Fix session secrets file and remove old facts

This commit fixes session secrets file logic and
removes obsolete facts.

inventory/hosts.example

@@ -103,18 +103,6 @@ debug_level=2
 # See: https://docs.openshift.org/latest/install_config/web_console_customization.html#changing-the-logout-url
 #openshift_master_logout_url=http://example.com
 
-# Configure extensionScripts in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#loading-custom-scripts-and-stylesheets
-#openshift_master_extension_scripts=['/path/to/script1.js','/path/to/script2.js']
-
-# Configure extensionStylesheets in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#loading-custom-scripts-and-stylesheets
-#openshift_master_extension_stylesheets=['/path/to/stylesheet1.css','/path/to/stylesheet2.css']
-
-# Configure extensions in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#serving-static-files
-#openshift_master_extensions=[{'name': 'images', 'sourceDirectory': '/path/to/my_images'}]
-
 # Configure extensions in the master config for console customization
 # See: https://docs.openshift.org/latest/install_config/web_console_customization.html#serving-static-files
 #openshift_master_oauth_templates:

playbooks/openshift-master/private/certificates-backup.yml

@@ -4,7 +4,6 @@
   any_errors_fatal: true
   vars:
     openshift_ca_host: "{{ groups.oo_first_master.0 }}"
-    openshift_master_count: "{{ openshift.master.master_count | default(groups.oo_masters | length) }}"
   pre_tasks:
   - stat:
       path: "{{ openshift.common.config_base }}/generated-configs"

playbooks/openshift-master/private/config.yml

@@ -71,7 +71,6 @@
         console_url: "{{ openshift_master_console_url | default(None) }}"
         console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}"
         public_console_url: "{{ openshift_master_public_console_url | default(None) }}"
-        master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
 
 - name: Inspect state of first master config settings
   hosts: oo_first_master
@@ -86,7 +85,6 @@
   hosts: oo_masters_to_config
   any_errors_fatal: true
   vars:
-    openshift_master_count: "{{ openshift.master.master_count }}"
     openshift_ca_host: "{{ groups.oo_first_master.0 }}"
   pre_tasks:
   - name: Prepare the bootstrap node config on masters for self-hosting

playbooks/openshift-master/private/scaleup.yml

@@ -5,15 +5,11 @@
   roles:
   - openshift_facts
   post_tasks:
-  - openshift_facts:
-      role: master
-      local_facts:
-        master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
   - name: Update master count
     modify_yaml:
       dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
       yaml_key: 'kubernetesMasterConfig.masterCount'
-      yaml_value: "{{ openshift.master.master_count }}"
+      yaml_value: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
     notify:
     - restart master
   handlers:

roles/openshift_control_plane/tasks/generate_session_secrets.yml

@@ -4,7 +4,7 @@
 
 - name: Determine if sessions secrets already in place
   stat:
-    path: "{{ openshift.master.session_secrets_file }}"
+    path: "{{ openshift_master_session_secrets_file }}"
   register: l_osm_session_secrets_stat
 
 - name: setup session secrets if not defined

roles/openshift_control_plane/tasks/main.yml

@@ -124,7 +124,7 @@
 
 - name: Create session secrets file
   template:
-    dest: "{{ openshift.master.session_secrets_file }}"
+    dest: "{{ openshift_master_session_secrets_file }}"
     src: sessionSecretsFile.yaml.v1.j2
     owner: root
     group: root

