+1 On Fri, Sep 6, 2019, 01:30 Kevin Fenzi <[email protected]> wrote:
> Without this check mode will fail if there's not an old signed copy of the > key around. > > Signed-off-by: Kevin Fenzi <[email protected]> > --- > roles/basessh/tasks/main.yml | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/roles/basessh/tasks/main.yml b/roles/basessh/tasks/main.yml > index 49a5aff..7183607 100644 > --- a/roles/basessh/tasks/main.yml > +++ b/roles/basessh/tasks/main.yml > @@ -202,6 +202,7 @@ > shell: "ssh-keygen -s {{private}}/files/ssh/{{env}}_ca_host_key -I > {{inventory_hostname}} -h -n {{ sign_hostnames|join(',') }} -V > {{sign_validity}} -z `date +%s` > {{pubkeydir}}/{{inventory_hostname}}{{item}}.pub" > delegate_to: localhost > with_items: "{{certs_to_sign}}" > + check_mode: no > tags: > - basessh > - sshd_cert > -- > 1.8.3.1 > _______________________________________________ > infrastructure mailing list -- [email protected] > To unsubscribe send an email to > [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/[email protected] >
_______________________________________________ infrastructure mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
