diff options
Diffstat (limited to 'roles/lib_openshift/src')
| -rw-r--r-- | roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py | 7 | ||||
| -rw-r--r-- | roles/lib_openshift/src/class/oc_adm_ca_server_cert.py | 7 | ||||
| -rw-r--r-- | roles/lib_openshift/src/doc/ca_server_cert | 6 |
3 files changed, 9 insertions, 11 deletions
diff --git a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py index 91d8c83b0..3518a2de4 100644 --- a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -15,16 +15,15 @@ def main(): # oadm ca create-server-cert [options] cert=dict(default=None, type='str'), key=dict(default=None, type='str'), - signer_cert=dict(default=None, type='str'), - signer_key=dict(default=None, type='str'), - signer_serial=dict(default=None, type='str'), + signer_cert=dict(default='/etc/origin/master/ca.crt', type='str'), + signer_key=dict(default='/etc/origin/master/ca.key', type='str'), + signer_serial=dict(default='/etc/origin/master/ca.serial.txt', type='str'), hostnames=dict(default=[], type='list'), overwrite=dict(default=False, type='bool'), ), supports_check_mode=True, ) - # pylint: disable=line-too-long results = CAServerCert.run_ansible(module.params, module.check_mode) if 'failed' in results: return module.fail_json(**results) diff --git a/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py index 162f606f7..62200b592 100644 --- a/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py +++ b/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py @@ -3,7 +3,7 @@ class CAServerCertConfig(OpenShiftCLIConfig): ''' CAServerCertConfig is a DTO for the oc adm ca command ''' def __init__(self, kubeconfig, verbose, ca_options): - super(CertificateAuthorityConfig, self).__init__('ca', None, kubeconfig, ca_options) + super(CAServerCertConfig, self).__init__('ca', None, kubeconfig, ca_options) self.kubeconfig = kubeconfig self.verbose = verbose self._ca = ca_options @@ -45,11 +45,11 @@ class CAServerCert(OpenShiftCLI): if not os.path.exists(cert_path): return False - # Would prefer pyopenssl but is not installed. + # Would prefer pyopenssl but is not installed. # When we verify it is, switch this code proc = subprocess.Popen(['openssl', 'x509', '-noout', '-subject', '-in', cert_path], stdout=subprocess.PIPE, stderr=subprocess.PIPE) - stdout, stderr = proc.communicate() + stdout, _ = proc.communicate() if proc.returncode == 0: for var in self.config.config_options['hostnames']['value'].split(','): if var in stdout: @@ -66,7 +66,6 @@ class CAServerCert(OpenShiftCLI): {'cert': {'value': params['cert'], 'include': True}, 'hostnames': {'value': ','.join(params['hostnames']), 'include': True}, 'overwrite': {'value': params['overwrite'], 'include': True}, - 'signer_name': {'value': params['signer_name'], 'include': True}, 'key': {'value': params['key'], 'include': True}, 'signer_cert': {'value': params['signer_cert'], 'include': True}, 'signer_key': {'value': params['signer_key'], 'include': True}, diff --git a/roles/lib_openshift/src/doc/ca_server_cert b/roles/lib_openshift/src/doc/ca_server_cert index 401caf1fc..bb57a3e11 100644 --- a/roles/lib_openshift/src/doc/ca_server_cert +++ b/roles/lib_openshift/src/doc/ca_server_cert @@ -53,19 +53,19 @@ options: description: - The signer certificate file. required: false - default: None + default: /etc/origin/master/ca.crt aliases: [] signer_key: description: - The signer key file. required: false - default: None + default: /etc/origin/master/ca.key aliases: [] signer_serial: description: - The signer serial file. required: false - default: None + default: /etc/origin/master/ca.serial.txt aliases: [] hostnames: description: |