diff options
| author | Kenny Woodson <kwoodson@redhat.com> | 2017-09-11 14:13:43 -0400 |
|---|---|---|
| committer | Kenny Woodson <kwoodson@redhat.com> | 2017-10-17 15:34:00 -0400 |
| commit | 47d2e205fa6c76ec66cd22b9100b561cd71e6976 (patch) | |
| tree | 6dd9459a73e60282cfa204abfb00ca998e2a11d7 /roles/lib_openshift/library | |
| parent | 1d75eb325c0dbfd4614ab6e6535d07a2ea3ecbc3 (diff) | |
| download | openshift-47d2e205fa6c76ec66cd22b9100b561cd71e6976.tar.gz openshift-47d2e205fa6c76ec66cd22b9100b561cd71e6976.tar.bz2 openshift-47d2e205fa6c76ec66cd22b9100b561cd71e6976.tar.xz openshift-47d2e205fa6c76ec66cd22b9100b561cd71e6976.zip | |
Do not remove files for bootstrap if resolv or dns.
Diffstat (limited to 'roles/lib_openshift/library')
| -rw-r--r-- | roles/lib_openshift/library/oc_adm_csr.py | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/roles/lib_openshift/library/oc_adm_csr.py b/roles/lib_openshift/library/oc_adm_csr.py index d1dc4caf8..324f52689 100644 --- a/roles/lib_openshift/library/oc_adm_csr.py +++ b/roles/lib_openshift/library/oc_adm_csr.py @@ -1478,11 +1478,23 @@ class OCcsr(OpenShiftCLI): return False + def get_csr_request(self, request): + '''base64 decode the request object and call openssl to determine the + subject and specifically the CN: from the request + + Output: + (0, '... + Subject: O=system:nodes, CN=system:node:ip-172-31-54-54.ec2.internal + ...') + ''' + import base64 + return self._run(['openssl', 'req', '-noout', '-text'], base64.b64decode(request))[1] + def match_node(self, csr): '''match an inc csr to a node in self.nodes''' for node in self.nodes: - # we have a match - if node['name'] in csr['metadata']['name']: + # we need to match based upon the csr's request certificate's CN + if node['name'] in self.get_csr_request(csr['spec']['request']): node['csrs'][csr['metadata']['name']] = csr # check that the username is the node and type is 'Approved' |