starlingx/ansible-playbooks
Code Issues Proposed changes

Merge "Block addition of ssl_ca certs with same subject"

Browse Source
This commit is contained in:
Zuul 2022-08-11 16:02:56 +00:00 committed by Gerrit Code Review
commit 3605a388f9
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
playbookconfig/src/playbooks/roles/bootstrap/persist-config/tasks/main.yml
View File

@ -316,12 +316,27 @@
when: use_docker_proxy when: use_docker_proxy
# Install certificate if SSL CA certifcate is configured # Install certificate if SSL CA certificate is configured
- block: - block:
- name: Set source for copying certificate - name: Set source for copying certificate
set_fact: set_fact:
ssl_ca_source: "{{ mode == 'restore' }}" ssl_ca_source: "{{ mode == 'restore' }}"
- block:
- name: Check for existing ssl_ca certificates
shell: |
source /etc/platform/openrc
system certificate-list | grep ssl_ca | awk '{ print $2 }'
register: existing_ssl_ca_certificates_uuid
- name: Delete existing ssl_ca certificates
shell: source /etc/platform/openrc; system certificate-uninstall -m ssl_ca {{ item }}
with_items:
- "{{ existing_ssl_ca_certificates_uuid.stdout_lines }}"
when: existing_ssl_ca_certificates_uuid.stdout_lines | length > 0
when: replayed and mode != 'restore'
- name: Copy ssl_ca certificate - name: Copy ssl_ca certificate
copy: copy:
src: "{{ ssl_ca_cert }}" src: "{{ ssl_ca_cert }}"