Allow distribution of non-autogenerated certs

This patch changes the conditional run of the certs generation from
being dependent on the value of generate_certs to whether there are
actual certs present.

Conflicts:
	playbooks/roles/octavia-controller-config/tasks/certificate.yml

Note: this is a semantic backport of https://review.opendev.org/#/c/672529/

Change-Id: I8088a0a42094b2d038ba29779535a05195138747
Related-Bug: #1838039
(cherry picked from commit 0755e93d5b)
This commit is contained in:
Brent Eagles 2019-08-27 15:02:09 -02:30
parent c9b6ca5dc6
commit 16232417e1
2 changed files with 5 additions and 2 deletions

View File

@ -2,7 +2,7 @@
- name: making sure octavia worker configuration directory exists
file: path="{{ octavia_confd_prefix }}{{ ca_private_key_path | dirname }}" state=directory
become: true
- name: Copying ca private key to octavia
- name: Copying key info to octavia if not already there
become: true
copy: content="{{ private_key_content }}" dest="{{ octavia_confd_prefix }}{{ ca_private_key_path }}"
- name: copying ca certificate to octavia

View File

@ -6,7 +6,10 @@
- set_fact:
node_hostname: "{{ hostname.stdout }}"
- include_tasks: certificate.yml
when: generate_certs
when:
- private_key_content|length > 0
- ca_cert_content|length > 0
- service_pem_content|length > 0
- include_tasks: netport.yml
- include_tasks: netinterface.yml
- name: making sure octavia common configuration directory exists