diff options
| author |   Markos Chandras <mchandras@suse.de> | 2018-04-06 10:29:02 +0100 |
|---|---|---|
| committer | Markos Chandras <mchandras@suse.de> | 2018-04-06 12:14:57 +0100 |
| commit | bae55b8a8d7ecbbc8da20b728951ebc290245cf9 (patch) | |
| tree | 6e94480b2ef5db7effa17e9db48979c7eb2f9a97 | |
| parent | 1707d87b382602935378545e76c0a5f654474b13 (diff) | |
xci: osa: Move SSL certification tasks to a new file
The tasks for creating and managing the XCI SSL certificates
can be shared between installers so move them to a common file.
Change-Id: I9df82517e737681420429a992aa8d68e78528fd4
Signed-off-by: Markos Chandras <mchandras@suse.de>
| -rw-r--r-- | xci/installer/osa/playbooks/configure-opnfvhost.yml | 23 | ||||
| -rw-r--r-- | xci/playbooks/manage-ssl-certs.yml | 32 |
2 files changed, 36 insertions, 19 deletions
diff --git a/xci/installer/osa/playbooks/configure-opnfvhost.yml b/xci/installer/osa/playbooks/configure-opnfvhost.yml index 35b17e55..3dcdaa60 100644 --- a/xci/installer/osa/playbooks/configure-opnfvhost.yml +++ b/xci/installer/osa/playbooks/configure-opnfvhost.yml @@ -127,7 +127,6 @@ - pyyaml - python-neutronclient - python-openstackclient - - pyOpenSSL - name: Install ARA callback plugin in OSA virtualenv pip: name: ara @@ -154,24 +153,10 @@ chdir: "{{openstack_osa_path}}/scripts" changed_when: True - - name: Generate XCI private key - openssl_privatekey: - path: /etc/ssl/private/xci.key - size: 2048 - - - name: Generate XCI certificate request - openssl_csr: - privatekey_path: /etc/ssl/private/xci.key - path: /etc/ssl/private/xci.csr - common_name: "{{ xci_ssl_subject }}" - - - name: Generate XCI self signed certificate - openssl_certificate: - path: /etc/ssl/certs/xci.crt - privatekey_path: /etc/ssl/private/xci.key - csr_path: /etc/ssl/private/xci.csr - provider: selfsigned - selfsigned_not_after: 20800101000000Z + - name: Configure SSL certificates + include_tasks: "{{ xci_path }}/xci/playbooks/manage-ssl-certs.yml" + vars: + extra_args: "-c https://raw.githubusercontent.com/openstack/requirements/{{ requirements_git_install_branch }}/upper-constraints.txt" - name: fetch xci environment copy: diff --git a/xci/playbooks/manage-ssl-certs.yml b/xci/playbooks/manage-ssl-certs.yml new file mode 100644 index 00000000..d0c5c518 --- /dev/null +++ b/xci/playbooks/manage-ssl-certs.yml @@ -0,0 +1,32 @@ +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 SUSE Linux GmbH and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- name: Install required pip packages for SSL + pip: + name: pyOpenSSL + state: present + extra_args: "{{ extra_args | default(omit) }}" + +- name: Generate XCI private key + openssl_privatekey: + path: /etc/ssl/private/xci.key + size: 2048 + +- name: Generate XCI certificate request + openssl_csr: + privatekey_path: /etc/ssl/private/xci.key + path: /etc/ssl/private/xci.csr + common_name: "{{ xci_ssl_subject }}" + +- name: Generate XCI self signed certificate + openssl_certificate: + path: /etc/ssl/certs/xci.crt + privatekey_path: /etc/ssl/private/xci.key + csr_path: /etc/ssl/private/xci.csr + provider: selfsigned + selfsigned_not_after: 20800101000000Z |