Allow distribution of non-autogenerated certs

This patch changes the conditional run of the certs generation from being dependent on the value of generate_certs to whether there are actual certs present. Note: this is a semantic backport of https://review.opendev.org/#/c/672529/ Change-Id: I8088a0a42094b2d038ba29779535a05195138747 Related-Bug: #1838039
2019-08-27 15:02:09 -02:30 · 2019-08-27 15:02:09 -02:30 · 16fb6c247b
parent b942458748
commit 16fb6c247b
2 changed files with 5 additions and 2 deletions
--- a/playbooks/roles/octavia-controller-config/tasks/certificate.yml
+++ b/playbooks/roles/octavia-controller-config/tasks/certificate.yml
@ -6,7 +6,7 @@
      selevel: s0
      setype: svirt_sandbox_file_t
    become: true
-  - name: Copying key info to octavia
+  - name: Copying key info to octaviai if not already there
    become: true
    copy:
      content: "{{ item.content }}"
--- a/playbooks/roles/octavia-controller-config/tasks/main.yml
+++ b/playbooks/roles/octavia-controller-config/tasks/main.yml
@ -6,7 +6,10 @@
  - set_fact:
      node_hostname: "{{ hostname.stdout }}"
  - include_tasks: certificate.yml
-    when: generate_certs
+    when:
+      - private_key_content|length > 0
+      - ca_cert_content|length > 0
+      - service_pem_content|length > 0
  - include_tasks: netport.yml
  - include_tasks: netinterface.yml
  - name: making sure octavia common configuration directory exists