diff options
author | Federico Simoncelli <fsimonce@redhat.com> | 2016-11-03 15:48:33 +0100 |
---|---|---|
committer | Federico Simoncelli <fsimonce@redhat.com> | 2016-11-03 15:49:04 +0100 |
commit | a5ee83f0dcd7d71c6e2c9387b6ce0b7b1ffec68b (patch) | |
tree | 4565033628c01abd7c4b458f6f040ad15a4e31d0 /roles/openshift_manageiq | |
parent | c97858a6bc61251c02d2ca27172ebe87727b776a (diff) | |
download | openshift-a5ee83f0dcd7d71c6e2c9387b6ce0b7b1ffec68b.tar.gz openshift-a5ee83f0dcd7d71c6e2c9387b6ce0b7b1ffec68b.tar.bz2 openshift-a5ee83f0dcd7d71c6e2c9387b6ce0b7b1ffec68b.tar.xz openshift-a5ee83f0dcd7d71c6e2c9387b6ce0b7b1ffec68b.zip |
Add hawkular admin cluster role to management admin
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
Diffstat (limited to 'roles/openshift_manageiq')
-rw-r--r-- | roles/openshift_manageiq/tasks/main.yaml | 10 | ||||
-rw-r--r-- | roles/openshift_manageiq/vars/main.yml | 15 |
2 files changed, 25 insertions, 0 deletions
diff --git a/roles/openshift_manageiq/tasks/main.yaml b/roles/openshift_manageiq/tasks/main.yaml index bdaf64b3f..a7214482f 100644 --- a/roles/openshift_manageiq/tasks/main.yaml +++ b/roles/openshift_manageiq/tasks/main.yaml @@ -50,6 +50,16 @@ failed_when: "'already exists' not in osmiq_create_cluster_role.stderr and osmiq_create_cluster_role.rc != 0" changed_when: osmiq_create_cluster_role.rc == 0 +- name: Create Hawkular Metrics Admin Cluster Role + shell: > + echo {{ manageiq_metrics_admin_clusterrole | to_json | quote }} | + {{ openshift.common.client_binary }} + --config={{manage_iq_tmp_conf}} + create -f - + register: oshawkular_create_cluster_role + failed_when: "'already exists' not in oshawkular_create_cluster_role.stderr and oshawkular_create_cluster_role.rc != 0" + changed_when: oshawkular_create_cluster_role.rc == 0 + - name: Configure role/user permissions command: > {{ openshift.common.client_binary }} adm {{item}} diff --git a/roles/openshift_manageiq/vars/main.yml b/roles/openshift_manageiq/vars/main.yml index 6a0c5b41b..37d4679ef 100644 --- a/roles/openshift_manageiq/vars/main.yml +++ b/roles/openshift_manageiq/vars/main.yml @@ -9,6 +9,20 @@ manageiq_cluster_role: verbs: - '*' +manageiq_metrics_admin_clusterrole: + apiVersion: v1 + kind: ClusterRole + metadata: + name: hawkular-metrics-admin + rules: + - apiGroups: + - "" + resources: + - hawkular-metrics + - hawkular-alerts + verbs: + - '*' + manageiq_service_account: apiVersion: v1 kind: ServiceAccount @@ -31,6 +45,7 @@ manage_iq_tasks: - policy add-cluster-role-to-user system:image-puller system:serviceaccount:management-infra:inspector-admin - policy add-scc-to-user privileged system:serviceaccount:management-infra:inspector-admin - policy add-cluster-role-to-user self-provisioner system:serviceaccount:management-infra:management-admin + - policy add-cluster-role-to-user hawkular-metrics-admin system:serviceaccount:management-infra:management-admin manage_iq_openshift_3_2_tasks: - policy add-cluster-role-to-user system:image-auditor system:serviceaccount:management-infra:management-admin |