summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master_certificates/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openshift_master_certificates/tasks/main.yml')
-rw-r--r--roles/openshift_master_certificates/tasks/main.yml12
1 files changed, 8 insertions, 4 deletions
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml
index 273414f8d..ce27e238f 100644
--- a/roles/openshift_master_certificates/tasks/main.yml
+++ b/roles/openshift_master_certificates/tasks/main.yml
@@ -47,7 +47,7 @@
- name: Create the master server certificate
command: >
- {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-server-cert
+ {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm ca create-server-cert
{% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
@@ -71,7 +71,7 @@
- name: Generate the loopback master client config
command: >
- {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
+ {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm create-api-client-config
--certificate-authority={{ openshift_ca_cert }}
{% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
@@ -101,6 +101,7 @@
state: hard
force: true
with_items:
+ # certificates_to_synchronize is a custom filter in lib_utils
- "{{ hostvars[inventory_hostname] | certificates_to_synchronize }}"
when: master_certs_missing | bool and inventory_hostname != openshift_ca_host
delegate_to: "{{ openshift_ca_host }}"
@@ -120,7 +121,11 @@
register: g_master_certs_mktemp
changed_when: False
when: master_certs_missing | bool
- become: no
+
+- name: Chmod local temp directory for syncing certs
+ local_action: command chmod 777 "{{ g_master_certs_mktemp.stdout }}"
+ changed_when: False
+ when: master_certs_missing | bool
- name: Create a tarball of the master certs
command: >
@@ -157,7 +162,6 @@
local_action: file path="{{ g_master_certs_mktemp.stdout }}" state=absent
changed_when: False
when: master_certs_missing | bool
- become: no
- name: Lookup default group for ansible_ssh_user
command: "/usr/bin/id -g {{ ansible_ssh_user | quote }}"
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-18 01:51:46 +0000