| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102 |
- # flake8: noqa
- # pylint: skip-file
- DOCUMENTATION = '''
- ---
- module: oc_adm_ca_server_cert
- short_description: Module to run openshift oc adm ca create-server-cert
- description:
- - Wrapper around the openshift `oc adm ca create-server-cert` command.
- options:
- state:
- description:
- - Present is the only supported state. The state present means that `oc adm ca` will generate a certificate
- - and verify if the hostnames and the ClusterIP exists in the certificate.
- - When create-server-cert is desired then the following parameters are passed.
- - ['cert', 'key', 'signer_cert', 'signer_key', 'signer_serial']
- required: false
- default: present
- choices:
- - present
- aliases: []
- kubeconfig:
- description:
- - The path for the kubeconfig file to use for authentication
- required: false
- default: /etc/origin/master/admin.kubeconfig
- aliases: []
- debug:
- description:
- - Turn on debug output.
- required: false
- default: False
- aliases: []
- cert:
- description:
- - The certificate file. Choose a name that indicates what the service is.
- required: false
- default: None
- aliases: []
- key:
- description:
- - The key file. Choose a name that indicates what the service is.
- required: false
- default: None
- aliases: []
- force:
- description:
- - Force updating of the existing cert and key files
- required: false
- default: False
- aliases: []
- signer_cert:
- description:
- - The signer certificate file.
- required: false
- default: /etc/origin/master/ca.crt
- aliases: []
- signer_key:
- description:
- - The signer key file.
- required: false
- default: /etc/origin/master/ca.key
- aliases: []
- signer_serial:
- description:
- - The signer serial file.
- required: false
- default: /etc/origin/master/ca.serial.txt
- aliases: []
- hostnames:
- description:
- - Every hostname or IP that server certs should be valid for
- required: false
- default: []
- aliases: []
- backup:
- description:
- - Whether to backup the cert and key files before writing them.
- required: false
- default: True
- aliases: []
- expire_days:
- description
- - Validity of the certificate in days
- required: false
- default: None
- aliases: []
- author:
- - "Kenny Woodson <kwoodson@redhat.com>"
- extends_documentation_fragment: []
- '''
- EXAMPLES = '''
- - name: Create a self-signed cert
- oc_adm_ca_server_cert:
- signer_cert: /etc/origin/master/ca.crt
- signer_key: /etc/origin/master/ca.key
- signer_serial: /etc/origin/master/ca.serial.txt
- hostnames: "registry.test.openshift.com,127.0.0.1,docker-registry.default.svc.cluster.local"
- cert: /etc/origin/master/registry.crt
- key: /etc/origin/master/registry.key
- '''
|
