diff options
author | 2017-08-16 16:28:28 +0200 | |
---|---|---|
committer | 2017-09-14 20:13:00 +0000 | |
commit | d08ce6dfd4df2574be8f69419f5e5c027cae6d2a (patch) | |
tree | 33f601c8eb151cba1c7eef066fccbe2aee69af5d /xci/playbooks/configure-localhost.yml | |
parent | 890763baf32de0bab7985b55fe9f8d7c59c48dc0 (diff) |
Generate and use certificates for OSA
Instead of making OSA to generate self signed certs, bring our
own and pass them.
By this way we will be able to trust in that certs, and start
consuming OpenStack easily.
It will also generate proper openrc file to source it and start
consuming the cloud properly.
Change-Id: Ic72a8b05e6efb222926fc5fa0800e033b2dbd22f
Closes-Bug: RELENG-266
Signed-off-by: Yolanda Robla <yroblamo@redhat.com>
Diffstat (limited to 'xci/playbooks/configure-localhost.yml')
-rw-r--r-- | xci/playbooks/configure-localhost.yml | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/xci/playbooks/configure-localhost.yml b/xci/playbooks/configure-localhost.yml index 40147d31..2dfa0530 100644 --- a/xci/playbooks/configure-localhost.yml +++ b/xci/playbooks/configure-localhost.yml @@ -15,7 +15,7 @@ roles: - role: remove-folders - { role: clone-repository, project: "opnfv/releng-xci", repo: "{{ OPNFV_RELENG_GIT_URL }}", dest: "{{ OPNFV_RELENG_PATH }}", version: "{{ OPNFV_RELENG_VERSION }}" } - + - { role: clone-repository, project: "openstack/openstack-ansible-openstack_openrc", repo: "{{ OPENSTACK_OSA_OPENRC_GIT_URL }}", dest: "{{ OPENSTACK_OSA_OPENRC_PATH }}", version: "master" } - hosts: localhost connection: local gather_facts: false @@ -57,3 +57,21 @@ copy: src: "{{XCI_FLAVOR_ANSIBLE_FILE_PATH}}/flavor-vars.yml" dest: "{{OPNFV_RELENG_PATH}}/xci/var" +- hosts: localhost + connection: local + gather_facts: false + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml + tasks: + - name: create certificate directory /etc/ssl/certs + file: + path: "/etc/ssl/certs" + state: directory + - name: create key directory /etc/ssl/private + file: + path: "/etc/ssl/private" + state: directory + - name: generate self signed certificate + command: openssl req -new -nodes -x509 -subj "{{ XCI_SSL_SUBJECT }}" -days 3650 -keyout "/etc/ssl/private/xci.key" -out "/etc/ssl/certs/xci.crt" -extensions v3_ca + become: true |