Bug fix for missing XOS Core API key and cert
Change-Id: Ia78c2a60a0c90da79f74a3ff271e20a17aa077ba
diff --git a/roles/cord-profile/defaults/main.yml b/roles/cord-profile/defaults/main.yml
index bede32d..029d9e8 100644
--- a/roles/cord-profile/defaults/main.yml
+++ b/roles/cord-profile/defaults/main.yml
@@ -3,6 +3,7 @@
cord_dir: "{{ ansible_user_dir + '/cord' }}"
cord_profile_dir: "{{ ansible_user_dir + '/cord_profile' }}"
+pki_dir: "/opt/pki"
# used in xos.yaml.j2, if True, other synchronizer container will not be started
frontend_only: False
diff --git a/roles/cord-profile/tasks/main.yml b/roles/cord-profile/tasks/main.yml
index 2ce0269..2e6083f 100644
--- a/roles/cord-profile/tasks/main.yml
+++ b/roles/cord-profile/tasks/main.yml
@@ -35,6 +35,15 @@
mode: 0600
with_items: "{{ xos_service_sshkeys }}"
+- name: Copy over core api key and cert
+ copy:
+ src: "{{ pki_dir }}/{{ item }}"
+ dest: "{{ cord_profile_dir }}/{{ item }}"
+ mode: 0600
+ with_items:
+ - core_api_key.pem
+ - core_api_cert.pem
+
- name: Make Image directory ( outside of profile directory to avoid repeat downloads on sequential runs)
become: yes
file:
diff --git a/roles/pki-install/tasks/main.yml b/roles/pki-install/tasks/main.yml
index 72cd0f8..a49d88d 100644
--- a/roles/pki-install/tasks/main.yml
+++ b/roles/pki-install/tasks/main.yml
@@ -28,6 +28,10 @@
with_items:
- src: "intermediate_ca/certs/im_cert_chain.pem"
dest: "im_cert_chain.pem"
+ - src: "intermediate_ca/private/xos-core.{{ site_suffix }}_key.pem"
+ dest: "core_api_key.pem"
+ - src: "intermediate_ca/certs/xos-core.{{ site_suffix }}_cert_chain.pem"
+ dest: "core_api_cert.pem"
- name: Copy certs needed by OpenStack
become: yes