CentOS: Only install Federation IDP/SP Packages when necessary
In https://review.openstack.org/309425 adjustments were made which resulted in keystone_idp and keystone_sp to always be defined. Unfortunately the CentOS support for os_keystone merged after that and reviews did not pick up the necessary changes. This patch corrects it so that the repo and packages are only installed if necessary. Additionally, the Federation SP callback template was being unnecessarily copied over. It will now only copy over when it will be used. Change-Id: I466f1391893d33be7c83caba70ec93e44dd1d482
This commit is contained in:
@@ -104,7 +104,7 @@
|
||||
delay: 2
|
||||
with_items: "{{ keystone_idp_distro_packages }}"
|
||||
when:
|
||||
- keystone_idp is defined
|
||||
- keystone_idp != {}
|
||||
|
||||
#TODO(cloudnull) Remove this task once we move to Ansible 2.1
|
||||
# where we can leverage the `yum_repository` module:
|
||||
@@ -127,7 +127,7 @@
|
||||
with_items:
|
||||
- "{{ keystone_shibboleth_repo }}"
|
||||
when:
|
||||
- keystone_sp is defined
|
||||
- keystone_sp != {}
|
||||
|
||||
- name: Install SP yum packages
|
||||
yum:
|
||||
@@ -139,7 +139,7 @@
|
||||
delay: 2
|
||||
with_items: "{{ keystone_sp_distro_packages }}"
|
||||
when:
|
||||
- keystone_sp is defined
|
||||
- keystone_sp != {}
|
||||
|
||||
- name: Install developer mode yum packages
|
||||
yum:
|
||||
|
@@ -39,14 +39,25 @@
|
||||
- Restart Keystone APIs
|
||||
- Restart service
|
||||
|
||||
- name: Drop Keystone Configs
|
||||
- name: Copy Keystone Federation SP SSO callback template
|
||||
copy:
|
||||
src: "sso_callback_template.html"
|
||||
dest: "/etc/keystone/sso_callback_template.html"
|
||||
owner: "{{ keystone_system_user_name }}"
|
||||
group: "{{ keystone_system_group_name }}"
|
||||
mode: "0644"
|
||||
when:
|
||||
- keystone_idp != {}
|
||||
notify:
|
||||
- Restart Keystone APIs
|
||||
- Restart service
|
||||
|
||||
- name: Clean up Keystone Federation SP SSO callback template
|
||||
file:
|
||||
path: "/etc/keystone/sso_callback_template.html"
|
||||
state: absent
|
||||
when:
|
||||
- keystone_idp == {}
|
||||
notify:
|
||||
- Restart Keystone APIs
|
||||
- Restart service
|
||||
|
@@ -110,7 +110,7 @@ provider = {{ keystone_token_provider }}
|
||||
driver = {{ keystone_token_driver }}
|
||||
{% endif %}
|
||||
|
||||
{% if keystone_idp is defined and keystone_idp != {} %}
|
||||
{% if keystone_idp != {} %}
|
||||
[saml]
|
||||
certfile = "{{ keystone_idp.certfile }}"
|
||||
keyfile = "{{ keystone_idp.keyfile }}"
|
||||
|
Reference in New Issue
Block a user