b7e8f8f9d3
This change will allow deployers to expose sensitive data as needed. Change-Id: I717b34920ab0129a2bac287015a6cd1053c7e1c9 Signed-off-by: Kevin Carter <kecarter@redhat.com>
28 lines
810 B
YAML
28 lines
810 B
YAML
---
|
|
|
|
- name: making sure octavia worker configuration directory exists
|
|
file:
|
|
path: "{{ octavia_confd_prefix }}{{ ca_private_key_path | dirname }}"
|
|
state: directory
|
|
selevel: s0
|
|
setype: svirt_sandbox_file_t
|
|
become: true
|
|
|
|
- name: Copying key info to octavia if not already there
|
|
become: true
|
|
copy:
|
|
content: "{{ item.content }}"
|
|
dest: "{{ octavia_confd_prefix }}/{{ item.path }}"
|
|
selevel: s0
|
|
setype: svirt_sandbox_file_t
|
|
no_log: "{{ octavia_controller_config_hide_sensitive_logs | bool }}"
|
|
loop:
|
|
- content: "{{ private_key_content }}"
|
|
path: "{{ ca_private_key_path }}"
|
|
- content: "{{ ca_cert_content }}"
|
|
path: "{{ ca_cert_path }}"
|
|
- content: "{{ service_pem_content }}"
|
|
path: "{{ client_cert_path }}"
|
|
notify:
|
|
- octavia config updated
|