blob: e45ea8d43f11eed7408eacb04d813ac663f4a8a1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
---
# This role task file is responsible for user/system account creation,
# and ensuring correct access is provided as required.
- name: Ensure the CFME system accounts exist
oc_serviceaccount:
namespace: "{{ openshift_management_project }}"
state: present
name: "{{ openshift_management_flavor_short }}{{ item.name }}"
with_items:
- "{{ __openshift_system_account_sccs }}"
- name: Ensure the CFME system accounts have all the required SCCs
oc_adm_policy_user:
namespace: "{{ openshift_management_project }}"
user: "system:serviceaccount:{{ openshift_management_project }}:{{ openshift_management_flavor_short }}{{ item.name }}"
resource_kind: scc
resource_name: "{{ item.resource_name }}"
with_items:
- "{{ __openshift_system_account_sccs }}"
- name: Ensure the CFME system accounts have the required roles
oc_adm_policy_user:
namespace: "{{ openshift_management_project }}"
user: "system:serviceaccount:{{ openshift_management_project }}:{{ openshift_management_flavor_short }}{{ item.name }}"
resource_kind: role
resource_name: "{{ item.resource_name }}"
with_items:
- "{{ __openshift_management_system_account_roles }}"
|