|
|
@@ -45,7 +45,7 @@ from ansible.module_utils.basic import AnsibleModule
|
|
|
|
|
|
|
|
|
|
|
|
-
|
|
|
+
|
|
|
|
|
|
DOCUMENTATION = '''
|
|
|
---
|
|
|
@@ -186,7 +186,7 @@ EXAMPLES = '''
|
|
|
key: /etc/origin/master/registry.key
|
|
|
'''
|
|
|
|
|
|
-
|
|
|
+
|
|
|
|
|
|
|
|
|
|
|
|
@@ -1325,9 +1325,9 @@ class OpenShiftCLIConfig(object):
|
|
|
|
|
|
|
|
|
|
|
|
-
|
|
|
+
|
|
|
|
|
|
-class CertificateAuthorityConfig(OpenShiftCLIConfig):
|
|
|
+class CAServerCertConfig(OpenShiftCLIConfig):
|
|
|
''' CertificateAuthorityConfig is a DTO for the oadm ca command '''
|
|
|
def __init__(self, cmd, kubeconfig, verbose, ca_options):
|
|
|
super(CertificateAuthorityConfig, self).__init__('ca', None, kubeconfig, ca_options)
|
|
|
@@ -1336,13 +1336,13 @@ class CertificateAuthorityConfig(OpenShiftCLIConfig):
|
|
|
self.verbose = verbose
|
|
|
self._ca = ca_options
|
|
|
|
|
|
-class CertificateAuthority(OpenShiftCLI):
|
|
|
+class CAServerCert(OpenShiftCLI):
|
|
|
''' Class to wrap the oc command line tools '''
|
|
|
def __init__(self,
|
|
|
config,
|
|
|
verbose=False):
|
|
|
''' Constructor for oadm ca '''
|
|
|
- super(CertificateAuthority, self).__init__(None, config.kubeconfig, verbose)
|
|
|
+ super(CAServerCert, self).__init__(None, config.kubeconfig, verbose)
|
|
|
self.config = config
|
|
|
self.verbose = verbose
|
|
|
|
|
|
@@ -1358,7 +1358,7 @@ class CertificateAuthority(OpenShiftCLI):
|
|
|
return None
|
|
|
|
|
|
def create(self):
|
|
|
- '''Create a deploymentconfig '''
|
|
|
+ '''run openshift ca cmd'''
|
|
|
options = self.config.to_option_list()
|
|
|
|
|
|
cmd = ['ca']
|
|
|
@@ -1388,26 +1388,20 @@ class CertificateAuthority(OpenShiftCLI):
|
|
|
def run_ansible(params, check_mode):
|
|
|
'''run the idempotent ansible code'''
|
|
|
|
|
|
- config = CertificateAuthorityConfig(params['cmd'],
|
|
|
- params['kubeconfig'],
|
|
|
- params['debug'],
|
|
|
- {'cert_dir': {'value': params['cert_dir'], 'include': True},
|
|
|
- 'cert': {'value': params['cert'], 'include': True},
|
|
|
- 'hostnames': {'value': ','.join(params['hostnames']), 'include': True},
|
|
|
- 'master': {'value': params['master'], 'include': True},
|
|
|
- 'public_master': {'value': params['public_master'], 'include': True},
|
|
|
- 'overwrite': {'value': params['overwrite'], 'include': True},
|
|
|
- 'signer_name': {'value': params['signer_name'], 'include': True},
|
|
|
- 'private_key': {'value': params['private_key'], 'include': True},
|
|
|
- 'public_key': {'value': params['public_key'], 'include': True},
|
|
|
- 'key': {'value': params['key'], 'include': True},
|
|
|
- 'signer_cert': {'value': params['signer_cert'], 'include': True},
|
|
|
- 'signer_key': {'value': params['signer_key'], 'include': True},
|
|
|
- 'signer_serial': {'value': params['signer_serial'], 'include': True},
|
|
|
- })
|
|
|
-
|
|
|
-
|
|
|
- oadm_ca = CertificateAuthority(config)
|
|
|
+ config = CAServerCertConfig(params['cmd'],
|
|
|
+ params['kubeconfig'],
|
|
|
+ params['debug'],
|
|
|
+ {'cert': {'value': params['cert'], 'include': True},
|
|
|
+ 'hostnames': {'value': ','.join(params['hostnames']), 'include': True},
|
|
|
+ 'overwrite': {'value': params['overwrite'], 'include': True},
|
|
|
+ 'signer_name': {'value': params['signer_name'], 'include': True},
|
|
|
+ 'key': {'value': params['key'], 'include': True},
|
|
|
+ 'signer_cert': {'value': params['signer_cert'], 'include': True},
|
|
|
+ 'signer_key': {'value': params['signer_key'], 'include': True},
|
|
|
+ 'signer_serial': {'value': params['signer_serial'], 'include': True},
|
|
|
+ })
|
|
|
+
|
|
|
+ server_cert = CAServerCert(config)
|
|
|
|
|
|
state = params['state']
|
|
|
|
|
|
@@ -1415,34 +1409,34 @@ class CertificateAuthority(OpenShiftCLI):
|
|
|
|
|
|
|
|
|
|
|
|
- if not oadm_ca.exists() or params['overwrite']:
|
|
|
+ if not server_cert.exists() or params['overwrite']:
|
|
|
|
|
|
if check_mode:
|
|
|
return {'changed': True,
|
|
|
'msg': "CHECK_MODE: Would have created the certificate.",
|
|
|
'state': state}
|
|
|
|
|
|
- api_rval = oadm_ca.create()
|
|
|
+ api_rval = server_cert.create()
|
|
|
|
|
|
return {'changed': True, 'results': api_rval, 'state': state}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- api_rval = oadm_ca.get()
|
|
|
+ api_rval = server_cert.get()
|
|
|
return {'changed': False, 'results': api_rval, 'state': state}
|
|
|
|
|
|
return {'failed': True,
|
|
|
'msg': 'Unknown state passed. %s' % state}
|
|
|
|
|
|
|
|
|
-
|
|
|
+
|
|
|
|
|
|
-
|
|
|
+
|
|
|
|
|
|
def main():
|
|
|
'''
|
|
|
- ansible oadm module for ca
|
|
|
+ ansible oc adm module for ca create-server-cert
|
|
|
'''
|
|
|
|
|
|
module = AnsibleModule(
|
|
|
@@ -1451,32 +1445,20 @@ def main():
|
|
|
debug=dict(default=False, type='bool'),
|
|
|
kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
|
|
|
cmd=dict(default=None, require=True, type='str'),
|
|
|
-
|
|
|
-
|
|
|
- cert_dir=dict(default=None, type='str'),
|
|
|
- hostnames=dict(default=[], type='list'),
|
|
|
- master=dict(default=None, type='str'),
|
|
|
- public_master=dict(default=None, type='str'),
|
|
|
- overwrite=dict(default=False, type='bool'),
|
|
|
- signer_name=dict(default=None, type='str'),
|
|
|
-
|
|
|
-
|
|
|
- private_key=dict(default=None, type='str'),
|
|
|
- public_key=dict(default=None, type='str'),
|
|
|
-
|
|
|
|
|
|
cert=dict(default=None, type='str'),
|
|
|
key=dict(default=None, type='str'),
|
|
|
signer_cert=dict(default=None, type='str'),
|
|
|
signer_key=dict(default=None, type='str'),
|
|
|
signer_serial=dict(default=None, type='str'),
|
|
|
-
|
|
|
+ hostnames=dict(default=[], type='list'),
|
|
|
+ overwrite=dict(default=False, type='bool'),
|
|
|
),
|
|
|
supports_check_mode=True,
|
|
|
)
|
|
|
|
|
|
|
|
|
- results = CertificateAuthority.run_ansible(module.params, module.check_mode)
|
|
|
+ results = CAServerCert.run_ansible(module.params, module.check_mode)
|
|
|
if 'failed' in results:
|
|
|
return module.fail_json(**results)
|
|
|
|
|
|
@@ -1486,4 +1468,4 @@ def main():
|
|
|
if __name__ == '__main__':
|
|
|
main()
|
|
|
|
|
|
-
|
|
|
+
|
Kenny Woodson