diff --git a/playbookconfig/src/playbooks/create-platform-certificates-in-upgrade.yml b/playbookconfig/src/playbooks/create-platform-certificates-in-upgrade.yml index 24887406f..a3f06dfee 100644 --- a/playbookconfig/src/playbooks/create-platform-certificates-in-upgrade.yml +++ b/playbookconfig/src/playbooks/create-platform-certificates-in-upgrade.yml @@ -1,6 +1,6 @@ --- # -# Copyright (c) 2022-2023 Wind River Systems, Inc. +# Copyright (c) 2022-2024 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -18,7 +18,6 @@ mode: '' upgrade_in_progress: true system_local_ca_overrides: false - create_platform_certificates: true roles: - common/install-platform-certificates diff --git a/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/define-certs-to-create.yml b/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/define-certs-to-create.yml index 4d338762c..0ad165de2 100644 --- a/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/define-certs-to-create.yml +++ b/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/define-certs-to-create.yml @@ -1,6 +1,6 @@ --- # -# Copyright (c) 2023 Wind River Systems, Inc. +# Copyright (c) 2023-2024 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -17,8 +17,8 @@ - name: If first bootstrap, mark the creation flags for the required certificates set_fact: install_system_open_ldap_certificate: "{{ distributed_cloud_role != 'subcloud' }}" - install_system_registry_local_certificate: "{{ create_platform_certificates }}" - install_system_restapi_gui_certificate: "{{ create_platform_certificates }}" + install_system_registry_local_certificate: true + install_system_restapi_gui_certificate: true when: mode == 'bootstrap' - name: If upgrading, generate required certificates only if they don't exist @@ -40,8 +40,6 @@ set_fact: install_system_open_ldap_certificate: "{{ not (cert_exists.results[0].stdout | bool) and distributed_cloud_role != 'subcloud' }}" - install_system_registry_local_certificate: "{{ not (cert_exists.results[1].stdout | bool) - and create_platform_certificates }}" - install_system_restapi_gui_certificate: "{{ not (cert_exists.results[2].stdout | bool) - and create_platform_certificates }}" + install_system_registry_local_certificate: "{{ not (cert_exists.results[1].stdout | bool) }}" + install_system_restapi_gui_certificate: "{{ not (cert_exists.results[2].stdout | bool) }}" when: upgrade_in_progress diff --git a/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/main.yml b/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/main.yml index 4a10d1ab9..b5448f09c 100644 --- a/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/main.yml +++ b/playbookconfig/src/playbooks/roles/common/install-platform-certificates/tasks/main.yml @@ -1,6 +1,6 @@ --- # -# Copyright (c) 2022-2023 Wind River Systems, Inc. +# Copyright (c) 2022-2024 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -9,10 +9,6 @@ # kubernetes at a later step # -- name: Set create_platform_certificates if not defined - set_fact: - create_platform_certificates: "{{ create_platform_certificates | default(false) }}" - - name: Get distributed_cloud_role if not defined shell: | source /etc/platform/openrc @@ -80,10 +76,10 @@ include_tasks: install-docker-registry-certificate.yml - name: Signal that creation of RestAPI/GUI and Docker Registry at bootstrap is enabled - copy: - dest: "{{ platform_config_dir }}/{{ create_platform_certificates_flag_filename }}" - content: "" + file: + path: "{{ platform_config_dir }}/{{ create_platform_certificates_flag_filename }}" + mode: 0644 + state: touch become: yes - when: create_platform_certificates when: distributed_cloud_role != 'subcloud' or subcloud_local_ca_should_be_altered diff --git a/playbookconfig/src/playbooks/vars/bootstrap/main.yml b/playbookconfig/src/playbooks/vars/bootstrap/main.yml index c43d8f41a..9e5bf08a0 100644 --- a/playbookconfig/src/playbooks/vars/bootstrap/main.yml +++ b/playbookconfig/src/playbooks/vars/bootstrap/main.yml @@ -1,5 +1,2 @@ --- system_local_ca_overrides: false - -# Temporary feature flag https://storyboard.openstack.org/#!/story/2009811 -create_platform_certificates: false