From bc0ab07c5941194178c08ec2924474a2ae15f2b1 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Thu, 3 Sep 2020 15:19:21 -0400 Subject: [PATCH] Add package install for openssl-perl openssl-perl is used to get the directory /etc/pki/CA, which is needed for cert requests during the deployment. In OVB deployments, this package is part of the image and so does not need to be installed. In pre-provisioned node environments, we need to document that this package needs to be installed. By adding this patch, we ensure that it is there before we need it for certs. This of course assumes we're not in some kind of airgapped environment (which is why its dependent on IdMInstallClientPackages). In that case, we need to continue to doc what must be there. Change-Id: I7fe5404144f7a75a5a1c257ceef9593719ac5dbc --- deployment/ipa/ipaservices-baremetal-ansible.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deployment/ipa/ipaservices-baremetal-ansible.yaml b/deployment/ipa/ipaservices-baremetal-ansible.yaml index 7193d1cb44..7bf9970b26 100644 --- a/deployment/ipa/ipaservices-baremetal-ansible.yaml +++ b/deployment/ipa/ipaservices-baremetal-ansible.yaml @@ -141,6 +141,12 @@ outputs: stat: path: /etc/ipa/default.conf register: ipa_conf_exists + - name: install openssl-perl + package: + name: openssl-perl + state: present + when: + - ipaclient_install_packages|bool - block: - name: register as an ipa client import_role: