diff options
| -rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 11 | ||||
| -rw-r--r-- | roles/openshift_master/templates/master.yaml.v1.j2 | 14 | ||||
| -rw-r--r-- | roles/openshift_master_facts/tasks/main.yml | 4 |
3 files changed, 28 insertions, 1 deletions
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 0d31d4ddf..9054e0bd4 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1118,12 +1118,21 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw """ additive_facts = ['named_certificates'] protected_facts = ['ha', 'master_count'] + + # Facts we do not ever want to merge. These originate in inventory variables + # and typically contain JSON dicts. We don't ever want to trigger a merge + # here, just completely overwrite with the new if they are present there. + overwrite_facts = ['admission_plugin_config', + 'kube_admission_plugin_config'] + facts = dict() for key, value in orig.iteritems(): # Key exists in both old and new facts. if key in new: + if key in overwrite_facts: + facts[key] = copy.deepcopy(new[key]) # Continue to recurse if old and new fact is a dictionary. - if isinstance(value, dict) and isinstance(new[key], dict): + elif isinstance(value, dict) and isinstance(new[key], dict): # Collect the subset of additive facts to overwrite if # key matches. These will be passed to the subsequent # merge_facts call. diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 813a58d60..618ad8744 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -1,3 +1,10 @@ +admissionConfig: +{% if 'admission_plugin_order' in openshift.master %} + pluginOrderOverride:{{ openshift.master.admission_plugin_order | to_padded_yaml(level=2) }} +{% endif %} +{% if 'admission_plugin_config' in openshift.master %} + pluginConfig:{{ openshift.master.admission_plugin_config | to_padded_yaml(level=2) }} +{% endif %} apiLevels: {% if not openshift.common.version_gte_3_1_or_1_1 | bool %} - v1beta3 @@ -96,6 +103,13 @@ kubernetesMasterConfig: - v1beta3 - v1 {% endif %} + admissionConfig: +{% if 'kube_admission_plugin_order' in openshift.master %} + pluginOrderOverride:{{ openshift.master.kube_admission_plugin_order | to_padded_yaml(level=3) }} +{% endif %} +{% if 'kube_admission_plugin_config' in openshift.master %} + pluginConfig:{{ openshift.master.kube_admission_plugin_config | to_padded_yaml(level=3) }} +{% endif %} apiServerArguments: {{ openshift.master.api_server_args | default(None) | to_padded_yaml( level=2 ) }} controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }} masterCount: {{ openshift.master.master_count if openshift.master.cluster_method | default(None) == 'native' else 1 }} diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index 2a3e38af4..c54f11c1a 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -65,3 +65,7 @@ master_image: "{{ osm_image | default(None) }}" scheduler_predicates: "{{ openshift_master_scheduler_predicates | default(None) }}" scheduler_priorities: "{{ openshift_master_scheduler_priorities | default(None) }}" + admission_plugin_order: "{{openshift_master_admission_plugin_order | default(None) }}" + admission_plugin_config: "{{openshift_master_admission_plugin_config | default(None) }}" + kube_admission_plugin_order: "{{openshift_master_kube_admission_plugin_order | default(None) }}" + kube_admission_plugin_config: "{{openshift_master_kube_admission_plugin_config | default(None) }}" |