From bc3042fbb66f6a231056d665f2f82cdc6f6d4a3b Mon Sep 17 00:00:00 2001
From: Rich Megginson <rmeggins@redhat.com>
Date: Thu, 9 Mar 2017 15:59:06 -0700
Subject: Bug 1428711 - [IntService_public_324] ES pod is unable to read
 searchguard.truststore after upgarde logging from 3.3.1 to 3.5.0

https://bugzilla.redhat.com/show_bug.cgi?id=1428711
The list of secrets for elasticsearch was missing searchguard.truststore
---
 roles/openshift_logging/tasks/generate_secrets.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/openshift_logging/tasks')

diff --git a/roles/openshift_logging/tasks/generate_secrets.yaml b/roles/openshift_logging/tasks/generate_secrets.yaml
index 81fac8b5e..0f8e7ae58 100644
--- a/roles/openshift_logging/tasks/generate_secrets.yaml
+++ b/roles/openshift_logging/tasks/generate_secrets.yaml
@@ -64,7 +64,7 @@
     admin-ca={{generated_certs_dir}}/ca.crt admin.jks={{generated_certs_dir}}/system.admin.jks -o yaml
   vars:
     secret_name: logging-elasticsearch
-    secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key"]
+    secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key", "searchguard.truststore"]
   register: logging_es_secret
   when: secret_name not in openshift_logging_facts.elasticsearch.secrets or
         secret_keys | difference(openshift_logging_facts.elasticsearch.secrets["{{secret_name}}"]["keys"]) | length != 0
-- 
cgit v1.2.3