Fix contiv api certificate generation (#3531)

This commit is contained in:
Erwan Miran 2018-10-17 00:34:33 +02:00 committed by k8s-ci-robot
parent 7bec169d58
commit 4d2b6b71f2

View file

@ -97,16 +97,25 @@
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true run_once: true
- name: Contiv | Generate contiv-api-proxy certificates - name: Contiv | Check for cert key existence
script: /var/contiv/generate-certificate.sh stat:
args: path: /var/contiv/auth_proxy_key.pem
creates: /var/contiv/auth_proxy_key.pem register: contiv_certificate_key_state
when: when:
- contiv_enable_api_proxy - contiv_enable_api_proxy
- contiv_generate_certificate - contiv_generate_certificate
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true run_once: true
- name: Contiv | Generate contiv-api-proxy certificates
command: /var/contiv/generate-certificate.sh
when:
- contiv_enable_api_proxy
- contiv_generate_certificate
- (not contiv_certificate_key_state.stat.exists)
delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true
- name: Contiv | Fetch the generated certificate - name: Contiv | Fetch the generated certificate
fetch: fetch:
src: "/var/contiv/{{ item }}" src: "/var/contiv/{{ item }}"