Przeglądaj źródła

Merge "Add retry for x509.certificate_managed state"

pull/73/head
Petr Michalec 6 lat temu
rodzic
commit
a380b04bfb
2 zmienionych plików z 38 dodań i 26 usunięć
  1. +32
    -26
      salt/minion/ca.sls
  2. +6
    -0
      salt/minion/cert.sls

+ 32
- 26
salt/minion/ca.sls Wyświetl plik

@@ -48,32 +48,38 @@ salt_minion_cert_{{ ca_name }}_dirs:

{{ ca_file }}:
x509.certificate_managed:
- signing_private_key: {{ ca_key_file }}
- CN: "{{ ca.common_name }}"
{%- if ca.country is defined %}
- C: {{ ca.country }}
{%- endif %}
{%- if ca.state is defined %}
- ST: {{ ca.state }}
{%- endif %}
{%- if ca.locality is defined %}
- L: {{ ca.locality }}
{%- endif %}
{%- if ca.organization is defined %}
- O: {{ ca.organization }}
{%- endif %}
{%- if ca.organization_unit is defined %}
- OU: {{ ca.organization_unit }}
{%- endif %}
- basicConstraints: "critical,CA:TRUE"
- keyUsage: {{ ca_key_usage }}
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- days_valid: {{ ca.days_valid.authority }}
- days_remaining: 0
- backup: True
- require:
- x509: {{ ca_key_file }}
- signing_private_key: {{ ca_key_file }}
- CN: "{{ ca.common_name }}"
{%- if ca.country is defined %}
- C: {{ ca.country }}
{%- endif %}
{%- if ca.state is defined %}
- ST: {{ ca.state }}
{%- endif %}
{%- if ca.locality is defined %}
- L: {{ ca.locality }}
{%- endif %}
{%- if ca.organization is defined %}
- O: {{ ca.organization }}
{%- endif %}
{%- if ca.organization_unit is defined %}
- OU: {{ ca.organization_unit }}
{%- endif %}
- basicConstraints: "critical,CA:TRUE"
- keyUsage: {{ ca_key_usage }}
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- days_valid: {{ ca.days_valid.authority }}
- days_remaining: 0
- backup: True
- require:
- x509: {{ ca_key_file }}
{%- if grains['saltversioninfo'][0] >= 2017 %}
- retry:
attepmts: 5
until: True
interval: 60
{%- endif %}

# TODO: Squash this with the previous state after switch to Salt version >= 2016.11.2
{{ ca_name }}_cert_permissions:

+ 6
- 0
salt/minion/cert.sls Wyświetl plik

@@ -91,6 +91,12 @@ salt_minion_cert_{{ cert_name }}_dirs:
- watch_in:
- cmd: salt_minion_cert_{{ cert_name }}_all
{%- endif %}
{%- if grains['saltversioninfo'][0] >= 2017 %}
- retry:
attepmts: 5
until: True
interval: 60
{%- endif %}

# TODO: Squash this with the previous state after switch to Salt version >= 2016.11.2
{{ cert_file }}_cert_permissions:

Ładowanie…
Anuluj
Zapisz