# flake8: noqa
# pylint: skip-file

DOCUMENTATION = '''
---
module: oc_adm_ca_server_cert
short_description: Module to run openshift oc adm ca create-server-cert
description:
  - Wrapper around the openshift `oc adm ca create-server-cert` command.
options:
  state:
    description:
    - Present is the only supported state.  The state present means that `oc adm ca` will generate a certificate
    - and verify if the hostnames and the ClusterIP exists in the certificate.
    - When create-server-cert is desired then the following parameters are passed.
    - ['cert', 'key', 'signer_cert', 'signer_key', 'signer_serial']
    required: false
    default: present
    choices: 
    - present
    aliases: []
  kubeconfig:
    description:
    - The path for the kubeconfig file to use for authentication
    required: false
    default: /etc/origin/master/admin.kubeconfig
    aliases: []
  debug:
    description:
    - Turn on debug output.
    required: false
    default: False
    aliases: []
  cert:
    description:
    - The certificate file. Choose a name that indicates what the service is.
    required: false
    default: None
    aliases: []
  key:
    description:
    - The key file. Choose a name that indicates what the service is.
    required: false
    default: None
    aliases: []
  force:
    description:
    - Force updating of the existing cert and key files
    required: false
    default: False
    aliases: []
  signer_cert:
    description:
    - The signer certificate file.
    required: false
    default: /etc/origin/master/ca.crt
    aliases: []
  signer_key:
    description:
    - The signer key file.
    required: false
    default: /etc/origin/master/ca.key
    aliases: []
  signer_serial:
    description:
    - The signer serial file.
    required: false
    default: /etc/origin/master/ca.serial.txt
    aliases: []
  hostnames:
    description:
    - Every hostname or IP that server certs should be valid for
    required: false
    default: []
    aliases: []
  backup:
    description:
    - Whether to backup the cert and key files before writing them.
    required: false
    default: True
    aliases: []
  expire_days:
    description
    - Validity of the certificate in days
    required: false
    default: None
    aliases: []
author:
- "Kenny Woodson <kwoodson@redhat.com>"
extends_documentation_fragment: []
'''

EXAMPLES = '''
- name: Create a self-signed cert
  oc_adm_ca_server_cert:
    signer_cert: /etc/origin/master/ca.crt
    signer_key: /etc/origin/master/ca.key
    signer_serial: /etc/origin/master/ca.serial.txt
    hostnames: "registry.test.openshift.com,127.0.0.1,docker-registry.default.svc.cluster.local"
    cert: /etc/origin/master/registry.crt
    key: /etc/origin/master/registry.key
'''