[stable/zed] Fix CA mount (#1312)
This is an automated cherry-pick of #1303
/assign mnaser
diff --git a/roles/defaults/defaults/main.yml b/roles/defaults/defaults/main.yml
index 58b1173..f1ccfae 100644
--- a/roles/defaults/defaults/main.yml
+++ b/roles/defaults/defaults/main.yml
@@ -25,4 +25,4 @@
atmosphere_image_overrides: {}
defaults_ca_certificates_path: >-
- {{ '/etc/ssl/certs/ca-certificates.crt' if ansible_facts['os_family'] in ['Debian'] else '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt' }}"
+ {{ '/etc/ssl/certs/ca-certificates.crt' if ansible_facts['os_family'] in ['Debian'] else '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt' }}
diff --git a/roles/keystone/vars/main.yml b/roles/keystone/vars/main.yml
index 1b67f80..a051576 100644
--- a/roles/keystone/vars/main.yml
+++ b/roles/keystone/vars/main.yml
@@ -22,12 +22,12 @@
mounts:
keystone_api:
keystone_api:
- volumeMounts: "{{ keystone_domains | vexxhost.atmosphere.keystone_domains_to_mounts + [{'name': 'etc-ssl-certs', 'mountPath': '/etc/ssl/certs', 'readOnly': true}] }}"
+ volumeMounts: "{{ keystone_domains | vexxhost.atmosphere.keystone_domains_to_mounts + [{'name': 'ca-certificates', 'mountPath': '/etc/ssl/certs/ca-certificates.crt', 'readOnly': true}] }}"
volumes:
- name: keystone-openid-metadata
configMap:
name: keystone-openid-metadata
- - name: etc-ssl-certs
+ - name: ca-certificates
hostPath:
path: "{{ defaults_ca_certificates_path }}"
conf:
diff --git a/roles/magnum/vars/main.yml b/roles/magnum/vars/main.yml
index 358d145..4e0f76e 100644
--- a/roles/magnum/vars/main.yml
+++ b/roles/magnum/vars/main.yml
@@ -80,11 +80,11 @@
magnum_conductor:
magnum_conductor:
volumeMounts:
- - name: etc-ssl-certs
- mountPath: /etc/ssl/certs
+ - name: ca-certificates
+ mountPath: /etc/ssl/certs/ca-certificates.crt
readOnly: true
volumes:
- - name: etc-ssl-certs
+ - name: ca-certificates
hostPath:
path: "{{ defaults_ca_certificates_path }}"
manifests: