diff options
Diffstat (limited to 'roles/openshift_master_certificates/tasks/main.yml')
-rw-r--r-- | roles/openshift_master_certificates/tasks/main.yml | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 273414f8d..ce27e238f 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -47,7 +47,7 @@ - name: Create the master server certificate command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-server-cert + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm ca create-server-cert {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %} --certificate-authority {{ named_ca_certificate }} {% endfor %} @@ -71,7 +71,7 @@ - name: Generate the loopback master client config command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm create-api-client-config --certificate-authority={{ openshift_ca_cert }} {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %} --certificate-authority {{ named_ca_certificate }} @@ -101,6 +101,7 @@ state: hard force: true with_items: + # certificates_to_synchronize is a custom filter in lib_utils - "{{ hostvars[inventory_hostname] | certificates_to_synchronize }}" when: master_certs_missing | bool and inventory_hostname != openshift_ca_host delegate_to: "{{ openshift_ca_host }}" @@ -120,7 +121,11 @@ register: g_master_certs_mktemp changed_when: False when: master_certs_missing | bool - become: no + +- name: Chmod local temp directory for syncing certs + local_action: command chmod 777 "{{ g_master_certs_mktemp.stdout }}" + changed_when: False + when: master_certs_missing | bool - name: Create a tarball of the master certs command: > @@ -157,7 +162,6 @@ local_action: file path="{{ g_master_certs_mktemp.stdout }}" state=absent changed_when: False when: master_certs_missing | bool - become: no - name: Lookup default group for ansible_ssh_user command: "/usr/bin/id -g {{ ansible_ssh_user | quote }}" |