summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--roles/lib_openshift/library/oc_adm_csr.py7
-rw-r--r--roles/lib_openshift/src/ansible/oc_adm_csr.py7
-rw-r--r--roles/openshift_aws/tasks/accept_nodes.yml1
3 files changed, 15 insertions, 0 deletions
diff --git a/roles/lib_openshift/library/oc_adm_csr.py b/roles/lib_openshift/library/oc_adm_csr.py
index 3f33d50cd..30e8991cd 100644
--- a/roles/lib_openshift/library/oc_adm_csr.py
+++ b/roles/lib_openshift/library/oc_adm_csr.py
@@ -1651,6 +1651,7 @@ def main():
timeout=dict(default=30, type='int'),
approve_all=dict(default=False, type='bool'),
service_account=dict(default='node-bootstrapper', type='str'),
+ fail_on_timeout=dict(default=False, type='bool'),
),
supports_check_mode=True,
mutually_exclusive=[['approve_all', 'nodes']],
@@ -1661,6 +1662,12 @@ def main():
rval = OCcsr.run_ansible(module.params, module.check_mode)
+ # If we timed out then we weren't finished. Fail if user requested to fail.
+ if (module.params['timeout'] > 0 and
+ module.params['fail_on_timeout'] and
+ rval['timeout']):
+ return module.fail_json(msg='Timed out accepting certificate signing requests. Failing as requested.', **rval)
+
if 'failed' in rval:
return module.fail_json(**rval)
diff --git a/roles/lib_openshift/src/ansible/oc_adm_csr.py b/roles/lib_openshift/src/ansible/oc_adm_csr.py
index 9e43a810b..7b5e245d4 100644
--- a/roles/lib_openshift/src/ansible/oc_adm_csr.py
+++ b/roles/lib_openshift/src/ansible/oc_adm_csr.py
@@ -16,6 +16,7 @@ def main():
timeout=dict(default=30, type='int'),
approve_all=dict(default=False, type='bool'),
service_account=dict(default='node-bootstrapper', type='str'),
+ fail_on_timeout=dict(default=False, type='bool'),
),
supports_check_mode=True,
mutually_exclusive=[['approve_all', 'nodes']],
@@ -26,6 +27,12 @@ def main():
rval = OCcsr.run_ansible(module.params, module.check_mode)
+ # If we timed out then we weren't finished. Fail if user requested to fail.
+ if (module.params['timeout'] > 0 and
+ module.params['fail_on_timeout'] and
+ rval['timeout']):
+ return module.fail_json(msg='Timed out accepting certificate signing requests. Failing as requested.', **rval)
+
if 'failed' in rval:
return module.fail_json(**rval)
diff --git a/roles/openshift_aws/tasks/accept_nodes.yml b/roles/openshift_aws/tasks/accept_nodes.yml
index db30fe5c9..cc0cdcb0b 100644
--- a/roles/openshift_aws/tasks/accept_nodes.yml
+++ b/roles/openshift_aws/tasks/accept_nodes.yml
@@ -37,5 +37,6 @@
#approve_all: True
nodes: "{{ instancesout.instances|map(attribute='private_dns_name') | list }}"
timeout: 60
+ fail_on_timeout: "{{ openshift_aws_node_accept_fail_on_timeout | default(false) | bool }}"
register: nodeout
delegate_to: "{{ groups.masters.0 }}"