diff options
| author | Tim Bielawa <tbielawa@redhat.com> | 2017-02-10 08:00:16 -0800 |
|---|---|---|
| committer | Tim Bielawa <tbielawa@redhat.com> | 2017-02-14 09:16:29 -0800 |
| commit | beecf009010a2ffa45598c6a04933f5644f3f629 (patch) | |
| tree | 83bd8876fffdb64194eec25660abb9a6a861ba2a /roles/openshift_manageiq | |
| parent | 950f5ba4e4f7b849eb6bc75bcd86ab9bd29a9dc8 (diff) | |
| download | openshift-beecf009010a2ffa45598c6a04933f5644f3f629.tar.gz openshift-beecf009010a2ffa45598c6a04933f5644f3f629.tar.bz2 openshift-beecf009010a2ffa45598c6a04933f5644f3f629.tar.xz openshift-beecf009010a2ffa45598c6a04933f5644f3f629.zip | |
Trying to fix up/audit note some changes
Diffstat (limited to 'roles/openshift_manageiq')
| -rw-r--r-- | roles/openshift_manageiq/tasks/main.yaml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/roles/openshift_manageiq/tasks/main.yaml b/roles/openshift_manageiq/tasks/main.yaml index e58947fd2..f202486a5 100644 --- a/roles/openshift_manageiq/tasks/main.yaml +++ b/roles/openshift_manageiq/tasks/main.yaml @@ -47,6 +47,9 @@ register: oshawkular_create_cluster_role failed_when: "'already exists' not in oshawkular_create_cluster_role.stderr and oshawkular_create_cluster_role.rc != 0" changed_when: oshawkular_create_cluster_role.rc == 0 + # AUDIT:changed_when_note: Checking the return code is insufficient + # here. We really need to verify the if the role even exists before + # we run this task. - name: Configure role/user permissions command: > @@ -56,6 +59,10 @@ register: osmiq_perm_task failed_when: "'already exists' not in osmiq_perm_task.stderr and osmiq_perm_task.rc != 0" changed_when: osmiq_perm_task.rc == 0 + # AUDIT:changed_when_note: Checking the return code is insufficient + # here. We really need to compare the current role/user permissions + # with their expected state. I think we may have a module for this? + - name: Configure 3_2 role/user permissions command: > |