bbaassssiiee
commented
4 years ago Please create a pull-request with this line removed from the action named decrypt server key:
when: ansible_virtualization_type != "docker"Don't forget to register on https://hacktoberfest.digitalocean.com to earn a T-shirt
I'm trying to get these scripts working on docker containers instead of vms and getting somewhere (slowly, testing is not a fast turnaround), hung up here now in buildserver/roles/pki/tasks/main.yml (lines 65 to 92):
`- name: decrypt server certificate when: ansible_virtualization_type != "docker" environment: P12_PASSWORD: "{{ p12_password | default('p12_password') }}" shell: 'openssl pkcs12 \ -in /etc/pki/tls/private/server.p12 \ -nodes -nokeys \ -passin env:P12_PASSWORD > /etc/pki/tls/certs/tmp.cer' changed_when: yes
name: decrypt server key when: ansible_virtualization_type != "docker" environment: P12_PASSWORD: "{{ p12_password | default('p12_password') }}" shell: 'openssl pkcs12 \ -in /etc/pki/tls/private/server.p12 \ -nodes -nocerts \ -passin env:P12_PASSWORD > /etc/pki/tls/private/tmp.key' changed_when: yes
name: validate moludus of certificate to moludus of key shell: 'set -o pipefail && (openssl x509 -noout -modulus -in /etc/pki/tls/certs/tmp.cer | openssl md5 ; \ openssl rsa -noout -modulus -in /etc/pki/tls/private/tmp.key | openssl md5) | \ uniq | wc -l' changed_when: no register: checksums tags:
As you can see these tasks specifically don't run for docker, any reason why? I'm pretty sure either they need to run or the following check of the generated file needs to be removed!