From 320d72f08fb27fb177264849c466678f241ab220 Mon Sep 17 00:00:00 2001 From: Ali Date: Mon, 12 Nov 2018 11:09:55 -0500 Subject: [PATCH] Updated documentation for the k8s module (#48474) --- .../utils/module_docs_fragments/k8s_auth_options.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/ansible/utils/module_docs_fragments/k8s_auth_options.py b/lib/ansible/utils/module_docs_fragments/k8s_auth_options.py index c41d816909..b24cbfaab9 100644 --- a/lib/ansible/utils/module_docs_fragments/k8s_auth_options.py +++ b/lib/ansible/utils/module_docs_fragments/k8s_auth_options.py @@ -56,8 +56,8 @@ options: variable. ssl_ca_cert: description: - - Path to a CA certificate used to authenticate with the API. Can also be specified via K8S_AUTH_SSL_CA_CERT - environment variable. + - Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to + avoid certificate validation errors. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable. verify_ssl: description: - "Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL @@ -68,4 +68,7 @@ notes: - "The OpenShift Python client wraps the K8s Python client, providing full access to all of the APIS and models available on both platforms. For API version details and additional information visit https://github.com/openshift/openshift-restclient-python" + - "To avoid SSL certificate validation errors when C(verify_ssl) is I(True), the full + certificate chain for the API server must be provided via C(ssl_ca_cert) or in the + kubeconfig file." '''