summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorAndrew Butcher <abutcher@redhat.com>2018-02-02 16:40:49 -0500
committerAndrew Butcher <abutcher@redhat.com>2018-02-05 15:27:40 -0500
commita966744c5729cc98154ce8712a9d5e979ced203b (patch)
tree2d121df57d2d123729260af18b5923a31016483e /roles
parentccb26c84fef4c85fddcdde217b9c0f01ff54bf7e (diff)
downloadopenshift-a966744c5729cc98154ce8712a9d5e979ced203b.tar.gz
openshift-a966744c5729cc98154ce8712a9d5e979ced203b.tar.bz2
openshift-a966744c5729cc98154ce8712a9d5e979ced203b.tar.xz
openshift-a966744c5729cc98154ce8712a9d5e979ced203b.zip
Correct the list of certificates checked in openshift_master_certificates s.t. masters do not incorrectly report that master certs are missing.
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_master_certificates/tasks/main.yml25
1 files changed, 8 insertions, 17 deletions
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml
index ce27e238f..a92b63979 100644
--- a/roles/openshift_master_certificates/tasks/main.yml
+++ b/roles/openshift_master_certificates/tasks/main.yml
@@ -1,25 +1,16 @@
---
-- set_fact:
- openshift_master_certs_no_etcd:
- - admin.crt
- - master.kubelet-client.crt
- - master.proxy-client.crt
- - master.server.crt
- - openshift-master.crt
- - openshift-registry.crt
- - openshift-router.crt
- - etcd.server.crt
- openshift_master_certs_etcd:
- - master.etcd-client.crt
-
-- set_fact:
- openshift_master_certs: "{{ (openshift_master_certs_no_etcd | union(openshift_master_certs_etcd )) if openshift_master_etcd_hosts | length > 0 else openshift_master_certs_no_etcd }}"
-
- name: Check status of master certificates
stat:
path: "{{ openshift_master_config_dir }}/{{ item }}"
with_items:
- - "{{ openshift_master_certs }}"
+ - admin.crt
+ - ca.crt
+ - ca-bundle.crt
+ - master.kubelet-client.crt
+ - master.proxy-client.crt
+ - master.server.crt
+ - openshift-master.crt
+ - service-signer.crt
register: g_master_cert_stat_result
when: not openshift_certificates_redeploy | default(false) | bool