Hey Adrien,
There are basically 2 ways of achieving your goal.
You will be able to understand them by looking here: https://opendev.org/openstack/ansible-role-pki/src/commit/9108a8953f9d216d4e65d86e794a33805d08c966/vars/main.yml#L26
1. Combination of openstack_host_ca_certificates + `condition` in user_variables.yml. Example:
openstack_host_ca_certificates: - src: /etc/openstack_deploy/pki/roots/custom-ca.crt name: custom-ca condition: "{{ inventory_hostname in groups['keystone_all'] }}"
2. (Available since Yoga) Using `pki_search_install_ca_pattern` to parse all ansible variables and find suitable ones. It's similar to the above method but allows you to spread CA certificate list over multiple variables. Example:
pki_install_ca_keystone: - src: /etc/openstack_deploy/pki/roots/custom-ca.crt name: custom-ca condition: "{{ inventory_hostname in groups['keystone_all'] }}"
Hey Adrien,
There are basically 2 ways of achieving your goal.
You will be able to understand them by looking here: https:/ /opendev. org/openstack/ ansible- role-pki/ src/commit/ 9108a8953f9d216 d4e65d86e794a33 805d08c966/ vars/main. yml#L26
1. Combination of openstack_ host_ca_ certificates + `condition` in user_variables.yml. Example:
openstack_ host_ca_ certificates: deploy/ pki/roots/ custom- ca.crt 'keystone_ all'] }}"
- src: /etc/openstack_
name: custom-ca
condition: "{{ inventory_hostname in groups[
2. (Available since Yoga) Using `pki_search_ install_ ca_pattern` to parse all ansible variables and find suitable ones. It's similar to the above method but allows you to spread CA certificate list over multiple variables. Example:
pki_install_ ca_keystone: deploy/ pki/roots/ custom- ca.crt 'keystone_ all'] }}"
- src: /etc/openstack_
name: custom-ca
condition: "{{ inventory_hostname in groups[