Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Prefix identity provider's CA files with identity provider names

Vadim Rutkovsky 6 years ago
parent
ceac075224
commit
3c18a583f7
2 changed files with 7 additions and 6 deletions
Split View Show Diff Stats
  1. 4 3
      roles/lib_utils/filter_plugins/openshift_master.py
  2. 3 3
      roles/openshift_control_plane/tasks/main.yml

+ 4 - 3
roles/lib_utils/filter_plugins/openshift_master.py
View File 

@@ -158,7 +158,7 @@ class LDAPPasswordIdentityProvider(IdentityProviderBase):
 
             pref_user = self._idp['attributes'].pop('preferred_username')
 
             self._idp['attributes']['preferredUsername'] = pref_user
 
 
-        self._idp['ca'] = '/etc/origin/master/ldap_ca.crt'
 
+        self._idp['ca'] = '/etc/origin/master/{}_ldap_ca.crt'.format(self._idp['name'])
 
 
     def validate(self):
 
         ''' validate this idp instance '''
 
@@ -220,7 +220,8 @@ class RequestHeaderIdentityProvider(IdentityProviderBase):
 
                            ['emailHeaders', 'email_headers'],
 
                            ['nameHeaders', 'name_headers'],
 
                            ['preferredUsernameHeaders', 'preferred_username_headers']]
 
-        self._idp['clientCA'] = '/etc/origin/master/request_header_ca.crt'
 
+        self._idp['clientCA'] = \
 
+            '/etc/origin/master/{}_request_header_ca.crt'.format(self._idp['name'])
 
 
     def validate(self):
 
         ''' validate this idp instance '''
 
@@ -361,7 +362,7 @@ class OpenIDIdentityProvider(IdentityProviderOauthBase):
 
         if 'extra_authorize_parameters' in self._idp:
 
             self._idp['extraAuthorizeParameters'] = self._idp.pop('extra_authorize_parameters')
 
 
-        self._idp['ca'] = '/etc/origin/master/openid_ca.crt'
 
+        self._idp['ca'] = '/etc/origin/master/{}_openid_ca.crt'.format(self._idp['name'])
 
 
     def validate(self):
 
         ''' validate this idp instance '''

+ 3 - 3
roles/openshift_control_plane/tasks/main.yml
View File 

@@ -78,7 +78,7 @@
 
 
 - name: Create the ldap ca file if needed
 
   copy:
 
-    dest: "/etc/origin/master/ldap_ca.crt"
 
+    dest: "/etc/origin/master/{{ item.name }}_ldap_ca.crt"
 
     content: "{{ openshift.master.ldap_ca }}"
 
     mode: 0600
 
     backup: yes
 
@@ -89,7 +89,7 @@
 
 
 - name: Create the openid ca file if needed
 
   copy:
 
-    dest: "/etc/origin/master/openid_ca.crt"
 
+    dest: "/etc/origin/master/{{ item.name }}_openid_ca.crt"
 
     content: "{{ openshift.master.openid_ca }}"
 
     mode: 0600
 
     backup: yes
 
@@ -100,7 +100,7 @@
 
 
 - name: Create the request header ca file if needed
 
   copy:
 
-    dest: "/etc/origin/master/request_header_ca.crt"
 
+    dest: "/etc/origin/master/{{ item.name }}_request_header_ca.crt"
 
     content: "{{ openshift_master_request_header_ca }}"
 
     mode: 0600
 
     backup: yes