diff options
Diffstat (limited to 'roles/openshift_logging/tasks/generate_secrets.yaml')
| -rw-r--r-- | roles/openshift_logging/tasks/generate_secrets.yaml | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/roles/openshift_logging/tasks/generate_secrets.yaml b/roles/openshift_logging/tasks/generate_secrets.yaml index c4a70114d..1829acaee 100644 --- a/roles/openshift_logging/tasks/generate_secrets.yaml +++ b/roles/openshift_logging/tasks/generate_secrets.yaml @@ -21,9 +21,9 @@ secret_key_file: "{{component}}_key" secret_cert_file: "{{component}}_cert" secrets: - - {key: ca, value: "{{key_pairs | entry_from_named_pair('ca_file')| b64decode }}"} - - {key: key, value: "{{key_pairs | entry_from_named_pair(secret_key_file)| b64decode }}"} - - {key: cert, value: "{{key_pairs | entry_from_named_pair(secret_cert_file)| b64decode }}"} + - {key: ca, value: "{{key_pairs | entry_from_named_pair('ca_file')| b64decode }}"} + - {key: key, value: "{{key_pairs | entry_from_named_pair(secret_key_file)| b64decode }}"} + - {key: cert, value: "{{key_pairs | entry_from_named_pair(secret_cert_file)| b64decode }}"} secret_keys: ["ca", "cert", "key"] with_items: - kibana @@ -41,11 +41,11 @@ vars: secret_name: logging-kibana-proxy secrets: - - {key: oauth-secret, value: "{{oauth_secret}}"} - - {key: session-secret, value: "{{session_secret}}"} - - {key: server-key, value: "{{kibana_key_file}}"} - - {key: server-cert, value: "{{kibana_cert_file}}"} - - {key: server-tls, value: "{{server_tls_file}}"} + - {key: oauth-secret, value: "{{oauth_secret}}"} + - {key: session-secret, value: "{{session_secret}}"} + - {key: server-key, value: "{{kibana_key_file}}"} + - {key: server-cert, value: "{{kibana_cert_file}}"} + - {key: server-tls, value: "{{server_tls_file}}"} secret_keys: ["server-tls.json", "server-key", "session-secret", "oauth-secret", "server-cert"] kibana_key_file: "{{key_pairs | entry_from_named_pair('kibana_internal_key')| b64decode }}" kibana_cert_file: "{{key_pairs | entry_from_named_pair('kibana_internal_cert')| b64decode }}" @@ -63,8 +63,8 @@ admin-key={{generated_certs_dir}}/system.admin.key admin-cert={{generated_certs_dir}}/system.admin.crt admin-ca={{generated_certs_dir}}/ca.crt admin.jks={{generated_certs_dir}}/system.admin.jks -o yaml vars: - secret_name: logging-elasticsearch - secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key"] + secret_name: logging-elasticsearch + secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key"] register: logging_es_secret when: secret_name not in openshift_logging_facts.elasticsearch.secrets or secret_keys | difference(openshift_logging_facts.elasticsearch.secrets["{{secret_name}}"]["keys"]) | length != 0 |