Fix 'Regen pem' handler
Currently, 'Regen pem' handler does not ensure that newline is added between certificates when combining multiple files together. It may be a problem, especially for hashi_vault pki backend which doesn't add newline at the end of certificate file. Change-Id: Ic703e74532874e0912e21244153fb8c31cfebe31 Signed-off-by: Damian Dabrowski <damian.dabrowski@cleura.com>
This commit is contained in:
1 changed files with 16 additions and 4 deletions
@@ -14,13 +14,25 @@
# limitations under the License.
- name: Regen pem # noqa:no-changed-when
ansible.builtin.shell:>-
cat {{ item_base_path ~ '.crt' }} $(test -f {{ item_base_path ~ '-ca.crt' }} &&
echo {{ item_base_path ~ '-ca.crt' }}) {{ item_base_path ~ '.key' }} > {{ target_base_path ~ '.pem' }}
ansible.builtin.shell:|
{
files=(
"{{ item_base_path ~ '.crt' }}"
"$(test -f {{ item_base_path ~ '-ca.crt' }} && echo {{ item_base_path ~ '-ca.crt' }})"
"{{ item_base_path ~ '.key' }}"
)
for f in "${files[@]}"; do
cat "$f"
# adds a newline at the end of file's content if it doesn't exist
tail -c1 "$f" | grep -q '^$' || echo
done
} > {{ target_base_path ~ '.pem' }}
args:
executable:/bin/bash
vars:
item_interface:"{{ item['interface'] | default('') }}"
item_name:"{{ ('interface' in item and item['interface'] is truthy) | ternary(item['address'] ~ '-' ~ item_interface, item['address']) }}"
item_base_path:"{{ haproxy_ssl_temp_path ~ '/haproxy_' ~ ansible_facts['hostname'] ~ '-' ~ item_name }}"
item_base_path:"{{ haproxy_ssl_temp_path ~ '/haproxy_' ~ ansible_facts['hostname'] ~ '-' ~ item_name }}"
target_base_path:"{{ haproxy_ssl_cert_path ~ '/haproxy_' ~ ansible_facts['hostname'] ~ '-' ~ item_name }}"
with_items:"{{ haproxy_vip_binds }}"
listen:
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.