From: Adam King Date: Thu, 8 Feb 2024 13:23:37 +0000 (-0500) Subject: mgr/cephadm: move ingress cert to cert store X-Git-Tag: v19.1.1~104^2~9 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=88ebbd493907e171e89705faf1a851413d214d91;p=ceph.git mgr/cephadm: move ingress cert to cert store In an effort to try and organize our cert handling and provide cert management features in the future Signed-off-by: Adam King (cherry picked from commit 621f2e036c6bd4acb2f551fab94421d4e4788c97) --- diff --git a/src/pybind/mgr/cephadm/inventory.py b/src/pybind/mgr/cephadm/inventory.py index a45ce13a5382..f7d33d6d1ae6 100644 --- a/src/pybind/mgr/cephadm/inventory.py +++ b/src/pybind/mgr/cephadm/inventory.py @@ -376,6 +376,20 @@ class SpecStore(): iscsi_spec.ssl_key, service_name=iscsi_spec.service_name(), user_made=True) + elif spec.service_type == 'ingress': + ingress_spec = cast(IngressSpec, spec) + if ingress_spec.ssl_cert: + self.mgr.cert_key_store.save_cert( + 'ingress_ssl_cert', + ingress_spec.ssl_cert, + service_name=ingress_spec.service_name(), + user_made=True) + if ingress_spec.ssl_key: + self.mgr.cert_key_store.save_key( + 'ingress_ssl_key', + ingress_spec.ssl_key, + service_name=ingress_spec.service_name(), + user_made=True) def rm(self, service_name: str) -> bool: if service_name not in self._specs: @@ -411,6 +425,9 @@ class SpecStore(): if spec.service_type == 'iscsi': self.mgr.cert_key_store.rm_cert('iscsi_ssl_cert', service_name=spec.service_name()) self.mgr.cert_key_store.rm_key('iscsi_ssl_key', service_name=spec.service_name()) + if spec.service_type == 'ingress': + self.mgr.cert_key_store.rm_cert('ingress_ssl_cert', service_name=spec.service_name()) + self.mgr.cert_key_store.rm_key('ingress_ssl_key', service_name=spec.service_name()) def get_created(self, spec: ServiceSpec) -> Optional[datetime.datetime]: return self.spec_created.get(spec.service_name())