add migration code for receptor ca secret

Signed-off-by: Hao Liu <haoli@redhat.com>

roles/installer/tasks/resources_configuration.yml

@@ -35,6 +35,50 @@
   register: _receptor_ca
   no_log: "{{ no_log }}"
 
+- name: Migrate Receptor CA Secret
+  when:
+    - _receptor_ca['resources'] | default([]) | length
+    - _receptor_ca['resources'][0]['type'] != "kubernetes.io/tls"
+  block:
+    - name: Delete old Receptor CA Secret
+      k8s:
+        state: absent
+        kind: Secret
+        namespace: '{{ ansible_operator_meta.namespace }}'
+        name: '{{ ansible_operator_meta.name }}-receptor-ca'
+    - name: Create tempfile for receptor-ca.key
+      tempfile:
+        state: file
+        suffix: .key
+      register: _receptor_ca_key_file
+    - name: Copy Receptor CA key from old secret to tempfile
+      copy:
+        content: "{{ _receptor_ca['resources'][0]['data']['receptor-ca.key'] | b64decode }}"
+        dest: "{{ _receptor_ca_key_file.path }}"
+      no_log: "{{ no_log }}"
+    - name: Create tempfile for receptor-ca.crt
+      tempfile:
+        state: file
+        suffix: .crt
+      register: _receptor_ca_crt_file
+    - name: Copy Receptor CA cert from old secret to tempfile
+      copy:
+        content: "{{ _receptor_ca['resources'][0]['data']['receptor-ca.crt'] | b64decode }}"
+        dest: "{{ _receptor_ca_crt_file.path }}"
+      no_log: "{{ no_log }}"
+    - name: Create New Receptor CA secret
+      k8s:
+        apply: true
+        definition: "{{ lookup('template', 'secrets/receptor_ca_secret.yaml.j2') }}"
+      no_log: "{{ no_log }}"
+    - name: Remove tempfiles
+      file:
+        path: "{{ item }}"
+        state: absent
+      loop:
+        - "{{ _receptor_ca_key_file.path }}"
+        - "{{ _receptor_ca_crt_file.path }}"
+
 - name: Create Receptor Mesh CA
   block:
     - name: Create tempfile for receptor-ca.key