627,13 @@ class Router(OpenShiftCLI):
rfd.write(open(self.config.config_options['cacert_file']['value']).read())
atexit.register(Utils.cleanup, [router_pem])
+
self.config.config_options['default_cert']['value'] = router_pem
+ elif self.config.config_options['default_cert']['value'] is None:
+ # No certificate was passed to us. do not pass one to oc adm router
+ self.config.config_options['default_cert']['include'] = False
+
options = self.config.to_option_list()
cmd = ['router', self.config.name, '-n', self.config.namespace]
@@ -2937,6 +2945,7 @@ def main():
mutually_exclusive=[["router_type", "images"],
["key_file", "default_cert"],
["cert_file", "default_cert"],
+ ["cacert_file", "default_cert"],
],
supports_check_mode=True,
diff --git a/roles/lib_openshift/src/ansible/oc_adm_router.py b/roles/lib_openshift/src/ansible/oc_adm_router.py
index 48c9f0ec1..794eff3c2 100644
--- a/roles/lib_openshift/src/ansible/oc_adm_router.py
+++ b/roles/lib_openshift/src/ansible/oc_adm_router.py
@@ -51,6 +51,7 @@ def main():
mutually_exclusive=[["router_type", "images"],
["key_file", "default_cert"],
["cert_file", "default_cert"],
+ ["cacert_file", "default_cert"],
],
supports_check_mode=True,
diff --git a/roles/lib_openshift/src/class/oc_adm_router.py b/roles/lib_openshift/src/class/oc_adm_router.py
index 9d61cfdf2..1c4e17cf6 100644
--- a/roles/lib_openshift/src/class/oc_adm_router.py
+++ b/roles/lib_openshift/src/class/oc_adm_router.py
@@ -182,8 +182,11 @@ class Router(OpenShiftCLI):
def _prepare_router(self):
'''prepare router for instantiation'''
- # We need to create the pem file
- if self.config.config_options['default_cert']['value'] is None:
+ # if cacert, key, and cert were passed, combine them into a pem file
+ if (self.config.config_options['cacert_file']['value'] and
+ self.config.config_options['cert_file']['value'] and
+ self.config.config_options['key_file']['value']):
+
router_pem = '/tmp/router.pem'
with open(router_pem, 'w') as rfd:
rfd.write(open(self.config.config_options['cert_file']['value']).read())
@@ -193,8 +196,13 @@ class Router(OpenShiftCLI):
rfd.write(open(self.config.config_options['cacert_file']['value']).read())
atexit.register(Utils.cleanup, [router_pem])
+
self.config.config_options['default_cert']['value'] = router_pem
+ elif self.config.config_options['default_cert']['value'] is None:
+ # No certificate was passed to us. do not pass one to oc adm router
+ self.config.config_options['default_cert']['include'] = False
+
options = self.config.to_option_list()
cmd = ['router', self.config.name, '-n', self.config.namespace]