Size: a a a
YZ
x509.pem_managed:
- name: /etc/kubernetes/pki/sa.crt
- text: {{ salt['x509.get_public_key']('/etc/kubernetes/pki/sa.key') }}
- mode: 644
YZ
YZ
deploy_root_ca_from_mine:
x509.pem_managed:
- name: "{{ salt_pki.ca_certs.dir }}/salt_root_ca.crt"
- text: {{ salt['mine.get'](salt_pki.root_ca.ca_server, 'pki_root_ca')[salt_pki.root_ca.ca_server]|replace('\n', '') }}
- watch_in:
- cmd: rebuild_ca_certsR
root_ca_cert_publish:
module.run:
# Workaround for deprecated `module.run` syntax, subject to change in Salt 3005
{%- if 'module.run' in salt['config.get']('use_superseded', [])
or grains['saltversioninfo'] >= [3005] %}
### new style ###
- mine.send:
{%- if grains['saltversioninfo'] < [3000] %}
- func: pki_root_ca
{%- else %}
- name: pki_root_ca
{%- endif %}
- mine_function: x509.get_pem_entry
- text: "{{ root_ca_cert }}"
- onchanges:
- x509: root_ca_cert
{%- else %}
### legacy style ###
- name: mine.send
{%- if grains['saltversioninfo'] < [3000] %}
- func: pki_root_ca
{%- else %}
- m_name: pki_root_ca
{%- endif %}
- kwargs:
mine_function: x509.get_pem_entry
text: "{{ root_ca_cert }}"
- onchanges:
- x509: root_ca_cert
{%- endif %}YZ
KP
R
KP
R
KP
KP
KP
R