From a064a673ae40a4c5a62b6bf2d619d72bbc5fd967 Mon Sep 17 00:00:00 2001
From: Steve Milner <smilner@redhat.com>
Date: Wed, 8 Feb 2017 17:31:53 -0500
Subject: oc secrets now done via oc_secret module

---
 roles/openshift_hosted/meta/main.yml             |  1 +
 roles/openshift_hosted/tasks/registry/secure.yml | 19 +++++++++++--------
 2 files changed, 12 insertions(+), 8 deletions(-)

(limited to 'roles/openshift_hosted')

diff --git a/roles/openshift_hosted/meta/main.yml b/roles/openshift_hosted/meta/main.yml
index ca5e88b15..ced71bb41 100644
--- a/roles/openshift_hosted/meta/main.yml
+++ b/roles/openshift_hosted/meta/main.yml
@@ -14,6 +14,7 @@ galaxy_info:
 dependencies:
 - role: openshift_cli
 - role: openshift_hosted_facts
+- role: lib_openshift
 - role: openshift_projects
   openshift_projects: "{{ openshift_additional_projects | default({}) | oo_merge_dicts({'default':{'default_node_selector':''},'openshift-infra':{'default_node_selector':''},'logging':{'default_node_selector':''}}) }}"
 - role: openshift_serviceaccounts
diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml
index d87a3847c..8aabb9f17 100644
--- a/roles/openshift_hosted/tasks/registry/secure.yml
+++ b/roles/openshift_hosted/tasks/registry/secure.yml
@@ -43,15 +43,18 @@
   when: False in (docker_registry_certificates_stat_result.results | default([]) | oo_collect(attribute='stat.exists') | list)
 
 - name: Create the secret for the registry certificates
-  command: >
-    {{ openshift.common.client_binary }} secrets new registry-certificates
-    {{ openshift_master_config_dir }}/registry.crt
-    {{ openshift_master_config_dir }}/registry.key
-    --config={{ openshift_hosted_kubeconfig }}
-    -n default
+  oc_secret:
+    kubeconfig: "{{ openshift_hosted_kubeconfig }}"
+    name: registry-certificates
+    namespace: default
+    state: present
+    files:
+    - name: registry.crt
+      path: "{{ openshift_master_config_dir }}/registry.crt"
+    - name: registry.key
+      path: "{{ openshift_master_config_dir }}/registry.key"
   register: create_registry_certificates_secret
-  changed_when: "'already exists' not in create_registry_certificates_secret.stderr"
-  failed_when: "'already exists' not in create_registry_certificates_secret.stderr and create_registry_certificates_secret.rc != 0"
+  run_once: true
 
 - name: "Add the secret to the registry's pod service accounts"
   command: >
-- 
cgit v1.2.3