parent: cc7de514 | patch | commit | ignore whitespace
joelbirchler
2020-03-04 f7f081190ed93972b293dcc751c6bd1c2297be26 
Merge branch 'shared-certs' of github.com:RedHatTraining/agnosticd into test
3 files modified
26 ■■■■ changed files
ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/files/deploy_certs.sh 4 ●●● patch | view | raw | blame | history
ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/files/deploy_certs.yml 5 ●●●●● patch | view | raw | blame | history
ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/tasks/workload.yml 17 ●●●● patch | view | raw | blame | history 
 ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/files/deploy_certs.sh


@@ -1,2 +1,4 @@


#!/bin/bash


ansible-playbook ./deploy_certs.yml


pushd ~/certbot/config/renewal-hooks/deploy


ansible-playbook ./deploy_certs.yml -e cluster_name="{{cluster_name}}"


popd




 ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/files/deploy_certs.yml


@@ -11,6 +11,8 @@


  - _certbot_install_dir: "/home/{{ ansible_user }}/certificates"


  - _certbot_remote_dir: "/home/{{ ansible_user }}"


  - _certbot_dir: "{{ _certbot_remote_dir }}/certbot"


  environment:


    KUBECONFIG: /home/{{ansible_user}}/{{cluster_name}}/auth/kubeconfig


  tasks:


  - name: Determine API server hostname


    shell: "oc whoami --show-server | cut -f 2 -d ':' | cut -f 3 -d '/' | sed 's/-api././'"


@@ -52,7 +54,7 @@


  - name: Create new Ingress Controller Certificate


    k8s:


      state: present


      definition: "{{ lookup('template', './router-certs.j2' ) | from_yaml }}"


      definition: "{{ lookup('template', './templates/router-certs.j2' ) | from_yaml }}"




  - name: Find Ingress Controller Pods


    k8s_facts:


@@ -107,4 +109,3 @@


      regexp: "^ +certificate-authority-data:"


      state: absent


    loop: "{{r_config_files.files}}"






 ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/tasks/workload.yml


@@ -94,21 +94,30 @@


  - name: Install redeploy hook scripts


    copy:


      src: ./files/deploy_certs.sh


      dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/deploy_certs.sh"


      dest: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/deploy_certs.sh"


      mode: 0775


      owner: "{{ ansible_user }}"




  - name: Install redeploy hook playbook


    copy:


      src: "./files/deploy_certs.yml"


      dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/deploy_certs.yml"


      src: "./files/{{ item }}"


      dest: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/{{ item }}"


      mode: 0664


      owner: "{{ ansible_user }}"


    loop:


    - deploy_certs.yml


    


  - name: Create template dir


    file:


      name: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/templates"


      state: directory


      owner: "{{ ansible_user }}"


      mode: 0775




  - name: Install redeploy secret templates


    copy:


      src: "./templates/{{ item }}"


      dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/{{ item }}"


      dest: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/templates/{{ item }}"


      mode: 0664


      owner: "{{ ansible_user }}"


    loop: