25 lines
871 B
YAML
25 lines
871 B
YAML
---
|
|
- name: Gather information on certificates
|
|
community.crypto.x509_certificate_info:
|
|
path: "{{ node_custom_config }}/octavia/{{ item }}"
|
|
valid_at:
|
|
point_1: "+{{ octavia_certs_expiry_limit | int }}d"
|
|
register: cert_info
|
|
delegate_to: localhost
|
|
with_items:
|
|
- "server_ca.cert.pem"
|
|
- "client_ca.cert.pem"
|
|
- "client.cert-and-key.pem"
|
|
|
|
- name: Check whether certificates are valid within {{ octavia_certs_expiry_limit }} days
|
|
assert:
|
|
that:
|
|
- item.valid_at.point_1
|
|
fail_msg: "{{ item.item }} will expire within {{ octavia_certs_expiry_limit }} days, on {{ item.not_after }}"
|
|
success_msg: "{{ item.item }} will not expire within {{ octavia_certs_expiry_limit }} days. It expires on {{ item.not_after }}"
|
|
quiet: True
|
|
loop: "{{ cert_info.results }}"
|
|
loop_control:
|
|
label: "{{ item.item }}"
|
|
delegate_to: localhost
|