User provided certs pushed from control. vars reorg (#12)

Merging per discussion and agreement from @bbguimaraes 

4 files changed, 35 insertions, 20 deletions

diff --git a/roles/openshift_metrics/tasks/generate_certificates.yaml b/roles/openshift_metrics/tasks/generate_certificates.yaml
index 66cfbca03..16a967aa7 100644
--- a/roles/openshift_metrics/tasks/generate_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_certificates.yaml
@@ -4,6 +4,7 @@
     path: "{{ openshift_metrics_certs_dir }}"
     state: directory
     mode: 0700
+
 - name: list existing secrets
   command: >
     {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }}
@@ -11,6 +12,7 @@
     get secrets -o name
   register: metrics_secrets
   changed_when: false
+
 - name: generate ca certificate chain
   shell: >
     {{ openshift.common.admin_binary }} ca create-signer-cert
diff --git a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
index 4e032ca7e..f36175735 100644
--- a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
@@ -3,7 +3,7 @@
   include: setup_certificate.yaml
   vars:
     component: hawkular-metrics
-    hostnames: "hawkular-metrics,{{ openshift_metrics_hawkular_metrics_hostname }}"
+    hostnames: "hawkular-metrics,{{ openshift_metrics_hawkular_hostname }}"
 - name: generate hawkular-cassandra certificates
   include: setup_certificate.yaml
   vars:
diff --git a/roles/openshift_metrics/tasks/install_hawkular.yaml b/roles/openshift_metrics/tasks/install_hawkular.yaml
index 1acc8948d..34a8c58b8 100644
--- a/roles/openshift_metrics/tasks/install_hawkular.yaml
+++ b/roles/openshift_metrics/tasks/install_hawkular.yaml
@@ -11,7 +11,7 @@
   vars:
     node: "{{ item }}"
     master: "{{ (item == '1')|string|lower }}"
-  with_sequence: count={{ openshift_metrics_cassandra_nodes }}
+  with_sequence: count={{ openshift_metrics_cassandra_replicas }}
 
 - name: generate hawkular-cassandra persistent volume claims
   template:
@@ -24,7 +24,7 @@
     access_modes:
     - ReadWriteOnce
     size: "{{ openshift_metrics_cassandra_pv_size }}"
-  with_sequence: count={{ openshift_metrics_cassandra_nodes }}
+  with_sequence: count={{ openshift_metrics_cassandra_replicas }}
   when: openshift_metrics_cassandra_storage_type == 'pv'
 
 - name: generate hawkular-cassandra persistent volume claims (dynamic)
@@ -40,25 +40,38 @@
     access_modes:
     - ReadWriteOnce
     size: "{{ openshift_metrics_cassandra_pv_size }}"
-  with_sequence: count={{ openshift_metrics_cassandra_nodes }}
+  with_sequence: count={{ openshift_metrics_cassandra_replicas }}
   when: openshift_metrics_cassandra_storage_type == 'dynamic'
 
 - name: read hawkular-metrics route destination ca certificate
   slurp: src={{ openshift_metrics_certs_dir }}/ca.crt
   register: metrics_route_dest_ca_cert
 
-- name: generate the hawkular-metrics route
-  template:
-    src: route.j2
-    dest: "{{ mktemp.stdout }}/templates/hawkular-metrics-route.yaml"
-  vars:
-    name: hawkular-metrics
-    labels:
-      metrics-infra: hawkular-metrics
-    host: "{{ openshift_metrics_hawkular_metrics_hostname }}"
-    to:
-      kind: Service
+- block:
+  - set_fact: hawkular_key={{ lookup('file', openshift_metrics_hawkular_key) }}
+    when: openshift_metrics_hawkular_key | exists
+
+  - set_fact: hawkular_cert={{ lookup('file', openshift_metrics_hawkular_cert) }}
+    when: openshift_metrics_hawkular_cert | exists
+
+  - set_fact: hawkular_ca={{ lookup('file', openshift_metrics_hawkular_ca) }}
+    when: openshift_metrics_hawkular_ca | exists
+
+  - name: generate the hawkular-metrics route
+    template:
+      src: route.j2
+      dest: "{{ mktemp.stdout }}/templates/hawkular-metrics-route.yaml"
+    vars:
       name: hawkular-metrics
-    tls:
-      termination: reencrypt
-      destination_ca_certificate: "{{ metrics_route_dest_ca_cert.content }}"
+      labels:
+        metrics-infra: hawkular-metrics
+      host: "{{ openshift_metrics_hawkular_hostname }}"
+      to:
+        kind: Service
+        name: hawkular-metrics
+      tls:
+        termination: reencrypt
+        key: "{{ hawkular_key | default('') }}"
+        certificate: "{{ hawkular_cert | default('') }}"
+        ca_certificate: "{{ hawkular_ca | default('') }}"
+        destination_ca_certificate: "{{ metrics_route_dest_ca_cert.content | b64decode }}"
diff --git a/roles/openshift_metrics/tasks/install_metrics.yaml b/roles/openshift_metrics/tasks/install_metrics.yaml
index a6a094a83..b45629b70 100644
--- a/roles/openshift_metrics/tasks/install_metrics.yaml
+++ b/roles/openshift_metrics/tasks/install_metrics.yaml
@@ -1,7 +1,7 @@
 ---
 - name: check that hawkular_metrics_hostname is set
-  fail: msg='the openshift_metrics_hawkular_metrics_hostname variable is required'
-  when: openshift_metrics_hawkular_metrics_hostname is not defined
+  fail: msg='the openshift_metrics_hawkular_hostname variable is required'
+  when: openshift_metrics_hawkular_hostname is not defined
 
 - name: check the value of openshift_metrics_cassandra_storage_type
   fail: