From bbe67ebfbd99f71cae122fb06fde9aaa354c54c6 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Wed, 14 Jun 2017 23:26:28 +0000
Subject: [PATCH] Use a new key for staging SAML2 IdP

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/ipsilon/tasks/main.yml | 20 ++------------------
 1 file changed, 2 insertions(+), 18 deletions(-)

diff --git a/roles/ipsilon/tasks/main.yml b/roles/ipsilon/tasks/main.yml
index 5f1c7d4cb5..16ec7ae8e3 100644
--- a/roles/ipsilon/tasks/main.yml
+++ b/roles/ipsilon/tasks/main.yml
@@ -154,16 +154,14 @@
   - ipsilon
 
 - name: copy SAML2 private key
-  copy: src={{ private }}/files/saml2/production/keys/idp.key dest=/etc/ipsilon/saml2/idp.key
+  copy: src={{ private }}/files/saml2/{{ env }}/keys/idp.key dest=/etc/ipsilon/saml2/idp.key
         owner=ipsilon group=ipsilon mode=0600
-  when: env != "staging"
   tags:
   - ipsilon
 
 - name: copy SAML2 public key
-  copy: src={{ private }}/files/saml2/production/keys/idp.crt dest=/etc/ipsilon/saml2/idp.crt
+  copy: src={{ private }}/files/saml2/{{ env }}/keys/idp.crt dest=/etc/ipsilon/saml2/idp.crt
         owner=ipsilon group=ipsilon mode=0644
-  when: env != "staging"
   tags:
   - ipsilon
 
@@ -173,20 +171,6 @@
   tags:
   - ipsilon
 
-- name: copy SAML2 STG private key
-  copy: src={{ private }}/files/ipsilon/saml2.stg.key dest=/etc/ipsilon/saml2/certificate.stg.key
-        owner=ipsilon group=ipsilon mode=0600
-  when: env == "staging"
-  tags:
-  - ipsilon
-
-- name: copy SAML STG public key
-  copy: src=saml2.stg.pem dest=/etc/ipsilon/saml2/certificate.stg.pem
-        owner=ipsilon group=ipsilon mode=0644
-  when: env == "staging"
-  tags:
-  - ipsilon
-
 
 - name: set sebooleans so ipsilon can talk to the db
   seboolean: name=httpd_can_network_connect_db