summaryrefslogtreecommitdiffstats
path: root/filter_plugins
diff options
context:
space:
mode:
Diffstat (limited to 'filter_plugins')
-rw-r--r--filter_plugins/openshift_master.py15
1 files changed, 10 insertions, 5 deletions
diff --git a/filter_plugins/openshift_master.py b/filter_plugins/openshift_master.py
index b3f284a8e..d196d6c1f 100644
--- a/filter_plugins/openshift_master.py
+++ b/filter_plugins/openshift_master.py
@@ -237,7 +237,11 @@ class RequestHeaderIdentityProvider(IdentityProviderBase):
self._required += [['headers']]
self._optional += [['challengeURL', 'challenge_url'],
['loginURL', 'login_url'],
- ['clientCA', 'client_ca']]
+ ['clientCA', 'client_ca'],
+ ['clientCommonNames', 'client_common_names'],
+ ['emailHeaders', 'email_headers'],
+ ['nameHeaders', 'name_headers'],
+ ['preferredUsernameHeaders', 'preferred_username_headers']]
def validate(self):
''' validate this idp instance '''
@@ -521,7 +525,7 @@ class FilterModule(object):
return valid
@staticmethod
- def certificates_to_synchronize(hostvars):
+ def certificates_to_synchronize(hostvars, include_keys=True):
''' Return certificates to synchronize based on facts. '''
if not issubclass(type(hostvars), dict):
raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
@@ -535,9 +539,10 @@ class FilterModule(object):
'openshift-registry.kubeconfig',
'openshift-router.crt',
'openshift-router.key',
- 'openshift-router.kubeconfig',
- 'serviceaccounts.private.key',
- 'serviceaccounts.public.key']
+ 'openshift-router.kubeconfig']
+ if bool(include_keys):
+ certs += ['serviceaccounts.private.key',
+ 'serviceaccounts.public.key']
if bool(hostvars['openshift']['common']['version_gte_3_1_or_1_1']):
certs += ['master.proxy-client.crt',
'master.proxy-client.key']
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-20 05:13:33 +0000