summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node_certificates
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2016-09-30 14:53:40 -0400
committerGitHub <noreply@github.com>2016-09-30 14:53:40 -0400
commit5746c82c54291aca3f50ee948b49a63d9ae4445b (patch)
tree378eca6a051b2b09ca285d4eec6077e68bb500ef /roles/openshift_node_certificates
parent1ce3ac9c0f31da7536b0136c0424c33eac379ae4 (diff)
parent6826f27769563d30194818a0f13b9da086ddf7ab (diff)
downloadopenshift-5746c82c54291aca3f50ee948b49a63d9ae4445b.tar.gz
openshift-5746c82c54291aca3f50ee948b49a63d9ae4445b.tar.bz2
openshift-5746c82c54291aca3f50ee948b49a63d9ae4445b.tar.xz
openshift-5746c82c54291aca3f50ee948b49a63d9ae4445b.zip
Merge pull request #2475 from smunilla/registry_all_the_time
Install Registry by Default
Diffstat (limited to 'roles/openshift_node_certificates')
-rw-r--r--roles/openshift_node_certificates/handlers/main.yml10
-rw-r--r--roles/openshift_node_certificates/tasks/main.yml11
2 files changed, 21 insertions, 0 deletions
diff --git a/roles/openshift_node_certificates/handlers/main.yml b/roles/openshift_node_certificates/handlers/main.yml
new file mode 100644
index 000000000..f2299cecf
--- /dev/null
+++ b/roles/openshift_node_certificates/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+- name: update ca trust
+ command: update-ca-trust
+ notify:
+ - restart docker after updating ca trust
+
+- name: restart docker after updating ca trust
+ service:
+ name: docker
+ state: restarted
diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml
index a729b4d6c..80ab4bb1d 100644
--- a/roles/openshift_node_certificates/tasks/main.yml
+++ b/roles/openshift_node_certificates/tasks/main.yml
@@ -124,3 +124,14 @@
when: node_certs_missing | bool
delegate_to: localhost
become: no
+
+- name: Copy OpenShift CA to system CA trust
+ copy:
+ src: "{{ item.cert }}"
+ dest: "/etc/pki/ca-trust/source/anchors/{{ item.id }}-{{ item.cert | basename }}"
+ remote_src: yes
+ with_items:
+ - id: openshift
+ cert: "{{ openshift_node_cert_dir }}/ca.crt"
+ notify:
+ - update ca trust