diff options
| author | Kenny Woodson <kwoodson@redhat.com> | 2017-04-10 16:06:21 -0400 |
|---|---|---|
| committer | Kenny Woodson <kwoodson@redhat.com> | 2017-04-19 15:05:33 -0400 |
| commit | 6473004b66fc3ae3b185e38b0d167307a6497d1a (patch) | |
| tree | 538fdc11eed9efc05cac274baea89608087c4880 /roles/openshift_manageiq/vars | |
| parent | 14dbd7c24df84a0b13a79ce1901de221548442f5 (diff) | |
| download | openshift-6473004b66fc3ae3b185e38b0d167307a6497d1a.tar.gz openshift-6473004b66fc3ae3b185e38b0d167307a6497d1a.tar.bz2 openshift-6473004b66fc3ae3b185e38b0d167307a6497d1a.tar.xz openshift-6473004b66fc3ae3b185e38b0d167307a6497d1a.zip | |
Adding module calls instead of command for idempotency.
Diffstat (limited to 'roles/openshift_manageiq/vars')
| -rw-r--r-- | roles/openshift_manageiq/vars/main.yml | 64 |
1 files changed, 27 insertions, 37 deletions
diff --git a/roles/openshift_manageiq/vars/main.yml b/roles/openshift_manageiq/vars/main.yml index 9936bb126..15d667628 100644 --- a/roles/openshift_manageiq/vars/main.yml +++ b/roles/openshift_manageiq/vars/main.yml @@ -1,41 +1,31 @@ --- -openshift_master_config_dir: "{{ openshift.common.config_base }}/master" -manageiq_cluster_role: - apiVersion: v1 - kind: ClusterRole - metadata: - name: management-infra-admin - rules: - - resources: - - pods/proxy - verbs: - - '*' - -manageiq_metrics_admin_clusterrole: - apiVersion: v1 - kind: ClusterRole - metadata: - name: hawkular-metrics-admin - rules: - - apiGroups: - - "" - resources: - - hawkular-metrics - - hawkular-alerts - verbs: - - '*' - -manage_iq_tmp_conf: /tmp/manageiq_admin.kubeconfig - manage_iq_tasks: -- policy add-role-to-user -n management-infra admin -z management-admin -- policy add-role-to-user -n management-infra management-infra-admin -z management-admin -- policy add-cluster-role-to-user cluster-reader system:serviceaccount:management-infra:management-admin -- policy add-scc-to-user privileged system:serviceaccount:management-infra:management-admin -- policy add-cluster-role-to-user system:image-puller system:serviceaccount:management-infra:inspector-admin -- policy add-scc-to-user privileged system:serviceaccount:management-infra:inspector-admin -- policy add-cluster-role-to-user self-provisioner system:serviceaccount:management-infra:management-admin -- policy add-cluster-role-to-user hawkular-metrics-admin system:serviceaccount:management-infra:management-admin +- resource_kind: role + resource_name: admin + user: management-admin +- resource_kind: role + resource_name: management-infra-admin + user: management-admin +- resource_kind: cluster-role + resource_name: cluster-reader + user: system:serviceaccount:management-infra:management-admin +- resource_kind: scc + resource_name: privileged + user: system:serviceaccount:management-infra:management-admin +- resource_kind: cluster-role + resource_name: system:image-puller + user: system:serviceaccount:management-infra:inspector-admin +- resource_kind: scc + resource_name: privileged + user: system:serviceaccount:management-infra:inspector-admin +- resource_kind: cluster-role + resource_name: self-provisioner + user: system:serviceaccount:management-infra:management-admin +- resource_kind: cluster-role + resource_name: hawkular-metrics-admin + user: system:serviceaccount:management-infra:management-admin manage_iq_openshift_3_2_tasks: -- policy add-cluster-role-to-user system:image-auditor system:serviceaccount:management-infra:management-admin +- resource_kind: cluster-role + resource_name: system:image-auditor + user: system:serviceaccount:management-infra:management-admin |