commit e8ae210ae655e53d50b30e2f8123e04c3a80bf93
author Zuul <zuul@review.vexxhost.dev> Fri Feb 28 18:21:41 2025 +0000
committer Gerrit Code Review <review@vexxhost.dev> Fri Feb 28 18:21:41 2025 +0000
tree b28b5b8bc086d42a5d3e91e60c62f6246f9061b9
parent f37f38dbca03c1c4ef40535c60e81490e94e018b
parent 5805268ca8fa598cbb5136866b9fe6d89dd221cc

Merge "Add support for <role>_ingress_class_name" into stable/2023.2

releasenotes/notes/add-glance-image-tempfile-path-6c1ec42dccba948a.yaml

diff --git a/releasenotes/notes/add-glance-image-tempfile-path-6c1ec42dccba948a.yaml b/releasenotes/notes/add-glance-image-tempfile-path-6c1ec42dccba948a.yaml
new file mode 100644
index 0000000..370e0cb
--- /dev/null
+++ b/releasenotes/notes/add-glance-image-tempfile-path-6c1ec42dccba948a.yaml
@@ -0,0 +1,4 @@
+---
+features:
+  - Add ``glance_image_tempfile_path`` variable to allow users for changing the
+    temporary path for downloading images before uploading them to Glance.

releasenotes/notes/allow-using-default-cert-b28067c8a1525e1f.yaml

diff --git a/releasenotes/notes/allow-using-default-cert-b28067c8a1525e1f.yaml b/releasenotes/notes/allow-using-default-cert-b28067c8a1525e1f.yaml
new file mode 100644
index 0000000..aac6ce0
--- /dev/null
+++ b/releasenotes/notes/allow-using-default-cert-b28067c8a1525e1f.yaml
@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    It's now possible to use the default TLS certificates configured within the
+    ingress by using the ``ingress_use_default_tls_certificate`` variable which
+    will omit the ``tls`` section from any ``Ingress`` resources managed by
+    Atmosphere.

roles/glance_image/defaults/main.yml

diff --git a/roles/glance_image/defaults/main.yml b/roles/glance_image/defaults/main.yml
index d906e1f..92541d0 100644
--- a/roles/glance_image/defaults/main.yml
+++ b/roles/glance_image/defaults/main.yml
@@ -12,6 +12,8 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
+# glance_image_tempfile_path:
+
 glance_image_http_proxy: "{{ http_proxy | default('') }}"
 glance_image_https_proxy: "{{ https_proxy | default('') }}"
 glance_image_no_proxy: "{{ no_proxy | default('') }}"

roles/glance_image/tasks/main.yml

diff --git a/roles/glance_image/tasks/main.yml b/roles/glance_image/tasks/main.yml
index 5f56e55..a237dc0 100644
--- a/roles/glance_image/tasks/main.yml
+++ b/roles/glance_image/tasks/main.yml
@@ -30,6 +30,7 @@
   block:
     - name: Generate temporary work directory
       ansible.builtin.tempfile:
+        path: "{{ glance_image_tempfile_path | default(omit) }}"
         state: directory
       register: _workdir
 
@@ -38,6 +39,7 @@
         url: "{{ glance_image_url }}"
         dest: "{{ _workdir.path }}/{{ glance_image_url | basename }}"
         mode: "0600"
+        tmp_dest: "{{ _workdir.path }}"
       register: _get_url
       retries: 3
       delay: "{{ 15 | random + 3 }}"

roles/ingress/defaults/main.yml

diff --git a/roles/ingress/defaults/main.yml b/roles/ingress/defaults/main.yml
index 05a2cc3..82ea1e0 100644
--- a/roles/ingress/defaults/main.yml
+++ b/roles/ingress/defaults/main.yml
@@ -38,3 +38,6 @@
 
 # List of annotations to apply to all Ingress resources as default
 ingress_default_annotations: "{{ ingress_global_annotations | default(atmosphere_ingress_annotations) }}"
+
+# Use default TLS certificate
+ingress_use_default_tls_certificate: false

roles/ingress/templates/ingress.yml.j2

diff --git a/roles/ingress/templates/ingress.yml.j2 b/roles/ingress/templates/ingress.yml.j2
index 04135bc..6da2788 100644
--- a/roles/ingress/templates/ingress.yml.j2
+++ b/roles/ingress/templates/ingress.yml.j2
@@ -21,7 +21,9 @@
                 name: {{ ingress_service_name }}

                 port:

                   number: {{ ingress_service_port }}

+{% if not ingress_use_default_tls_certificate %}

   tls:

     - secretName: {{ ingress_secret_name | default(ingress_service_name ~ '-certs') }}

       hosts:

         - {{ ingress_host }}

+{% endif %}