9108a8953f
This was previously spread around the code as 'when:' clauses on ansible tasks. This patch refactors the conditional code to be entirely within the dynamic generation of variables in vars/main.yml. Any elements from the default or discovered CA or certificate lists which have condition=false are removed, so no conditionals are required elsewhere in the code. pki_authorities and pki_certificates are defined as empty lists in the ansible defaults to further reduce the need for the use of default() in the rest of the role. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/830806 Change-Id: Iea809406b1d4140b985fcb038663ae0257336463
23 lines
810 B
YAML
23 lines
810 B
YAML
---
|
|
# Copyright 2021, BBC
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Include {{ pki_method }} CA variables
|
|
include_vars:
|
|
file: "{{ pki_method ~ '_ca.yml' }}"
|
|
|
|
- name: Install certificate authorities
|
|
include_tasks: "{{ pki_method }}/install_ca.yml"
|
|
when: _pki_install_ca_defs | length > 0
|