roles/openshift_control_plane/templates/master.yaml.v1.j2

@@ -24,45 +24,6 @@ authConfig:
     - X-Remote-Extra-
 apiLevels:
 - v1
-{% if not openshift_version_gte_3_9 %}
-assetConfig:
-  logoutURL: "{{ openshift.master.logout_url | default('') }}"
-  masterPublicURL: {{ openshift.master.public_api_url }}
-  publicURL: {{ openshift.master.public_console_url }}/
-{% if 'logging_public_url' in openshift.master %}
-  loggingPublicURL: {{ openshift.master.logging_public_url }}
-{% endif %}
-{% if openshift_hosted_metrics_deploy_url is defined %}
-  metricsPublicURL: {{ openshift_hosted_metrics_deploy_url }}
-{% endif %}
-{% if 'extension_scripts' in openshift.master %}
-  extensionScripts: {{ openshift.master.extension_scripts | lib_utils_to_padded_yaml(1, 2) }}
-{% endif %}
-{% if 'extension_stylesheets' in openshift.master %}
-  extensionStylesheets: {{ openshift.master.extension_stylesheets | lib_utils_to_padded_yaml(1, 2) }}
-{% endif %}
-{% if 'extensions' in openshift.master %}
-  extensions: {{ openshift.master.extensions | lib_utils_to_padded_yaml(1, 2) }}
-{% endif %}
-  servingInfo:
-    bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.console_port }}
-    bindNetwork: tcp4
-    certFile: master.server.crt
-    clientCA: ""
-    keyFile: master.server.key
-    maxRequestsInFlight: 0
-    requestTimeoutSeconds: 0
-{% if openshift_master_min_tls_version is defined %}
-    minTLSVersion: {{ openshift_master_min_tls_version }}
-{% endif %}
-{% if openshift_master_cipher_suites is defined %}
-    cipherSuites:
-{% for cipher_suite in openshift_master_cipher_suites %}
-    - {{ cipher_suite }}
-{% endfor %}
-{% endif %}
-# assetconfig end
-{% endif %}
 {% if openshift.master.audit_config | default(none) is not none %}
 auditConfig:{{ openshift.master.audit_config | lib_utils_to_padded_yaml(level=1) }}
 {% endif %}
@@ -121,7 +82,7 @@ kubernetesMasterConfig:
     storage-media-type:
     - application/vnd.kubernetes.protobuf
   controllerArguments: {{ openshift.master.controller_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }}
-  masterCount: {{ openshift.master.master_count }}
+  masterCount: {{ openshift_master_count | default(groups.oo_masters | length) }}
   masterIP: {{ openshift.common.ip }}
   podEvictionTimeout: {{ openshift.master.pod_eviction_timeout | default("") }}
   proxyClientInfo:
@@ -185,7 +146,7 @@ oauthConfig:
   sessionConfig:
     sessionMaxAgeSeconds: {{ openshift.master.session_max_seconds }}
     sessionName: {{ openshift.master.session_name }}
-    sessionSecretsFile: {{ openshift.master.session_secrets_file }}
+    sessionSecretsFile: {{ openshift_master_session_secrets_file }}
   tokenConfig:
     accessTokenMaxAgeSeconds: {{ openshift.master.access_token_max_seconds }}
     authorizeTokenMaxAgeSeconds: {{ openshift.master.auth_token_max_seconds }}

roles/openshift_facts/library/openshift_facts.py

@@ -1213,7 +1213,6 @@ class OpenShiftFacts(object):
                                       bind_addr='0.0.0.0',
                                       session_max_seconds=3600,
                                       session_name='ssn',
-                                      session_secrets_file='',
                                       access_token_max_seconds=86400,
                                       auth_token_max_seconds=500,
                                       oauth_grant_method='auto',

roles/openshift_master_facts/tasks/main.yml

@@ -38,16 +38,12 @@
       public_console_url: "{{ openshift_master_public_console_url | default(None) }}"
       logging_public_url: "{{ openshift_master_logging_public_url | default(None) }}"
       logout_url: "{{ openshift_master_logout_url | default(None) }}"
-      extension_scripts: "{{ openshift_master_extension_scripts | default(None) }}"
-      extension_stylesheets: "{{ openshift_master_extension_stylesheets | default(None) }}"
-      extensions: "{{ openshift_master_extensions | default(None) }}"
       embedded_kube: "{{ openshift_master_embedded_kube | default(None) }}"
       embedded_dns: "{{ openshift_master_embedded_dns | default(None) }}"
       bind_addr: "{{ openshift_master_bind_addr | default(None) }}"
       pod_eviction_timeout: "{{ openshift_master_pod_eviction_timeout | default(None) }}"
       session_max_seconds: "{{ openshift_master_session_max_seconds | default(None) }}"
       session_name: "{{ openshift_master_session_name | default(None) }}"
-      session_secrets_file: "{{ openshift_master_session_secrets_file | default(None) }}"
       access_token_max_seconds: "{{ openshift_master_access_token_max_seconds | default(None) }}"
       auth_token_max_seconds: "{{ openshift_master_auth_token_max_seconds | default(None) }}"
       # oo_htpasswd_users_from_file is a custom filter in role lib_utils
@@ -65,7 +61,6 @@
       api_server_args: "{{ osm_api_server_args | default(None) }}"
       controller_args: "{{ osm_controller_args | default(None) }}"
       disabled_features: "{{ osm_disabled_features | default(None) }}"
-      master_count: "{{ openshift_master_count | default(None) }}"
       admission_plugin_config: "{{openshift_master_admission_plugin_config }}"
       kube_admission_plugin_config: "{{openshift_master_kube_admission_plugin_config | default(None) }}"  # deprecated, merged with admission_plugin_config
       oauth_always_show_provider_selection: "{{ openshift_master_oauth_always_show_provider_selection | default(None) }}"