From: Adam King Date: Thu, 8 Feb 2024 13:23:37 +0000 (-0500) Subject: mgr/cephadm: move ingress cert to cert store X-Git-Tag: testing/wip-pdonnell-testing-20240703.143006-debug~16^2~1 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=621f2e036c6bd4acb2f551fab94421d4e4788c97;p=ceph-ci.git mgr/cephadm: move ingress cert to cert store In an effort to try and organize our cert handling and provide cert management features in the future Signed-off-by: Adam King --- diff --git a/src/pybind/mgr/cephadm/inventory.py b/src/pybind/mgr/cephadm/inventory.py index 3a3e848c9c0..b86b6ff80b9 100644 --- a/src/pybind/mgr/cephadm/inventory.py +++ b/src/pybind/mgr/cephadm/inventory.py @@ -376,6 +376,20 @@ class SpecStore(): iscsi_spec.ssl_key, service_name=iscsi_spec.service_name(), user_made=True) + elif spec.service_type == 'ingress': + ingress_spec = cast(IngressSpec, spec) + if ingress_spec.ssl_cert: + self.mgr.cert_key_store.save_cert( + 'ingress_ssl_cert', + ingress_spec.ssl_cert, + service_name=ingress_spec.service_name(), + user_made=True) + if ingress_spec.ssl_key: + self.mgr.cert_key_store.save_key( + 'ingress_ssl_key', + ingress_spec.ssl_key, + service_name=ingress_spec.service_name(), + user_made=True) def rm(self, service_name: str) -> bool: if service_name not in self._specs: @@ -411,6 +425,9 @@ class SpecStore(): if spec.service_type == 'iscsi': self.mgr.cert_key_store.rm_cert('iscsi_ssl_cert', service_name=spec.service_name()) self.mgr.cert_key_store.rm_key('iscsi_ssl_key', service_name=spec.service_name()) + if spec.service_type == 'ingress': + self.mgr.cert_key_store.rm_cert('ingress_ssl_cert', service_name=spec.service_name()) + self.mgr.cert_key_store.rm_key('ingress_ssl_key', service_name=spec.service_name()) def get_created(self, spec: ServiceSpec) -> Optional[datetime.datetime]: return self.spec_created.get(spec.service_name())