roles: kubernetes: secrets: Add SUSE support

Add path for certificate location for SUSE distributions. Also make sure the 'update-ca-certificates' command is executed on SUSE hosts as well.
6 years ago · d07f75b389
1 changed files with 4 additions and 2 deletions
--- a/roles/kubernetes/secrets/tasks/upd_ca_trust.yml
+++ b/roles/kubernetes/secrets/tasks/upd_ca_trust.yml
@ -8,6 +8,8 @@
      /etc/pki/ca-trust/source/anchors/kube-ca.crt
      {%- elif ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] -%}
      /etc/ssl/certs/kube-ca.pem
+      {%- elif ansible_os_family == "Suse" -%}
+      /etc/pki/trust/anchors/kube-ca.pem
      {%- endif %}
  tags:
    - facts
@ -19,9 +21,9 @@
    remote_src: true
  register: kube_ca_cert

- name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS)
+- name: Gen_certs | update ca-certificates (Debian/Ubuntu/SUSE/Container Linux by CoreOS)
  command: update-ca-certificates
-  when: kube_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS"]
+  when: kube_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS", "Suse"]

 - name: Gen_certs | update ca-certificates (RedHat)
  command: update-ca-trust extract