Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hetzner.hcloud.certificate reports no changes on differing certificate #588

Open
betelgeuse opened this issue Dec 7, 2024 · 2 comments
Open

hetzner.hcloud.certificate reports no changes on differing certificate #588

betelgeuse opened this issue Dec 7, 2024 · 2 comments

Comments

@betelgeuse
Copy link

SUMMARY

hetzner.hcloud.certificate reports no changes after changing the certificate parameter for type=uploaded

ISSUE TYPE
  • Bug Report
COMPONENT NAME

hetzner.hcloud.certificate

ANSIBLE VERSION
ansible [core 2.18.0]
  config file = /Users/betelgeuse/.ansible.cfg
  configured module search path = ['/Users/betelgeuse/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/betelgeuse/.local/pipx/venvs/ansible/lib/python3.13/site-packages/ansible
  ansible collection location = /Users/betelgeuse/.ansible/collections:/usr/share/ansible/collections
  executable location = /Users/betelgeuse/.local/bin/ansible
  python version = 3.13.0 (main, Oct  7 2024, 05:02:14) [Clang 16.0.0 (clang-1600.0.26.4)] (/Users/betelgeuse/.local/pipx/venvs/ansible/bin/python)
  jinja version = 3.1.4
  libyaml = True
COLLECTION VERSION
# /Users/betelgeuse/.ansible/collections/ansible_collections
Collection     Version
-------------- -------
hetzner.hcloud 4.2.2  

# /Users/betelgeuse/.local/pipx/venvs/ansible/lib/python3.13/site-packages/ansible_collections
Collection     Version
-------------- -------
hetzner.hcloud 4.2.1
CONFIGURATION
ANSIBLE_PIPELINING(/Users/betelgeuse/.ansible.cfg) = True
CALLBACKS_ENABLED(/Users/betelgeuse/.ansible.cfg) = ['timer', 'profile_tasks', 'profile_roles']
CONFIG_FILE() = /Users/betelgeuse/.ansible.cfg

GALAXY_SERVERS:
STEPS TO REPRODUCE
- name: Add Certificate to HCloud
  tags: certs
  hetzner.hcloud.hcloud_certificate:
    name: certificate
    type: uploaded
    state: present
    certificate: |
        NEW_CERTIFICATE_VALUE
    private_key: |
        NEW_PRIVATE_KEY_VALUE
EXPECTED RESULTS

Certificate gets updated to the new values.

ACTUAL RESULTS
ok: [load-balancer] => {
    "changed": false,
@betelgeuse
Copy link
Author

Looking at API docs the update needs to be done with the following sequence:

  1. Create a new certificate with a temporary name
  2. Update services to use the new certificate
  3. Delete the old certificate
  4. Rename the certificate from the temporary name to the actual name

I have not tried this in practice yet.

@betelgeuse
Copy link
Author

I have not tried this in practice yet.

Verified via UI that this was the workflow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@betelgeuse