From 4ec879a68e7d50f7848364c8cb5b55e82694ef00 Mon Sep 17 00:00:00 2001
From: Andrew Butcher <abutcher@redhat.com>
Date: Wed, 20 Jul 2016 19:04:40 -0400
Subject: Re-arrange master and node role dependencies.

---
 roles/openshift_master/meta/main.yml             |  2 --
 roles/openshift_node_certificates/meta/main.yml  |  2 +-
 roles/openshift_node_certificates/tasks/main.yml | 15 +++++++++++++++
 roles/openshift_node_certificates/vars/main.yml  |  5 +++++
 4 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index 46d7c72e8..be70d9102 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -13,8 +13,6 @@ galaxy_info:
   - cloud
 dependencies:
 - role: openshift_clock
-- role: openshift_docker
-- role: openshift_cli
 - role: openshift_master_certificates
 - role: openshift_cloud_provider
 - role: openshift_builddefaults
diff --git a/roles/openshift_node_certificates/meta/main.yml b/roles/openshift_node_certificates/meta/main.yml
index a099db115..50a862ee9 100644
--- a/roles/openshift_node_certificates/meta/main.yml
+++ b/roles/openshift_node_certificates/meta/main.yml
@@ -13,4 +13,4 @@ galaxy_info:
   - cloud
   - system
 dependencies:
-- role: openshift_ca
+- role: openshift_facts
diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml
index 72567132c..0e69dc6f0 100644
--- a/roles/openshift_node_certificates/tasks/main.yml
+++ b/roles/openshift_node_certificates/tasks/main.yml
@@ -1,4 +1,19 @@
 ---
+- name: Ensure CA certificate exists on openshift_ca_host
+  stat:
+    path: "{{ openshift_ca_cert }}"
+  register: g_ca_cert_stat_result
+  delegate_to: "{{ openshift_ca_host }}"
+  run_once: true
+
+- fail:
+    msg: >
+      CA certificate {{ openshift_ca_cert }} doesn't exist on CA host
+      {{ openshift_ca_host }}. Apply 'openshift_ca' role to
+      {{ openshift_ca_host }}.
+  when: not g_ca_cert_stat_result.stat.exists | bool
+  run_once: true
+
 - name: Check status of node certificates
   stat:
     path: "{{ openshift.common.config_base }}/node/{{ item }}"
diff --git a/roles/openshift_node_certificates/vars/main.yml b/roles/openshift_node_certificates/vars/main.yml
index 2fafc7387..17ad8106d 100644
--- a/roles/openshift_node_certificates/vars/main.yml
+++ b/roles/openshift_node_certificates/vars/main.yml
@@ -4,3 +4,8 @@ openshift_node_cert_dir: "{{ openshift.common.config_base }}/node"
 openshift_node_cert_subdir: "node-{{ openshift.common.hostname }}"
 openshift_node_config_dir: "{{ openshift.common.config_base }}/node"
 openshift_node_generated_config_dir: "{{ openshift_generated_configs_dir }}/{{ openshift_node_cert_subdir }}"
+
+openshift_ca_config_dir: "{{ openshift.common.config_base }}/master"
+openshift_ca_cert: "{{ openshift_ca_config_dir }}/ca.crt"
+openshift_ca_key: "{{ openshift_ca_config_dir }}/ca.key"
+openshift_ca_serial: "{{ openshift_ca_config_dir }}/ca.serial.txt"
-- 
cgit v1.2.3