roles/openshift_metrics/tasks/import_jks_certs.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

---
- stat: path="{{openshift_metrics_certs_dir}}/hawkular-cassandra.keystore"
  register: cassandra_keystore
  check_mode: no

- stat: path="{{openshift_metrics_certs_dir}}/hawkular-cassandra.truststore"
  register: cassandra_truststore
  check_mode: no

- stat: path="{{openshift_metrics_certs_dir}}/hawkular-metrics.keystore"
  register: metrics_keystore
  check_mode: no

- stat: path="{{openshift_metrics_certs_dir}}/hawkular-metrics.truststore"
  register: metrics_truststore
  check_mode: no

- stat: path="{{openshift_metrics_certs_dir}}/hawkular-jgroups.keystore"
  register: jgroups_keystore
  check_mode: no

- block:
  - slurp: src={{ openshift_metrics_certs_dir }}/hawkular-metrics-keystore.pwd
    register: metrics_keystore_password

  - slurp: src={{ openshift_metrics_certs_dir }}/hawkular-cassandra-keystore.pwd
    register: cassandra_keystore_password

  - slurp: src={{ openshift_metrics_certs_dir }}/hawkular-jgroups-keystore.pwd
    register: jgroups_keystore_password

  - fetch:
      dest: "{{local_tmp.stdout}}/"
      src: "{{ openshift_metrics_certs_dir }}/{{item}}"
      flat: yes
    changed_when: False
    with_items:
    - hawkular-metrics.pkcs12
    - hawkular-cassandra.pkcs12
    - hawkular-metrics.crt
    - hawkular-cassandra.crt
    - ca.crt

  - local_action: command {{role_path}}/files/import_jks_certs.sh
    environment:
      CERT_DIR: "{{local_tmp.stdout}}"
      METRICS_KEYSTORE_PASSWD: "{{metrics_keystore_password.content}}"
      CASSANDRA_KEYSTORE_PASSWD: "{{cassandra_keystore_password.content}}"
      METRICS_TRUSTSTORE_PASSWD: "{{hawkular_truststore_password.content}}"
      CASSANDRA_TRUSTSTORE_PASSWD: "{{cassandra_truststore_password.content}}"
      JGROUPS_PASSWD: "{{jgroups_keystore_password.content}}"
    changed_when: False

  - copy:
      dest: "{{openshift_metrics_certs_dir}}/"
      src: "{{item}}"
    with_fileglob: "{{local_tmp.stdout}}/*.*store"

  when: not metrics_keystore.stat.exists or
        not metrics_truststore.stat.exists or
        not cassandra_keystore.stat.exists or
        not cassandra_truststore.stat.exists or
        not jgroups_keystore.stat.exists