summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFran├žois Charlier <francois.charlier@redhat.com>2019-11-26 14:47:47 +0100
committerFran├žois Charlier <francois.charlier@redhat.com>2019-11-26 15:38:17 +0100
commit5ff74517a83d0cfcc64f603c0a6a7f1b85bce2bc (patch)
treed271383d5b94488bf0ab45d9eceb6aa1f8cb67e7
parent1b1db5eb3cafbf92b43864b5cd95e76d06e5c9ae (diff)
Always request & write new client cert
There's now way using the API to validate that the client cert present on the system is still valid. Just generate a new one each time the role is called. Also: test only on CentOS7 (we don't want 8 for now) Change-Id: I590ef4fa6beefcf457d3cab017e8f9c5eca8ccc1
-rw-r--r--molecule/default/molecule.yml2
-rw-r--r--tasks/main.yml13
2 files changed, 1 insertions, 14 deletions
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 0fe6436..61028f3 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -8,7 +8,7 @@ lint:
name: yamllint
platforms:
- name: el7
- image: centos:latest
+ image: centos:7
command: /sbin/init
capabilities:
- SYS_ADMIN
diff --git a/tasks/main.yml b/tasks/main.yml
index 531dd80..4fb3a3f 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -8,23 +8,10 @@
- '{{ dci_import_keys_sslclientcert }}'
- '{{ dci_import_keys_sslclientkey }}'
-- name: Verify if the remoteci key is already installed
- stat:
- path: '{{ dci_import_keys_sslclientkey }}'
- register: file_key
- become: true
-
-- name: Verify is the remoteci certificate is already installed
- stat:
- path: '{{ dci_import_keys_sslclientcert }}'
- register: file_cert
- become: true
-
- name: Retrieve remoteci key and certificate from DCI
dci_keys:
remoteci_id: '{{ dci_import_keys_remoteci_id }}'
register: keys
- when: not file_key.stat.exists or not file_cert.stat.exists
- name: Create the certificate file
copy: