diff options
author | Tim Bielawa <tbielawa@redhat.com> | 2017-10-05 15:42:18 -0400 |
---|---|---|
committer | Tim Bielawa <tbielawa@redhat.com> | 2017-10-06 11:45:17 -0400 |
commit | c0f63fb902b53bc592e6862d5876af9b244ee82b (patch) | |
tree | 85ab3b45eab2ebcf3c56c8236ebb829b0a562065 /roles/openshift_management/tasks/accounts.yml | |
parent | e7e82bede0f7ebac08a4290a3f088cca0ea3ab78 (diff) | |
download | openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.tar.gz openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.tar.bz2 openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.tar.xz openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.zip |
Rename openshift_cfme role to openshift_management
Diffstat (limited to 'roles/openshift_management/tasks/accounts.yml')
-rw-r--r-- | roles/openshift_management/tasks/accounts.yml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/roles/openshift_management/tasks/accounts.yml b/roles/openshift_management/tasks/accounts.yml new file mode 100644 index 000000000..e45ea8d43 --- /dev/null +++ b/roles/openshift_management/tasks/accounts.yml @@ -0,0 +1,28 @@ +--- +# This role task file is responsible for user/system account creation, +# and ensuring correct access is provided as required. +- name: Ensure the CFME system accounts exist + oc_serviceaccount: + namespace: "{{ openshift_management_project }}" + state: present + name: "{{ openshift_management_flavor_short }}{{ item.name }}" + with_items: + - "{{ __openshift_system_account_sccs }}" + +- name: Ensure the CFME system accounts have all the required SCCs + oc_adm_policy_user: + namespace: "{{ openshift_management_project }}" + user: "system:serviceaccount:{{ openshift_management_project }}:{{ openshift_management_flavor_short }}{{ item.name }}" + resource_kind: scc + resource_name: "{{ item.resource_name }}" + with_items: + - "{{ __openshift_system_account_sccs }}" + +- name: Ensure the CFME system accounts have the required roles + oc_adm_policy_user: + namespace: "{{ openshift_management_project }}" + user: "system:serviceaccount:{{ openshift_management_project }}:{{ openshift_management_flavor_short }}{{ item.name }}" + resource_kind: role + resource_name: "{{ item.resource_name }}" + with_items: + - "{{ __openshift_management_system_account_roles }}" |