Add support for cert alt names for etcd (#2139)

* Add support for cert alt names for etcd * Update gen_certs_vault.yml
2026-03-04 09:58:20 +03:00 · 2018-01-09 14:37:34 +03:00
parent fd04c14260
commit 1401286910
3 changed files with 12 additions and 1 deletions
--- a/roles/etcd/tasks/gen_certs_vault.yml
+++ b/roles/etcd/tasks/gen_certs_vault.yml
@@ -13,7 +13,7 @@
 - include: ../../vault/tasks/shared/issue_cert.yml
  vars:
    issue_cert_common_name: "etcd:master:{{ item.rsplit('/', 1)[1].rsplit('.', 1)[0] }}"
-    issue_cert_alt_names: "{{ groups.etcd + ['localhost'] }}"
+    issue_cert_alt_names: "{{ groups['etcd'] + ['localhost'] + (etcd_cert_alt_names)|default() }}"
    issue_cert_copy_ca: "{{ item == etcd_master_certs_needed|first }}"
    issue_cert_file_group: "{{ etcd_cert_group }}"
    issue_cert_file_owner: kube