diff options
Diffstat (limited to 'roles/openshift_metrics/tasks/generate_rolebindings.yaml')
-rw-r--r-- | roles/openshift_metrics/tasks/generate_rolebindings.yaml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/roles/openshift_metrics/tasks/generate_rolebindings.yaml b/roles/openshift_metrics/tasks/generate_rolebindings.yaml index e050c8eb2..407d3196f 100644 --- a/roles/openshift_metrics/tasks/generate_rolebindings.yaml +++ b/roles/openshift_metrics/tasks/generate_rolebindings.yaml @@ -13,3 +13,36 @@ - kind: ServiceAccount name: hawkular changed_when: no + +- name: generate hawkular-metrics cluster role binding for the hawkular service account + template: + src: rolebinding.j2 + dest: "{{ mktemp.stdout }}/templates/hawkular-cluster-rolebinding.yaml" + vars: + cluster: True + obj_name: hawkular-namespace-watcher + labels: + metrics-infra: hawkular + roleRef: + kind: ClusterRole + name: hawkular-metrics + subjects: + - kind: ServiceAccount + name: hawkular + namespace: "{{openshift_metrics_project}}" + changed_when: no + +- name: generate the hawkular cluster role + template: + src: hawkular_metrics_role.j2 + dest: "{{ mktemp.stdout }}/templates/hawkular-cluster-role.yaml" + changed_when: no + +- name: Set hawkular cluster roles + oc_obj: + name: hawkular-metrics + namespace: "{{ openshift_metrics_project }}" + kind: clusterrole + files: + - "{{ mktemp.stdout }}/templates/hawkular-cluster-role.yaml" + delete_after: true |