Patch service-cert-copy role to be used w/o HAProxy
Currently, service-cert-copy role used to copy certs and CA into containers has 'when' statements that check if HAProxy is defined and enabled for the service. However, some services like RabbitMQ, ProxySQL or Redis don't use HAProxy This patch removes the when condition, as it is not necessary. PartiallyImplements: mariadb-ssl Change-Id: I8864e05212e0ed76ea3a0108b00ed9dd04b1a697
This commit is contained in:
parent
756ec498d3
commit
cf903b9a98
@ -24,11 +24,6 @@
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ project_name }}-cert.pem"
|
||||
mode: "0644"
|
||||
become: true
|
||||
when:
|
||||
- item.value.haproxy is defined
|
||||
- item.value.haproxy.values() | selectattr('enabled', 'defined') | map(attribute='enabled') | map('bool') | select | list | length > 0
|
||||
- item.value.haproxy.values() | selectattr('tls_backend', 'defined') | map(attribute='tls_backend') | map('bool') | select | list | length > 0
|
||||
- not kolla_externally_managed_cert | bool
|
||||
with_dict: "{{ project_services | select_services_enabled_and_mapped_to_host }}"
|
||||
notify:
|
||||
- "Restart {{ item.key }} container"
|
||||
@ -46,11 +41,6 @@
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ project_name }}-key.pem"
|
||||
mode: "0600"
|
||||
become: true
|
||||
when:
|
||||
- item.value.haproxy is defined
|
||||
- item.value.haproxy.values() | selectattr('enabled', 'defined') | map(attribute='enabled') | map('bool') | select | list | length > 0
|
||||
- item.value.haproxy.values() | selectattr('tls_backend', 'defined') | map(attribute='tls_backend') | map('bool') | select | list | length > 0
|
||||
- not kolla_externally_managed_cert | bool
|
||||
with_dict: "{{ project_services | select_services_enabled_and_mapped_to_host }}"
|
||||
notify:
|
||||
- "Restart {{ item.key }} container"
|
||||
|
@ -0,0 +1,6 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
Implements service-cert-copy role being able to
|
||||
copy certs to non-HAProxy container.
|
||||
`Partial Blueprint mariadb-ssl-support <https://blueprints.launchpad.net/kolla-ansible/+spec/mariadb-ssl-support>`
|
Loading…
Reference in New Issue
Block a user