Ansible always looks for LetsEncypt certs even if they are disabled in heat

[gellner]

It appears that ansible run will always fail if getCertificates is false in openshift-heat run because the following is static:

openshift_master_overwrite_named_certificates=true
openshift_master_named_certificates=[{"certfile": "/home/cloud-user/ocp.{{ domainSuffix }}/fullchain1.pem", "keyfile": "/home/cloud-user/ocp.{{ domainSuffix }}/privkey1.pem", "names": ["ocp.{{ domainSuffix }}"]}]

I guess the intended usecase is so that full CA-provided certs can be placed in those locations. However, openshift_master_overwrite_named_certificates should be an environment.yaml switch so that the default self-signed behaviour can still be used if required.

[stevemul]

That's annoying - sorry that's my fault. I missed that obvious test scenario. I'll fix this today.