diff options
| author | Jose A. Rivera <jarrpa@redhat.com> | 2017-06-16 18:02:18 -0500 |
|---|---|---|
| committer | Jose A. Rivera <jarrpa@redhat.com> | 2017-06-16 18:02:18 -0500 |
| commit | b1c40b3dbbc7cfbf9ed0f6f657a68b4ea6a53136 (patch) | |
| tree | 11db64bdb56044b01cc88ec80c131898b78cb69a | |
| parent | 08dd5120fce0238a579154542655452208f37311 (diff) | |
| download | openshift-b1c40b3dbbc7cfbf9ed0f6f657a68b4ea6a53136.tar.gz openshift-b1c40b3dbbc7cfbf9ed0f6f657a68b4ea6a53136.tar.bz2 openshift-b1c40b3dbbc7cfbf9ed0f6f657a68b4ea6a53136.tar.xz openshift-b1c40b3dbbc7cfbf9ed0f6f657a68b4ea6a53136.zip | |
GlusterFS: Generate better secret keys
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
| -rw-r--r-- | roles/openshift_storage_glusterfs/defaults/main.yml | 8 | ||||
| -rw-r--r-- | roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml | 17 |
2 files changed, 21 insertions, 4 deletions
diff --git a/roles/openshift_storage_glusterfs/defaults/main.yml b/roles/openshift_storage_glusterfs/defaults/main.yml index b278d76f5..4ff56af9e 100644 --- a/roles/openshift_storage_glusterfs/defaults/main.yml +++ b/roles/openshift_storage_glusterfs/defaults/main.yml @@ -13,8 +13,8 @@ openshift_storage_glusterfs_heketi_is_missing: True openshift_storage_glusterfs_heketi_deploy_is_missing: True openshift_storage_glusterfs_heketi_image: "{{ 'rhgs3/rhgs-volmanager-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'heketi/heketi' | quote }}" openshift_storage_glusterfs_heketi_version: 'latest' -openshift_storage_glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}" -openshift_storage_glusterfs_heketi_user_key: "{{ 32 | oo_generate_secret }}" +openshift_storage_glusterfs_heketi_admin_key: "{{ omit }}" +openshift_storage_glusterfs_heketi_user_key: "{{ omit }}" openshift_storage_glusterfs_heketi_topology_load: True openshift_storage_glusterfs_heketi_wipe: "{{ openshift_storage_glusterfs_wipe }}" openshift_storage_glusterfs_heketi_url: "{{ omit }}" @@ -34,8 +34,8 @@ openshift_storage_glusterfs_registry_heketi_is_missing: "{{ openshift_storage_gl openshift_storage_glusterfs_registry_heketi_deploy_is_missing: "{{ openshift_storage_glusterfs_heketi_deploy_is_missing }}" openshift_storage_glusterfs_registry_heketi_image: "{{ openshift_storage_glusterfs_heketi_image }}" openshift_storage_glusterfs_registry_heketi_version: "{{ openshift_storage_glusterfs_heketi_version }}" -openshift_storage_glusterfs_registry_heketi_admin_key: "{{ 32 | oo_generate_secret }}" -openshift_storage_glusterfs_registry_heketi_user_key: "{{ 32 | oo_generate_secret }}" +openshift_storage_glusterfs_registry_heketi_admin_key: "{{ omit }}" +openshift_storage_glusterfs_registry_heketi_user_key: "{{ omit }}" openshift_storage_glusterfs_registry_heketi_topology_load: "{{ openshift_storage_glusterfs_heketi_topology_load }}" openshift_storage_glusterfs_registry_heketi_wipe: "{{ openshift_storage_glusterfs_heketi_wipe }}" openshift_storage_glusterfs_registry_heketi_url: "{{ openshift_storage_glusterfs_heketi_url | default(omit) }}" diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml index 92accc170..4406ef28b 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml @@ -123,6 +123,23 @@ when: - glusterfs_heketi_topology_load +- name: Generate heketi admin key + set_fact: + glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}" + when: + - glusterfs_heketi_is_native + - glusterfs_heketi_admin_key is undefined + +- name: Generate heketi user key + set_fact: + glusterfs_heketi_user_key: "{{ 32 | oo_generate_secret }}" + until: "glusterfs_heketi_user_key != glusterfs_heketi_admin_key" + delay: 1 + retries: 10 + when: + - glusterfs_heketi_is_native + - glusterfs_heketi_user_key is undefined + - include: heketi_deploy_part1.yml when: - glusterfs_heketi_is_native |