diff options
author | elijah <elijah@riseup.net> | 2016-02-09 10:42:52 -0800 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2016-02-09 10:42:52 -0800 |
commit | 81ab07d79a56c6b44d2ca16fb51af2a0e8d09098 (patch) | |
tree | b30aa189862dc8943c099f5654195968073ccf4c | |
parent | 461c682cccef760248d6c24d93c6ae47dd14fd22 (diff) |
ensure that expired certs are updated *before* hiera compile.
-rw-r--r-- | lib/leap_cli/commands/compile.rb | 3 | ||||
-rw-r--r-- | lib/leap_cli/commands/deploy.rb | 3 |
2 files changed, 3 insertions, 3 deletions
diff --git a/lib/leap_cli/commands/compile.rb b/lib/leap_cli/commands/compile.rb index c388e5c3..44b97d4a 100644 --- a/lib/leap_cli/commands/compile.rb +++ b/lib/leap_cli/commands/compile.rb @@ -62,7 +62,8 @@ module LeapCli # but this should not be done if we are not examining all possible nodes. # def compile_hiera_files(nodes, clean_export) - update_compiled_ssh_configs # must come first + update_certificates(nodes) # \ must come first so that output will + update_compiled_ssh_configs # / get included in compiled hiera files. sanity_check(nodes) manager.export_nodes(nodes) manager.export_secrets(clean_export) diff --git a/lib/leap_cli/commands/deploy.rb b/lib/leap_cli/commands/deploy.rb index c2a70afa..29c3faf5 100644 --- a/lib/leap_cli/commands/deploy.rb +++ b/lib/leap_cli/commands/deploy.rb @@ -49,11 +49,10 @@ module LeapCli environments.each do |env| check_platform_pinning(env, global) end + # compile hiera files for all the nodes in every environment that is # being deployed and only those environments. compile_hiera_files(manager.filter(environments), false) - # update server certificates if needed - update_certificates(nodes) ssh_connect(nodes, connect_options(options)) do |ssh| ssh.leap.log :checking, 'node' do |