diff options
author | Russell Teague <rteague@redhat.com> | 2017-03-14 08:25:21 -0400 |
---|---|---|
committer | Russell Teague <rteague@redhat.com> | 2017-03-14 08:25:21 -0400 |
commit | a3f2626530456e9eae9492758900a30e8d641b8b (patch) | |
tree | e8b6b982528818e2dfe332a264fd1711641ee36c | |
parent | 46d1efcf1e8ab67deaa6c42460bc510650df17b0 (diff) | |
download | openshift-a3f2626530456e9eae9492758900a30e8d641b8b.tar.gz openshift-a3f2626530456e9eae9492758900a30e8d641b8b.tar.bz2 openshift-a3f2626530456e9eae9492758900a30e8d641b8b.tar.xz openshift-a3f2626530456e9eae9492758900a30e8d641b8b.zip |
Add router svcacct cluster-reader role
-rw-r--r-- | roles/openshift_hosted/tasks/router/router.yml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/roles/openshift_hosted/tasks/router/router.yml b/roles/openshift_hosted/tasks/router/router.yml index 969fb27a9..0861b9ec2 100644 --- a/roles/openshift_hosted/tasks/router/router.yml +++ b/roles/openshift_hosted/tasks/router/router.yml @@ -37,6 +37,15 @@ resource_name: hostnetwork with_items: "{{ openshift_hosted_routers }}" +- name: Set additional permissions for router service account + oc_adm_policy_user: + user: "system:serviceaccount:{{ item.namespace }}:{{ item.serviceaccount }}" + namespace: "{{ item.namespace }}" + resource_kind: cluster-role + resource_name: cluster-reader + when: item.namespace == 'default' + with_items: "{{ openshift_hosted_routers }}" + - name: Create OpenShift router oc_adm_router: name: "{{ item.name }}" |