From fb2bf36d4e20fadac275d364c88a6586dd08bcb8 Mon Sep 17 00:00:00 2001
From: Kenny Woodson <kwoodson@redhat.com>
Date: Tue, 21 Feb 2017 20:31:09 -0500
Subject: if no key, cert, cacert, or default_cert is passed then do not pass
to oc
---
roles/lib_openshift/library/oc_adm_router.py | 13 +++++++++++--
roles/lib_openshift/src/ansible/oc_adm_router.py | 1 +
roles/lib_openshift/src/class/oc_adm_router.py | 12 ++++++++++--
3 files changed, 22 insertions(+), 4 deletions(-)
(limited to 'roles')
diff --git a/roles/lib_openshift/library/oc_adm_router.py b/roles/lib_openshift/library/oc_adm_router.py
index e6d0f795e..577772564 100644
--- a/roles/lib_openshift/library/oc_adm_router.py
+++ b/roles/lib_openshift/library/oc_adm_router.py
@@ -2613,8 +2613,11 @@ class Router(OpenShiftCLI):
def _prepare_router(self):
'''prepare router for instantiation'''
- # We need to create the pem file
- if self.config.config_options['default_cert']['value'] is None:
+ # if cacert, key, and cert were passed, combine them into a pem file
+ if (self.config.config_options['cacert_file']['value'] and
+ self.config.config_options['cert_file']['value'] and
+ self.config.config_options['key_file']['value']):
+
router_pem = '/tmp/router.pem'
with open(router_pem, 'w') as rfd:
rfd.write(open(self.config.config_options['cert_file']['value']).read())
@@ -2624,8 +2627,13 @@ class Router(OpenShiftCLI):
rfd.write(open(self.config.config_options['cacert_file']['value']).read())
atexit.register(Utils.cleanup, [router_pem])
+
self.config.config_options['default_cert']['value'] = router_pem
+ elif self.config.config_options['default_cert']['value'] is None:
+ # No certificate was passed to us. do not pass one to oc adm router
+ self.config.config_options['default_cert']['include'] = False
+
options = self.config.to_option_list()
cmd = ['router', self.config.name, '-n', self.config.namespace]
@@ -2937,6 +2945,7 @@ def main():
mutually_exclusive=[["router_type", "images"],
["key_file", "default_cert"],
["cert_file", "default_cert"],
+ ["cacert_file", "default_cert"],
],
supports_check_mode=True,
diff --git a/roles/lib_openshift/src/ansible/oc_adm_router.py b/roles/lib_openshift/src/ansible/oc_adm_router.py
index 48c9f0ec1..794eff3c2 100644
--- a/roles/lib_openshift/src/ansible/oc_adm_router.py
+++ b/roles/lib_openshift/src/ansible/oc_adm_router.py
@@ -51,6 +51,7 @@ def main():
mutually_exclusive=[["router_type", "images"],
["key_file", "default_cert"],
["cert_file", "default_cert"],
+ ["cacert_file", "default_cert"],
],
supports_check_mode=True,
diff --git a/roles/lib_openshift/src/class/oc_adm_router.py b/roles/lib_openshift/src/class/oc_adm_router.py
index 9d61cfdf2..1c4e17cf6 100644
--- a/roles/lib_openshift/src/class/oc_adm_router.py
+++ b/roles/lib_openshift/src/class/oc_adm_router.py
@@ -182,8 +182,11 @@ class Router(OpenShiftCLI):
def _prepare_router(self):
'''prepare router for instantiation'''
- # We need to create the pem file
- if self.config.config_options['default_cert']['value'] is None:
+ # if cacert, key, and cert were passed, combine them into a pem file
+ if (self.config.config_options['cacert_file']['value'] and
+ self.config.config_options['cert_file']['value'] and
+ self.config.config_options['key_file']['value']):
+
router_pem = '/tmp/router.pem'
with open(router_pem, 'w') as rfd:
rfd.write(open(self.config.config_options['cert_file']['value']).read())
@@ -193,8 +196,13 @@ class Router(OpenShiftCLI):
rfd.write(open(self.config.config_options['cacert_file']['value']).read())
atexit.register(Utils.cleanup, [router_pem])
+
self.config.config_options['default_cert']['value'] = router_pem
+ elif self.config.config_options['default_cert']['value'] is None:
+ # No certificate was passed to us. do not pass one to oc adm router
+ self.config.config_options['default_cert']['include'] = False
+
options = self.config.to_option_list()
cmd = ['router', self.config.name, '-n', self.config.namespace]
--
cgit v1.2.3