diff options
| author | Jeff Peeler <jpeeler@redhat.com> | 2018-01-10 10:45:59 -0500 |
|---|---|---|
| committer | Jeff Peeler <jpeeler@redhat.com> | 2018-01-10 15:22:31 -0500 |
| commit | 53bd951747c03e181d0a3fcdb4f93354d7258ed6 (patch) | |
| tree | 2a4bf82063f9a1c6c118827495be816f94834c66 /roles/openshift_service_catalog/templates | |
| parent | ee2d4b8e66a344e8f6ca12cbc9362a80a07555d0 (diff) | |
| download | openshift-53bd951747c03e181d0a3fcdb4f93354d7258ed6.tar.gz openshift-53bd951747c03e181d0a3fcdb4f93354d7258ed6.tar.bz2 openshift-53bd951747c03e181d0a3fcdb4f93354d7258ed6.tar.xz openshift-53bd951747c03e181d0a3fcdb4f93354d7258ed6.zip | |
Update deployment and apiserver with new certs
Since new certificates are generated for every run, the apiservice
caBundle needs updating in order to have the on disk CA match what is in
Kubernetes.
Because the secrets are updated, the daemonset needs to do a rolling
update for the api server to pick up the new certs. Implemented here is
an added annotation to the api server such that the update occurs
automatically when the CA is changed.
Diffstat (limited to 'roles/openshift_service_catalog/templates')
| -rw-r--r-- | roles/openshift_service_catalog/templates/api_server.j2 | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/roles/openshift_service_catalog/templates/api_server.j2 b/roles/openshift_service_catalog/templates/api_server.j2 index 4f51b8c3c..e345df32c 100644 --- a/roles/openshift_service_catalog/templates/api_server.j2 +++ b/roles/openshift_service_catalog/templates/api_server.j2 @@ -14,6 +14,8 @@ spec: type: RollingUpdate template: metadata: + annotations: + ca_hash: {{ ca_hash }} labels: app: apiserver spec: |