From a31baf3c16f52c6d7ef8589bf496abced5469505 Mon Sep 17 00:00:00 2001
From: Id2ndR <Id2ndR@users.noreply.github.com>
Date: Mon, 21 Jun 2021 14:38:50 +0200
Subject: [PATCH] Fix deployment without openstack cacert (#7723)

* fix group name

* fix external-openstack-cloud-config secret

* don't add ca.cert in the secret if not defined
---
 .../external_cloud_controller/openstack/tasks/main.yml      | 2 +-
 .../templates/external-openstack-cloud-config-secret.yml.j2 | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml b/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml
index 7934fc1cf..ac3810c7c 100644
--- a/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml
@@ -7,7 +7,7 @@
     src: "{{ external_openstack_cacert }}"
   register: external_openstack_cacert_b64
   when:
-    - inventory_hostname == groups['k8s_control_plane'][0]
+    - inventory_hostname == groups['kube_control_plane'][0]
     - external_openstack_cacert is defined
     - external_openstack_cacert | length > 0
   tags: external-openstack
diff --git a/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-config-secret.yml.j2 b/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-config-secret.yml.j2
index 06f82234f..2a6f6a8e3 100644
--- a/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-config-secret.yml.j2
+++ b/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-config-secret.yml.j2
@@ -7,5 +7,7 @@ metadata:
   name: external-openstack-cloud-config
   namespace: kube-system
 data:
-  cloud.conf: {{ external_openstack_cloud_config_secret.content }}
-  ca.cert: {{ external_openstack_cacert_b64.content | default("") }}
+  cloud.conf: {{ external_openstack_cloud_config_secret }}
+{% if external_openstack_cacert_b64.content is defined %}
+  ca.cert: {{ external_openstack_cacert_b64.content }}
+{% endif %}
-- 
GitLab