--- # check if pod generated files exist -- if they all do don't run the pod - name: Checking for elasticsearch.jks stat: path="{{generated_certs_dir}}/elasticsearch.jks" register: elasticsearch_jks check_mode: no - name: Checking for logging-es.jks stat: path="{{generated_certs_dir}}/logging-es.jks" register: logging_es_jks check_mode: no - name: Checking for system.admin.jks stat: path="{{generated_certs_dir}}/system.admin.jks" register: system_admin_jks check_mode: no - name: Checking for truststore.jks stat: path="{{generated_certs_dir}}/truststore.jks" register: truststore_jks check_mode: no - name: Create placeholder for previously created JKS certs to prevent recreating... local_action: file path="{{local_tmp.stdout}}/elasticsearch.jks" state=touch mode="u=rw,g=r,o=r" when: elasticsearch_jks.stat.exists changed_when: False - name: Create placeholder for previously created JKS certs to prevent recreating... local_action: file path="{{local_tmp.stdout}}/logging-es.jks" state=touch mode="u=rw,g=r,o=r" when: logging_es_jks.stat.exists changed_when: False - name: Create placeholder for previously created JKS certs to prevent recreating... local_action: file path="{{local_tmp.stdout}}/system.admin.jks" state=touch mode="u=rw,g=r,o=r" when: system_admin_jks.stat.exists changed_when: False - name: Create placeholder for previously created JKS certs to prevent recreating... local_action: file path="{{local_tmp.stdout}}/truststore.jks" state=touch mode="u=rw,g=r,o=r" when: truststore_jks.stat.exists changed_when: False - name: pulling down signing items from host fetch: src: "{{generated_certs_dir}}/{{item}}" dest: "{{local_tmp.stdout}}/{{item}}" flat: yes with_items: - ca.crt - ca.key - ca.serial.txt - ca.crl.srl - ca.db when: not elasticsearch_jks.stat.exists or not logging_es_jks.stat.exists or not system_admin_jks.stat.exists or not truststore_jks.stat.exists - local_action: template src=signing.conf.j2 dest={{local_tmp.stdout}}/signing.conf vars: - top_dir: "{{local_tmp.stdout}}" when: not elasticsearch_jks.stat.exists or not logging_es_jks.stat.exists or not system_admin_jks.stat.exists or not truststore_jks.stat.exists - name: Run JKS generation script local_action: script generate-jks.sh {{local_tmp.stdout}} {{openshift_logging_namespace}} check_mode: no when: not elasticsearch_jks.stat.exists or not logging_es_jks.stat.exists or not system_admin_jks.stat.exists or not truststore_jks.stat.exists - name: Pushing locally generated JKS certs to remote host... copy: src: "{{local_tmp.stdout}}/elasticsearch.jks" dest: "{{generated_certs_dir}}/elasticsearch.jks" when: not elasticsearch_jks.stat.exists - name: Pushing locally generated JKS certs to remote host... copy: src: "{{local_tmp.stdout}}/logging-es.jks" dest: "{{generated_certs_dir}}/logging-es.jks" when: not logging_es_jks.stat.exists - name: Pushing locally generated JKS certs to remote host... copy: src: "{{local_tmp.stdout}}/system.admin.jks" dest: "{{generated_certs_dir}}/system.admin.jks" when: not system_admin_jks.stat.exists - name: Pushing locally generated JKS certs to remote host... copy: src: "{{local_tmp.stdout}}/truststore.jks" dest: "{{generated_certs_dir}}/truststore.jks" when: not truststore_jks.stat.exists