summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Savineau <dsavinea@redhat.com>2018-11-13 15:43:02 -0500
committerDimitri Savineau <dsavinea@redhat.com>2018-11-13 15:43:02 -0500
commit8505b657afaab9dfa8c8e0309a0ac7e90fe4098b (patch)
treecafb0f12e8b179df009715403165d9b87c8931cc
parent207a0ee887f4a25001a0667b98aec223ae6c0f84 (diff)
Add variables for SSL client path
Instead of hardcoded value for SSL client and key path file we can set them in variables in order to have more flexibility. This change is backward compatible. Change-Id: I45afea1b0f8da09c01ebf28fec71b8bd261a3189
-rw-r--r--README.md2
-rw-r--r--ansible-role-dci-import-keys.spec1
-rw-r--r--defaults/main.yml3
-rw-r--r--tasks/main.yml15
4 files changed, 15 insertions, 6 deletions
diff --git a/README.md b/README.md
index d4630e1..d91fe84 100644
--- a/README.md
+++ b/README.md
@@ -15,6 +15,8 @@ If those are not installed, they should be installed before using this role.
| Variable name | Required | Default | Type | Description |
|---------------|----------|---------|------|-------------|
| dci_import_keys_remoteci_id | True | N/A | UUID | ID of the remoteci to retrieve the SSL info for |
+| dci_import_keys_sslclientcert | False | /etc/ssl/repo/dci.cert | Path | Path to the DCI SSL client certificate |
+| dci_import_keys_sslclientkey | False | /etc/ssl/repo/dci.key | Path | Path to the DCI SSL client key |
### Example
diff --git a/ansible-role-dci-import-keys.spec b/ansible-role-dci-import-keys.spec
index a2299ab..34d7d08 100644
--- a/ansible-role-dci-import-keys.spec
+++ b/ansible-role-dci-import-keys.spec
@@ -22,6 +22,7 @@ An Ansible role to automate the key import process
mkdir -p %{buildroot}%{_datadir}/dci/roles/dci-import-keys
chmod 755 %{buildroot}%{_datadir}/dci/roles/dci-import-keys
+cp -r defaults %{buildroot}%{_datadir}/dci/roles/dci-import-keys
cp -r tasks %{buildroot}%{_datadir}/dci/roles/dci-import-keys
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..e471476
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+dci_import_keys_sslclientcert: /etc/ssl/repo/dci.crt
+dci_import_keys_sslclientkey: /etc/ssl/repo/dci.key
diff --git a/tasks/main.yml b/tasks/main.yml
index 1922bad..cb7b0bf 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,19 +1,22 @@
---
-- name: Ensure the SSL directory exist
+- name: Ensure the SSL directories exist
file:
- path: /etc/ssl/repo/
+ path: '{{ item|dirname }}'
state: directory
become: True
+ with_items:
+ - '{{ dci_import_keys_sslclientcert }}'
+ - '{{ dci_import_keys_sslclientkey }}'
- name: Verify if the remoteci key is already installed
stat:
- path: /etc/ssl/repo/dci.key
+ path: '{{ dci_import_keys_sslclientkey }}'
register: file_key
become: True
- name: Verify is the remoteci certificate is already installed
stat:
- path: /etc/ssl/repo/dci.crt
+ path: '{{ dci_import_keys_sslclientcert }}'
register: file_cert
become: True
@@ -26,14 +29,14 @@
- name: Create the certificate file
copy:
content: '{{ keys.cert }}'
- dest: /etc/ssl/repo/dci.crt
+ dest: '{{ dci_import_keys_sslclientcert }}'
when: keys.cert is defined
become: True
- name: Create the private key file
copy:
content: '{{ keys.key }}'
- dest: /etc/ssl/repo/dci.key
+ dest: '{{ dci_import_keys_sslclientkey }}'
mode: 0600
when: keys.key is defined
become: True