Skip to content

Commit

Permalink
Move tls_server_name logic into a task for clarity
Browse files Browse the repository at this point in the history
  • Loading branch information
@csibbitt
csibbitt committed Jul 4, 2023
1 parent 1460239 commit 37ff9ed
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 1 deletion.
11 changes: 11 additions & 0 deletions roles/servicetelemetry/tasks/component_clouds.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,17 @@
elastic_pass: "{{ elasticsearch_es_elastic_user.resources[0].data[elastic_user] | b64decode }}"
no_log: true

- name: Set elastic_tls_server_name from forwarding config if set

Check failure on line 41 in roles/servicetelemetry/tasks/component_clouds.yml

View workflow job for this annotation

GitHub Actions / Linting 

empty-string-compare Don't compare to empty string
set_fact:
elastic_tls_server_name: "{{ servicetelemetry_vars.backends.events.elasticsearch.forwarding.tls_server_name }}"
when: servicetelemetry_vars.backends.events.elasticsearch.forwarding.tls_server_name != ""

# This sets the server name based on the host part of the URL between // and : (https://elasticsearch-host:9200)
- name: Set elastic_tls_server_name by parsing the host_url if it's not set in the config

Check failure on line 47 in roles/servicetelemetry/tasks/component_clouds.yml

View workflow job for this annotation

GitHub Actions / Linting 

empty-string-compare Don't compare to empty string
set_fact:
elastic_tls_server_name: "{{ servicetelemetry_vars.backends.events.elasticsearch.forwarding.host_url.rpartition('//')[-1].partition(':')[0] }}"
when: servicetelemetry_vars.backends.events.elasticsearch.forwarding.tls_server_name == ""

- name: Get the Elasticsearch TLS materials secret
k8s_info:
api_version: v1
Expand Down
2 changes: 1 addition & 1 deletion roles/servicetelemetry/templates/manifest_smartgateway_events.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
tlsClientCert: /config/certs/user.crt
tlsClientKey: /config/certs/user.key
tlsCaCert: /config/certs/ca.crt
tlsServerName: {{ (elasticsearch.forwarding.tls_server_name != "") | ternary(elasticsearch.forwarding.tls_server_name, elasticsearch.forwarding.host_url.rpartition("//")[-1].partition(":")[0]) }}
tlsServerName: {{ elastic_tls_server_name }}
tlsSecretName: {{ elasticsearch.forwarding.tls_secret_name }}
user: {{ elastic_user | default('elastic') }}
password: {{ elastic_pass | default('') }}
Expand Down

0 comments on commit 37ff9ed

Please sign in to comment.