diff options
| author | enoodle <efreiber@redhat.com> | 2015-11-23 17:46:27 +0200 |
|---|---|---|
| committer | enoodle <efreiber@redhat.com> | 2015-12-04 15:23:58 +0200 |
| commit | 04ce758d35666c9f887a9bb1b44ccae1d20ee908 (patch) | |
| tree | c01a87e5c9970bc70a9dacc606cf887e94f5fb3e /roles/openshift_manageiq/tasks | |
| parent | e3071fd15f70214fe9f13b847f2cc5443716d955 (diff) | |
| download | openshift-04ce758d35666c9f887a9bb1b44ccae1d20ee908.tar.gz openshift-04ce758d35666c9f887a9bb1b44ccae1d20ee908.tar.bz2 openshift-04ce758d35666c9f887a9bb1b44ccae1d20ee908.tar.xz openshift-04ce758d35666c9f887a9bb1b44ccae1d20ee908.zip | |
ManageIQ Service Account: added role for ManageIQ service account
Signed-off-by: enoodle <efreiber@redhat.com>
Diffstat (limited to 'roles/openshift_manageiq/tasks')
| -rw-r--r-- | roles/openshift_manageiq/tasks/main.yaml | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/roles/openshift_manageiq/tasks/main.yaml b/roles/openshift_manageiq/tasks/main.yaml new file mode 100644 index 000000000..2d3187e21 --- /dev/null +++ b/roles/openshift_manageiq/tasks/main.yaml @@ -0,0 +1,50 @@ +--- +- name: Copy Configuration to temporary conf + command: > + cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{manage_iq_tmp_conf}} + changed_when: false + +- name: Add Managment Infrastructure project + command: > + {{ openshift.common.admin_binary }} new-project + management-infra + --description="Management Infrastructure" + --config={{manage_iq_tmp_conf}} + register: osmiq_create_mi_project + failed_when: "'already exists' not in osmiq_create_mi_project.stderr and osmiq_create_mi_project.rc != 0" + changed_when: osmiq_create_mi_project.rc == 0 + +- name: Create Service Account + shell: > + echo {{ manageiq_service_account | to_json | quote }} | + {{ openshift.common.client_binary }} create + -n management-infra + --config={{manage_iq_tmp_conf}} + -f - + register: osmiq_create_service_account + failed_when: "'already exists' not in osmiq_create_service_account.stderr and osmiq_create_service_account.rc != 0" + changed_when: osmiq_create_service_account.rc == 0 + +- name: Create Cluster Role + shell: > + echo {{ manageiq_cluster_role | to_json | quote }} | + {{ openshift.common.client_binary }} create + --config={{manage_iq_tmp_conf}} + -f - + register: osmiq_create_cluster_role + failed_when: "'already exists' not in osmiq_create_cluster_role.stderr and osmiq_create_cluster_role.rc != 0" + changed_when: osmiq_create_cluster_role.rc == 0 + +- name: Configure role/user permissions + command: > + {{ openshift.common.admin_binary }} {{item}} + --config={{manage_iq_tmp_conf}} + with_items: "{{manage_iq_tasks}}" + register: osmiq_perm_task + failed_when: "'already exists' not in osmiq_perm_task.stderr and osmiq_perm_task.rc != 0" + changed_when: osmiq_perm_task.rc == 0 + +- name: Clean temporary configuration file + command: > + rm -f {{manage_iq_tmp_conf}} + changed_when: false |