From 28762852bba69d0597687d712434a0687c00b656 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Thu, 3 Sep 2020 15:19:21 -0400 Subject: [PATCH] Add package install for openssl-perl openssl-perl is used to get the directory /etc/pki/CA, which is needed for cert requests during the deployment. In OVB deployments, this package is part of the image and so does not need to be installed. In pre-provisioned node environments, we need to document that this package needs to be installed. By adding this patch, we ensure that it is there before we need it for certs. This of course assumes we're not in some kind of airgapped environment (which is why its dependent on IdMInstallClientPackages). In that case, we need to continue to doc what must be there. Change-Id: I7fe5404144f7a75a5a1c257ceef9593719ac5dbc (cherry picked from commit bc0ab07c5941194178c08ec2924474a2ae15f2b1) --- deployment/ipa/ipaservices-baremetal-ansible.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deployment/ipa/ipaservices-baremetal-ansible.yaml b/deployment/ipa/ipaservices-baremetal-ansible.yaml index c159fa0e6a..bfad3d5eea 100644 --- a/deployment/ipa/ipaservices-baremetal-ansible.yaml +++ b/deployment/ipa/ipaservices-baremetal-ansible.yaml @@ -141,6 +141,12 @@ outputs: stat: path: /etc/ipa/default.conf register: ipa_conf_exists + - name: install openssl-perl + package: + name: openssl-perl + state: present + when: + - ipaclient_install_packages|bool - block: - name: register as an ipa client import_role: