From 73800ef111e831074ec81449ccdfa157f138aded Mon Sep 17 00:00:00 2001
From: "Christopher J. Ruwe" <cjr@cruwe.de>
Date: Tue, 15 May 2018 07:54:32 +0000
Subject: [PATCH] make certificates non-executable

---
 roles/kubernetes/master/tasks/kubeadm-setup.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/kubernetes/master/tasks/kubeadm-setup.yml b/roles/kubernetes/master/tasks/kubeadm-setup.yml
index 3fcd04715..b841d8357 100644
--- a/roles/kubernetes/master/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-setup.yml
@@ -128,7 +128,7 @@
     content: "{{ item.content | b64decode }}"
     owner: root
     group: root
-    mode: 0700
+    mode: 0600
   no_log: true
   register: copy_kubeadm_certs
   with_items: "{{ kubeadm_certs.results }}"
-- 
GitLab