summaryrefslogtreecommitdiffstats
path: root/ansible/roles
diff options
context:
space:
mode:
authorMichal Ptacek <m.ptacek@partner.samsung.com>2019-02-01 08:37:05 +0000
committerMichal Ptacek <m.ptacek@partner.samsung.com>2019-02-06 08:33:42 +0000
commit997057f24ed6681094d4a96cb2738a0bcf307ee0 (patch)
tree820a093f1c86a3d6355c285a8c74b23b2997a008 /ansible/roles
parent8056725eb5d1b1099797828d074bfea0f646f494 (diff)
Inserting our root certificate into policy pods
This commits introduced another bunch of patches for OOM charts we need in Casablanca to be able to get our certificate trusted by policy pods which are collecting maven artifacts from our nexus during runtime. Change-Id: I8289b155970e57059bccb5dfe09231e28bf27a32 Issue-ID: OOM-1609 Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>
Diffstat (limited to 'ansible/roles')
-rw-r--r--ansible/roles/application-install/tasks/install.yml16
1 files changed, 16 insertions, 0 deletions
diff --git a/ansible/roles/application-install/tasks/install.yml b/ansible/roles/application-install/tasks/install.yml
index eaa40ce2..ab17aba4 100644
--- a/ansible/roles/application-install/tasks/install.yml
+++ b/ansible/roles/application-install/tasks/install.yml
@@ -38,6 +38,21 @@
environment:
PATH: "{{ helm_bin_dir }}:{{ ansible_env.PATH }}"
+- name: Register root certificate
+ slurp:
+ src: '/certs/rootCA.crt'
+ register: root_cert
+ delegate_to: localhost
+
+# WA: this is required because deploy plugin dont process params properly
+- name: Create override file with global.cacert
+ copy:
+ dest: "{{ app_data_path}}/override.yaml"
+ content: |
+ global:
+ cacert:
+ {{ root_cert['content'] | b64decode | indent( width=4, indentfirst=False) }}
+
- name: Check for deploy plugin presence
stat:
path: '~/.helm/plugins/deploy/deploy.sh'
@@ -50,3 +65,4 @@
{{ app_helm_release_name }}
{{ helm_repository_name }}/{{ app_helm_chart_name }}
--namespace {{ app_kubernetes_namespace }}
+ -f {{ app_data_path }}/override.yaml