Run certificate-authority independently during upgrade

localhost is not part of the `all` and excluded from play with any limit Because of that CA is not being generated during upgrade and things fail later with being unable to retrieve CA. This being workedaround with adding another task, that will setup root and intermediate certificates in advance. Change-Id: Ia5d82a7c8172407a0389ec9504ec80b3e842f88b
2021-06-09 18:43:28 +03:00 · 2021-06-09 18:43:28 +03:00 · 4731f08b83
commit 4731f08b83
parent bfc14c5d54
1 changed files with 1 additions and 0 deletions
--- a/scripts/run-upgrade.sh
+++ b/scripts/run-upgrade.sh
@ -169,6 +169,7 @@ function main {

    pushd ${MAIN_PATH}/playbooks
        RUN_TASKS+=("${SCRIPTS_PATH}/upgrade-utilities/deploy-config-changes.yml")
+        RUN_TASKS+=("certificate-authority.yml")
        # we don't want to trigger container restarts for galera and rabbit
        # but as there will be no hosts available for metal deployments,
        # as a fallback option we just run setup-hosts.yml without any arguments