roles/openshift_aws/tasks/iam_cert.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

---
- name: upload certificates to AWS IAM
  iam_cert23:
    state: present
    name: "{{ openshift_aws_iam_cert_name }}"
    cert: "{{ openshift_aws_iam_cert_path }}"
    key: "{{ openshift_aws_iam_cert_key_path }}"
    cert_chain: "{{ openshift_aws_iam_cert_chain_path | default(omit) }}"
  register: elb_cert_chain
  failed_when:
  - "'failed' in elb_cert_chain"
  - elb_cert_chain.failed
  - "'msg' in elb_cert_chain"
  - "'already exists and has a different certificate body' in elb_cert_chain.msg"
  - "'BotoServerError' in elb_cert_chain.msg"
  when:
  - openshift_aws_create_iam_cert | bool
  - openshift_aws_iam_cert_path != ''
  - openshift_aws_iam_cert_key_path != ''
  - openshift_aws_elb_cert_arn == ''

- name: set_fact openshift_aws_elb_cert_arn
  set_fact:
    openshift_aws_elb_cert_arn: "{{ elb_cert_chain.arn }}"

- name: wait for cert to propagate
  pause:
    seconds: 5
  when: elb_cert_chain.changed