Patch service-cert-copy role to be used w/o HAProxy

Currently, service-cert-copy role used to copy certs and CA
into containers has 'when' statements  that check if HAProxy is
defined and enabled for the service. However, some services like
RabbitMQ, ProxySQL or Redis don't use HAProxy

This patch removes the when condition, as it is not necessary.

PartiallyImplements: mariadb-ssl
Change-Id: I8864e05212e0ed76ea3a0108b00ed9dd04b1a697
This commit is contained in:
Matus Jenca 2024-04-15 17:01:54 +02:00
parent 756ec498d3
commit cf903b9a98
2 changed files with 6 additions and 10 deletions

View File

@ -24,11 +24,6 @@
dest: "{{ node_config_directory }}/{{ item.key }}/{{ project_name }}-cert.pem"
mode: "0644"
become: true
when:
- item.value.haproxy is defined
- item.value.haproxy.values() | selectattr('enabled', 'defined') | map(attribute='enabled') | map('bool') | select | list | length > 0
- item.value.haproxy.values() | selectattr('tls_backend', 'defined') | map(attribute='tls_backend') | map('bool') | select | list | length > 0
- not kolla_externally_managed_cert | bool
with_dict: "{{ project_services | select_services_enabled_and_mapped_to_host }}"
notify:
- "Restart {{ item.key }} container"
@ -46,11 +41,6 @@
dest: "{{ node_config_directory }}/{{ item.key }}/{{ project_name }}-key.pem"
mode: "0600"
become: true
when:
- item.value.haproxy is defined
- item.value.haproxy.values() | selectattr('enabled', 'defined') | map(attribute='enabled') | map('bool') | select | list | length > 0
- item.value.haproxy.values() | selectattr('tls_backend', 'defined') | map(attribute='tls_backend') | map('bool') | select | list | length > 0
- not kolla_externally_managed_cert | bool
with_dict: "{{ project_services | select_services_enabled_and_mapped_to_host }}"
notify:
- "Restart {{ item.key }} container"

View File

@ -0,0 +1,6 @@
---
features:
- |
Implements service-cert-copy role being able to
copy certs to non-HAProxy container.
`Partial Blueprint mariadb-ssl-support <https://blueprints.launchpad.net/kolla-ansible/+spec/mariadb-ssl-support>`