From df2024ea268e93bf00ccc44b00f95ca0cb128219 Mon Sep 17 00:00:00 2001
From: Kenny Woodson <kwoodson@redhat.com>
Date: Wed, 1 Mar 2017 13:39:27 -0500
Subject: Defaulting variables properly to avoid undefined route in dict error.

---
 roles/openshift_hosted/tasks/registry/registry.yml |  6 ++---
 roles/openshift_hosted/tasks/registry/secure.yml   | 27 +++++++++++-----------
 2 files changed, 16 insertions(+), 17 deletions(-)

diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml
index 5e9d5d06a..d49967837 100644
--- a/roles/openshift_hosted/tasks/registry/registry.yml
+++ b/roles/openshift_hosted/tasks/registry/registry.yml
@@ -40,9 +40,9 @@
     openshift_hosted_registry_images: "{{ openshift.hosted.registry.registryurl | default('openshift3/ose-${component}:${version}')}}"
     openshift_hosted_registry_volumes: []
     openshift_hosted_registry_env_vars: {}
-    openshift_hosted_registry_route_certificates: "{{ openshift.hosted.registry.route.certificates | default(false) }}"
-    openshift_hosted_registry_route_host: "{{ openshift.hosted.registry.route.host | default(false) }}"
-    openshift_hosted_registry_route_termination: "{{ openshift.hosted.registry.route.termination | default('passthrough') }}"
+    openshift_hosted_registry_routecertificates: "{{ ('routecertificates' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routecertificates, {}) }}"
+    openshift_hosted_registry_routehost: "{{ ('routehost' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routehost, False) }}"
+    openshift_hosted_registry_routetermination: "{{ ('routetermination' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routetermination, 'passthrough') }}"
     openshift_hosted_registry_edits:
     # These edits are being specified only to prevent 'changed' on rerun
     - key: spec.strategy.rollingParams
diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml
index 7b85c1076..9a0108a93 100644
--- a/roles/openshift_hosted/tasks/registry/secure.yml
+++ b/roles/openshift_hosted/tasks/registry/secure.yml
@@ -4,17 +4,16 @@
     docker_registry_route_hostname: "{{ 'docker-registry-default.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
   run_once: true
 
+- debug: var=openshift_hosted_registry_routecertificates
+
 - name: Get the certificate contents for registry
   copy:
     backup: True
-    dest: "/etc/origin/master/named_certificates/{{ item | basename }}"
-    src: "{{ item }}"
-  register: openshift_hosted_registry_certificate_content
-  with_items:
-  - "{{ (openshift_hosted_registry_route_certificates | default({'certfile':none})).certfile }}"
-  - "{{ (openshift_hosted_registry_route_certificates | default({'keyfile':none})).keyfile }}"
-  - "{{ (openshift_hosted_registry_route_certificates | default({'cafile':none})).cafile }}"
-  when: openshift_hosted_registry_route_certificates
+    dest: "/etc/origin/master/named_certificates/{{ item.value | basename }}"
+    src: "{{ item.value }}"
+  when: item.key in ['certfile', 'keyfile', 'cafile'] and item.value is not None
+  with_dict: "{{ openshift_hosted_registry_routecertificates }}"
+  when: openshift_hosted_registry_routecertificates
 
 - debug: var=openshift_hosted_registry_route_termination
 
@@ -23,12 +22,12 @@
     name: docker-registry
     namespace: "{{ openshift_hosted_registry_namespace }}"
     service_name: docker-registry
-    tls_termination: "{{ openshift_hosted_registry_route_termination }}"
-    host: "{{ openshift_hosted_registry_route_host | default(docker_registry_route_hostname) }}"
-    cert_path: "{{ ('certfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.certfile | basename), omit) }}"
-    key_path: "{{ ('keyfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.keyfile | basename), omit) }}"
-    cacert_path: "{{ ('cafile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.cafile | basename), omit) }}"
-    dest_cacert_path: "{{ (openshift_hosted_registry_route_termination == 'reencrypt') | ternary('/etc/origin/master/ca.crt', omit) }}"
+    tls_termination: "{{ openshift_hosted_registry_routetermination }}"
+    host: "{{ openshift_hosted_registry_routehost | default(docker_registry_route_hostname) }}"
+    cert_path: "{{ ('certfile' in openshift_hosted_registry_routecertificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_routecertificates.certfile | basename), omit) }}"
+    key_path: "{{ ('keyfile' in openshift_hosted_registry_routecertificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_routecertificates.keyfile | basename), omit) }}"
+    cacert_path: "{{ ('cafile' in openshift_hosted_registry_routecertificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_routecertificates.cafile | basename), omit) }}"
+    dest_cacert_path: "{{ (openshift_hosted_registry_routetermination == 'reencrypt') | ternary('/etc/origin/master/ca.crt', omit) }}"
   run_once: true
 
 - name: Retrieve registry service IP
-- 
cgit v1.2.3