diff options
| author | Jeff Cantrill <jcantril@redhat.com> | 2017-01-26 12:28:46 -0500 |
|---|---|---|
| committer | Jeff Cantrill <jcantril@redhat.com> | 2017-01-27 13:15:20 -0500 |
| commit | bef725c7b04f7f0ba9fe83673024928e33b3ce2e (patch) | |
| tree | eb5476380d3d7330fd80823eeb28cbc56314aac8 /roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml | |
| parent | b31b6e3202e03394e8d8caf7813ee722d916d59e (diff) | |
| download | openshift-bef725c7b04f7f0ba9fe83673024928e33b3ce2e.tar.gz openshift-bef725c7b04f7f0ba9fe83673024928e33b3ce2e.tar.bz2 openshift-bef725c7b04f7f0ba9fe83673024928e33b3ce2e.tar.xz openshift-bef725c7b04f7f0ba9fe83673024928e33b3ce2e.zip | |
fix 1414625. Additional fix to run password commands on control node
Diffstat (limited to 'roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml')
| -rw-r--r-- | roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml | 48 |
1 files changed, 38 insertions, 10 deletions
diff --git a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml index 9cf4afee0..9333d341c 100644 --- a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml +++ b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml @@ -19,25 +19,53 @@ - slurp: src={{ openshift_metrics_certs_dir }}/hawkular-metrics-truststore.pwd register: hawkular_truststore_password +- stat: path="{{openshift_metrics_certs_dir}}/{{item}}" + register: pwd_file_stat + with_items: + - hawkular-metrics.pwd + - hawkular-metrics.htpasswd + - hawkular-jgroups-keystore.pwd + changed_when: no + +- set_fact: + pwd_files: "{{pwd_files | default({}) | combine ({item.item: item.stat}) }}" + with_items: "{{pwd_file_stat.results}}" + changed_when: no + +- name: Create temp directory local on control node + local_action: command mktemp -d + register: local_tmp + changed_when: False + - name: generate password for hawkular metrics and jgroups - copy: - dest: '{{ openshift_metrics_certs_dir }}/{{ item }}.pwd' - content: "{{ 15 | oo_random_word }}" + local_action: copy dest="{{ local_tmp.stdout}}/{{ item }}.pwd" content="{{ 15 | oo_random_word }}" with_items: - hawkular-metrics - hawkular-jgroups-keystore - when: not '{{ openshift_metrics_certs_dir }}/{{ item }}.pwd'|exists + when: "not pwd_files['{{ item }}.pwd'].exists" - name: generate htpasswd file for hawkular metrics - shell: > - htpasswd -ci - '{{ openshift_metrics_certs_dir }}/hawkular-metrics.htpasswd' hawkular - < '{{ openshift_metrics_certs_dir }}/hawkular-metrics.pwd' - when: > - not '{{ openshift_metrics_certs_dir }}/hawkular-metrics.htpasswd'|exists + local_action: > + shell htpasswd -ci + '{{ local_tmp.stdout }}/hawkular-metrics.htpasswd' hawkular + < '{{ local_tmp.stdout }}/hawkular-metrics.pwd' + when: "not pwd_files['hawkular-metrics.htpasswd'].exists" + +- name: copy local generated passwords to target + copy: + src: "{{local_tmp.stdout}}/{{item}}" + dest: "{{openshift_metrics_certs_dir}}/{{item}}" + with_items: + - hawkular-metrics.pwd + - hawkular-metrics.htpasswd + - hawkular-jgroups-keystore.pwd + when: "not pwd_files['{{ item }}'].exists" - include: import_jks_certs.yaml +- local_action: file path="{{local_tmp.stdout}}" state=absent + changed_when: False + - name: read files for the hawkular-metrics secret shell: > printf '%s: ' '{{ item }}' |