From 1f3e2a9f59e83dc3f0fcbecf096a7e7b40d36ed7 Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Wed, 28 Feb 2018 23:46:55 +0100 Subject: First running prototype --- roles/ands_kaas/tasks/volume.yml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'roles/ands_kaas/tasks/volume.yml') diff --git a/roles/ands_kaas/tasks/volume.yml b/roles/ands_kaas/tasks/volume.yml index b82e55f..ff51fb0 100644 --- a/roles/ands_kaas/tasks/volume.yml +++ b/roles/ands_kaas/tasks/volume.yml @@ -6,6 +6,40 @@ file: path: "{{ path }}" state: "directory" + recurse: "no" + register: mkdir + +- name: "Ensure the {{ path }} is writeable by project pods" + vars: + default_group: "{{ kaas_openshift_gid_ranges[kaas_project] | default('') | regex_replace('^([0-9]+)[^0-9]*.*$', '\\1') }}" + file: + path: "{{ path }}" + state: "directory" + recurse: "no" + mode: "{{ volume.mode | default(0775) }}" + owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" + group: "{{ volume.group | default(kaas_project_config.file_group) | default(default_group) }}" + register: chmod + when: + - mkdir | changed + - kaas_openshift_gid_ranges[kaas_project] is defined + - osvpath[:1] != "/" + +# There is no other way to write for users. There will be just two osv's one writeable and one not. +# We may create a dir with the wrong one and have permissions not set +# - volume.write | default(false) + +- name: "Setting default permissions for non standard locations" + file: + path: "{{ path }}" + state: "directory" + recurse: "no" mode: "{{ volume.mode | default(0755) }}" owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" group: "{{ volume.group | default(kaas_project_config.file_group) | default(kaas_default_file_group) }}" + when: + - mkdir | changed + - chmod | skipped + + + -- cgit v1.2.3