From ceedc135b2a24983823f80b0d74dff96811d6be8 Mon Sep 17 00:00:00 2001
From: chris meyers <chris.meyers.fsu@gmail.com>
Date: Tue, 15 May 2018 14:33:08 -0400
Subject: [PATCH] add variables to inventory mentioned in docs

* Also better error message when openshift cert failure
---
 installer/inventory                            |  2 ++
 installer/roles/kubernetes/tasks/openshift.yml | 15 +++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/installer/inventory b/installer/inventory
index 44b20ccc71..c9e8ce612d 100644
--- a/installer/inventory
+++ b/installer/inventory
@@ -14,6 +14,8 @@ dockerhub_version=latest
 # openshift_host=127.0.0.1:8443
 # openshift_project=awx
 # openshift_user=developer
+# openshift_skip_tls_verify=False
+# openshift_pg_emptydir=True
 
 # Kubernetes Install
 # kubernetes_context=test-cluster
diff --git a/installer/roles/kubernetes/tasks/openshift.yml b/installer/roles/kubernetes/tasks/openshift.yml
index 6a93ca9b2c..f22c905182 100644
--- a/installer/roles/kubernetes/tasks/openshift.yml
+++ b/installer/roles/kubernetes/tasks/openshift.yml
@@ -23,8 +23,23 @@
     - openshift_user is defined
     - openshift_password is defined
     - openshift_token is not defined
+  register: openshift_auth_result
+  ignore_errors: true
   no_log: true
 
+- name: OpenShift authentication failed on TLS verification
+  fail:
+    msg: "Failed to verify TLS, consider settings openshift_skip_tls_verify=True {{ openshift_auth_result.stderr }}"
+  when:
+    - openshift_skip_tls_verify is not defined or not openshift_skip_tls_verify
+    - openshift_auth_result.rc != 0
+    - openshift_auth_result.stderr | search("certificate that does not match its hostname")
+
+- name: OpenShift authentication failed
+  fail:
+    msg: "{{ openshift_auth_result.stderr }}"
+  when: openshift_auth_result.rc != 0
+
 - name: Authenticate with OpenShift via token
   shell: |
     {{ openshift_oc_bin }} login {{ openshift_host }} \