Compatibility updates to openshift_logging role for ansible 2.2.2.0+

roles/openshift_logging/tasks/generate_pems.yaml

@@ -15,6 +15,7 @@
     -subj "/CN={{component}}/OU=OpenShift/O=Logging/subjectAltName=DNS.1=localhost{{cert_ext.stdout}}" -days 712 -nodes
   when:
     - not key_file.stat.exists
+    - cert_ext is defined
     - cert_ext.stdout is defined
   check_mode: no
 
@@ -24,7 +25,7 @@
     -subj "/CN={{component}}/OU=OpenShift/O=Logging" -days 712 -nodes
   when:
     - not key_file.stat.exists
-    - cert_ext.stdout is undefined
+    - cert_ext is undefined or cert_ext is defined and cert_ext.stdout is undefined
   check_mode: no
 
 - name: Sign cert request with CA for {{component}}

roles/openshift_logging/tasks/procure_server_certs.yaml

@@ -11,12 +11,18 @@
 
 - name: Trying to discover server cert variable name for {{ cert_info.procure_component }}
   set_fact: procure_component_crt={{ lookup('env', '{{cert_info.procure_component}}' + '_crt') }}
-  when: cert_info.hostnames is undefined and {{ cert_info.procure_component }}_crt is defined and {{ cert_info.procure_component }}_key is defined
+  when:
+  - cert_info.hostnames is undefined
+  - cert_info[ cert_info.procure_component + '_crt' ] is defined
+  - cert_info[ cert_info.procure_component + '_key' ] is defined
   check_mode: no
 
 - name: Trying to discover the server key variable name for {{ cert_info.procure_component }}
   set_fact: procure_component_key={{ lookup('env', '{{cert_info.procure_component}}' + '_key') }}
-  when: cert_info.hostnames is undefined and {{ cert_info.procure_component }}_crt is defined and {{ cert_info.procure_component }}_key is defined
+  when:   
+  - cert_info.hostnames is undefined
+  - cert_info[ cert_info.procure_component + '_crt' ] is defined
+  - cert_info[ cert_info.procure_component + '_key' ] is defined
   check_mode: no
 
 - name: Creating signed server cert and key for {{ cert_info.procure_component }}
@@ -35,18 +41,18 @@
   copy: content="{{procure_component_key}}" dest={{generated_certs_dir}}/{{cert_info.procure_component}}.key
   check_mode: no
   when:
-    - cert_info.hostnames is undefined
-    - "{{ cert_info.procure_component }}_crt is defined"
-    - "{{ cert_info.procure_component }}_key is defined"
-    - not component_key_file.stat.exists
-    - not component_cert_file.stat.exists
+  - cert_info.hostnames is undefined
+  - cert_info[ cert_info.procure_component + '_crt' ] is defined
+  - cert_info[ cert_info.procure_component + '_key' ] is defined
+  - not component_key_file.stat.exists
+  - not component_cert_file.stat.exists
 
 - name: Copying Server cert for {{ cert_info.procure_component }} to generated certs directory
   copy: content="{{procure_component_crt}}" dest={{generated_certs_dir}}/{{cert_info.procure_component}}.crt
   check_mode: no
   when:
-    - cert_info.hostnames is undefined
-    - "{{ cert_info.procure_component }}_crt is defined"
-    - "{{ cert_info.procure_component }}_key is defined"
-    - not component_key_file.stat.exists
-    - not component_cert_file.stat.exists
+  - cert_info.hostnames is undefined
+  - cert_info[ cert_info.procure_component + '_crt' ] is defined
+  - cert_info[ cert_info.procure_component + '_key' ] is defined
+  - not component_key_file.stat.exists
+  - not component_cert_file.stat.exists