reviews updates

roles/tas_single_node/README.md

@@ -30,7 +30,7 @@ Deploy the [RHTAS](https://docs.redhat.com/en/documentation/red_hat_trusted_arti
 | tas_single_node_tsa_tink_hcvault_token | The authentication token for Hashicorp Vault API calls. | str |  |
 | tas_single_node_skip_os_install | Whether or not to skip the installation of the required operating system packages. Only use this option when all packages are already installed at the versions released for RHEL 9.2 or later. | bool |  `False`  |
 | tas_single_node_meta_issuers | The list of OIDC meta issuers allowed to authenticate Fulcio certificate requests. | list of dicts of 'tas_single_node_meta_issuers' options |  `[]`  |
-| tas_single_node_trillian_trusted_ca | Trillian Trusted CA certificate | str |  |
+| tas_single_node_trillian_trusted_ca | Trusted CA certificate for Trillian, enabling secure TLS connections between the Trillian Logserver/Logsigner and the Trillian database. This CA certificate validates the authenticity of the Trillian database, ensuring encrypted and trusted data exchanges. | str |  |
 | tas_single_node_fulcio_server_image | Fulcio image | str |  `registry.redhat.io/rhtas/fulcio-rhel9@sha256:67495de82e2fcd2ab4ad0e53442884c392da1aa3f5dd56d9488a1ed5df97f513`  |
 | tas_single_node_trillian_log_server_image | Trillian log server image | str |  `registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:994a860e569f2200211b01f9919de11d14b86c669230184c4997f3d875c79208`  |
 | tas_single_node_logsigner_image | Trillian logsigner image | str |  `registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:37028258a88bba4dfaadb59fc88b6efe9c119a808e212ad5214d65072abb29d0`  |

roles/tas_single_node/tasks/podman/trillian.yml

@@ -28,7 +28,7 @@
       kind: ConfigMap
       apiVersion: v1
       metadata:
-        name: trillian_trusted_ca
+        name: {{ tas_single_node_trillian_trusted_ca_configmap_name }}
         namespace: trillian-system
       data:
         trillian-trusted-ca.pem: |

roles/tas_single_node/templates/manifests/trillian/trillian-logserver.j2

@@ -25,7 +25,7 @@ spec:
       volumes:
         - name: ca-trust
           configMap:
-            name: trillian_trusted_ca
+            name: {{ tas_single_node_trillian_trusted_ca_configmap_name }}
 {% endif %}
       containers:
         - name: trillian-trillian-logserver

roles/tas_single_node/templates/manifests/trillian/trillian-logsigner.j2

@@ -36,7 +36,7 @@ spec:
       volumes:
         - name: ca-trust
           configMap:
-            name: trillian_trusted_ca
+            name: {{ tas_single_node_trillian_trusted_ca_configmap_name }}
 {% endif %}
       containers:
         - name: trillian-trillian-logsigner

roles/tas_single_node/vars/main.yml

@@ -91,3 +91,6 @@ tas_single_node_remote_tsa_signer_private_key: "{{ tas_single_node_certs_dir }}/
 tas_single_node_remote_tsa_leaf_certificate: "{{ tas_single_node_certs_dir }}/{{ tas_single_node_tsa_leaf_certificate_filename }}"
 tas_single_node_remote_tsa_certificate_chain: "{{ tas_single_node_certs_dir }}/{{ tas_single_node_tsa_certificate_chain_filename }}"
 tas_single_node_remote_tsa_private_key: "{{ tas_single_node_certs_dir }}/{{ tas_single_node_tsa_private_key_filename }}"
+
+# Secrets,Certs and Configuration names
+tas_single_node_trillian_trusted_ca_configmap_name: "trillian_trusted_ca"

vm-testing/README.md

@@ -45,7 +45,6 @@ tas_single_node_registry_username: "TODO-username"
 tas_single_node_registry_password: "TODO-password"
 tas_single_node_oidc_issuers: "TODO-issuer-url"
 tas_single_node_issuer_url: "TODO-issuer-url"
-
 ```
 
 ### Provisioning the VM and running Ansible