- name: Add ssl certificate and key to dokku
become: true
dokku_global_cert:
key: /etc/letsencrypt/live/{{ domain }}/privkey.pem
cert: /etc/letsencrypt/live/{{ domain }}/fullchain.pem
Results in an error:
...
File "/tmp/ansible_dokku_global_cert_payload_XdwLil/ansible_dokku_global_cert_payload.zip/ansible/modules/dokku_global_cert.py", line 153, in dokku_global_cert_present
KeyError: 'enabled'
Bug
There appears to be a bug in the parsing of the output of the dokku --quiet global-cert:report command.
This is an example of the output:
dokku --quiet global-cert:report
Global cert dir: /var/lib/dokku/config/global-cert
Global cert enabled: false
Global cert expires at:
Global cert hostnames:
Global cert issuer:
Global cert starts at:
Global cert subject:
Global cert verified:
One thing that puzzles me a bit is that this bug seems to affect any use of the dokku_global_cert module, i.e. if it has not surfaced so far, does that mean I am the first user of it (?).
I'll make a PR to fix it.
P.S. @josegonzalez In general, I'm wondering whether it would not be a better idea to add a --format json flag to the output of the dokku command rather than to write a fragile parser of a free-format report.
Description of problem
Using the
dokku_global_cert
module, e.g. likeResults in an error:
Bug
There appears to be a bug in the parsing of the output of the
dokku --quiet global-cert:report
command.This is an example of the output:
The parsing then tries to extract e.g. the 'enabled', 'expires', ... keys by some searching & replacing. In particular, all spaces are replaced by dashes, but the following line https://github.com/dokku/ansible-dokku/blob/eec1b37adf9d830a8ed174046f40ec4d4769c545/library/dokku_global_cert.py#L100 tries to strip off a prefix that still contains a space (resulting in the prefix not being stripped off).
One thing that puzzles me a bit is that this bug seems to affect any use of the
dokku_global_cert
module, i.e. if it has not surfaced so far, does that mean I am the first user of it (?).I'll make a PR to fix it.
P.S. @josegonzalez In general, I'm wondering whether it would not be a better idea to add a
--format json
flag to the output of thedokku
command rather than to write a fragile parser of a free-format report.