ansible-scylla-node: Move the ssl crts generation to before scylla.yaml

This is necessary since the scylla.yaml.j2 file uses variables '_localhost_cert_path', '_localhost_cert_key_path' and '_truststore_exists', which are defined only in the ssl task.
scylladb · Dec 6, 2024 · 0a06a71 · 0a06a71
1 parent d78962c
commit 0a06a71
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/ansible-scylla-node/tasks/common.yml b/ansible-scylla-node/tasks/common.yml
@@ -224,6 +224,13 @@
   when: (scylla_package_prefix + '-node-exporter') in ansible_facts.packages
   become: true
 
+- name: enable ssl options
+  include_tasks: ssl.yml
+  when:
+    - scylla_ssl is defined
+    - (scylla_ssl.internode.enabled|bool) or
+      (scylla_ssl.client.enabled|bool)
+
 - name: configure scylla.yaml
   template:
     src: templates/scylla.yaml.j2
@@ -300,13 +307,6 @@
   become: true
   loop: "{{ lookup('dict', scylla_yaml_params) }}"
 
-- name: enable ssl options
-  include_tasks: ssl.yml
-  when:
-    - scylla_ssl is defined
-    - (scylla_ssl.internode.enabled|bool) or
-      (scylla_ssl.client.enabled|bool)
-
 - name: Copy system keys
   include_tasks: handle_encryption_at_rest_keys.yml
   vars: