From 7dadf93f4476955b51c372d2853741ac0b4dcfd5 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Sat, 27 Mar 2021 12:05:35 -0700 Subject: [PATCH] Deploy renewed openshift certs Signed-off-by: Kevin Fenzi --- inventory/group_vars/all | 8 ++++---- inventory/group_vars/staging | 8 ++++---- playbooks/include/proxies-certificates.yml | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/inventory/group_vars/all b/inventory/group_vars/all index 504f0d84e1..b2abe1f99b 100644 --- a/inventory/group_vars/all +++ b/inventory/group_vars/all @@ -255,10 +255,10 @@ wildcard_key_file: wildcard-2020.fedoraproject.org.key wildcard_int_file: wildcard-2020.fedoraproject.org.intermediate.cert # This is the openshift wildcard cert. Until it exists set it equal to wildcard -os_wildcard_cert_name: wildcard-2020.app.os.fedoraproject.org -os_wildcard_crt_file: wildcard-2020.app.os.fedoraproject.org.cert -os_wildcard_key_file: wildcard-2020.app.os.fedoraproject.org.key -os_wildcard_int_file: wildcard-2020.app.os.fedoraproject.org.intermediate.cert +os_wildcard_cert_name: wildcard-2021.app.os.fedoraproject.org +os_wildcard_crt_file: wildcard-2021.app.os.fedoraproject.org.cert +os_wildcard_key_file: wildcard-2021.app.os.fedoraproject.org.key +os_wildcard_int_file: wildcard-2021.app.os.fedoraproject.org.intermediate.cert # Everywhere, always, we should sign messages and validate signatures. # However, we allow individual hosts and groups to override this. Use this very diff --git a/inventory/group_vars/staging b/inventory/group_vars/staging index 4a414c6e34..a9d71a72ba 100644 --- a/inventory/group_vars/staging +++ b/inventory/group_vars/staging @@ -13,10 +13,10 @@ wildcard_key_file: wildcard-2020.stg.fedoraproject.org.key wildcard_int_file: wildcard-2020.stg.fedoraproject.org.intermediate.cert # This is the openshift wildcard cert for stg -os_wildcard_cert_name: wildcard-2020.app.os.stg.fedoraproject.org -os_wildcard_cert_file: wildcard-2020.app.os.stg.fedoraproject.org.cert -os_wildcard_key_file: wildcard-2020.app.os.stg.fedoraproject.org.key -os_wildcard_int_file: wildcard-2020.stg.fedoraproject.org.intermediate.cert +os_wildcard_cert_name: wildcard-2021.app.os.stg.fedoraproject.org +os_wildcard_cert_file: wildcard-2021.app.os.stg.fedoraproject.org.cert +os_wildcard_key_file: wildcard-2021.app.os.stg.fedoraproject.org.key +os_wildcard_int_file: wildcard-2021.app.os.stg.fedoraproject.org.intermediate.cert fedmsg_prefix: org.fedoraproject fedmsg_env: stg diff --git a/playbooks/include/proxies-certificates.yml b/playbooks/include/proxies-certificates.yml index 5042b90de6..e7fdfc65aa 100644 --- a/playbooks/include/proxies-certificates.yml +++ b/playbooks/include/proxies-certificates.yml @@ -29,15 +29,15 @@ when: env == "staging" - role: httpd/certificate - certname: wildcard-2020.app.os.stg.fedoraproject.org - SSLCertificateChainFile: wildcard-2020.app.os.stg.fedoraproject.org.intermediate.cert + certname: wildcard-2021.app.os.stg.fedoraproject.org + SSLCertificateChainFile: wildcard-2021.app.os.stg.fedoraproject.org.intermediate.cert when: env == "staging" tags: - app.os.fedoraproject.org - role: httpd/certificate - certname: wildcard-2020.app.os.fedoraproject.org - SSLCertificateChainFile: wildcard-2020.app.os.fedoraproject.org.intermediate.cert + certname: wildcard-2021.app.os.fedoraproject.org + SSLCertificateChainFile: wildcard-2021.app.os.fedoraproject.org.intermediate.cert tags: - app.os.fedoraproject.org