From ed2df25ebcdd6bd1acde2facbbef763791e705c3 Mon Sep 17 00:00:00 2001
From: "yj.bai" <bai.yongjun@99cloud.net>
Date: Thu, 12 Mar 2020 17:39:47 +0800
Subject: [PATCH] Copy ca certificates also to horizon container

Add copy ca file to horizon container.
because:
Could not find a suitable TLS CA certificate bundle,
invalid path: /etc/pki/ca-trust/source/anchors/kolla-customca-haproxy-internal.crt

Closes-Bug: #1867121

Change-Id: I64d4dbeebd53048705005b61eb3c5b2104e8f2ed
Signed-off-by: yj.bai <bai.yongjun@99cloud.net>
---
 ansible/roles/horizon/tasks/config.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/ansible/roles/horizon/tasks/config.yml b/ansible/roles/horizon/tasks/config.yml
index 888a3e8b2f..93c230f4fc 100644
--- a/ansible/roles/horizon/tasks/config.yml
+++ b/ansible/roles/horizon/tasks/config.yml
@@ -133,5 +133,19 @@
   notify:
     - Restart horizon container
 
+- name: Copying over extra CA certificates
+  become: true
+  copy:
+    src: "{{ node_config }}/certificates/ca/"
+    dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
+    mode: "0644"
+  when:
+    - inventory_hostname in groups[item.value.group]
+    - item.value.enabled | bool
+    - kolla_copy_ca_into_containers | bool
+  with_dict: "{{ horizon_services }}"
+  notify:
+    - "Restart {{ item.key }} container"
+
 - include_tasks: check-containers.yml
   when: kolla_action != "config"