summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Butcher <abutcher@redhat.com>2016-05-23 14:57:41 -0400
committerAndrew Butcher <abutcher@redhat.com>2016-05-23 14:59:30 -0400
commitf901c3142f3ff98d9f029e9a30428ea3a4f5b00a (patch)
tree6bcf695e1f4a9ed9a053d731849bbd0090679119
parentc625a47a85bdb895efaf05567f075f3cad5eee3c (diff)
downloadopenshift-f901c3142f3ff98d9f029e9a30428ea3a4f5b00a.tar.gz
openshift-f901c3142f3ff98d9f029e9a30428ea3a4f5b00a.tar.bz2
openshift-f901c3142f3ff98d9f029e9a30428ea3a4f5b00a.tar.xz
openshift-f901c3142f3ff98d9f029e9a30428ea3a4f5b00a.zip
Extend multiple login provider check to include origin.
-rw-r--r--filter_plugins/openshift_master.py17
-rw-r--r--roles/openshift_master/tasks/main.yml2
2 files changed, 14 insertions, 5 deletions
diff --git a/filter_plugins/openshift_master.py b/filter_plugins/openshift_master.py
index 0af47fb62..bb79b27d1 100644
--- a/filter_plugins/openshift_master.py
+++ b/filter_plugins/openshift_master.py
@@ -78,10 +78,19 @@ class IdentityProviderBase(object):
self._allow_additional = True
@staticmethod
- def validate_idp_list(idp_list, openshift_version):
+ def validate_idp_list(idp_list, openshift_version, deployment_type):
''' validates a list of idps '''
login_providers = [x.name for x in idp_list if x.login]
- if len(login_providers) > 1 and LooseVersion(openshift_version) < LooseVersion('3.2'):
+
+ multiple_logins_unsupported = False
+ if len(login_providers) > 1:
+ if deployment_type in ['enterprise', 'online', 'atomic-enterprise', 'openshift-enterprise']:
+ if LooseVersion(openshift_version) < LooseVersion('3.2'):
+ multiple_logins_unsupported = True
+ if deployment_type in ['origin']:
+ if LooseVersion(openshift_version) < LooseVersion('1.2'):
+ multiple_logins_unsupported = True
+ if multiple_logins_unsupported:
raise errors.AnsibleFilterError("|failed multiple providers are "
"not allowed for login. login "
"providers: {0}".format(', '.join(login_providers)))
@@ -462,7 +471,7 @@ class FilterModule(object):
''' Custom ansible filters for use by the openshift_master role'''
@staticmethod
- def translate_idps(idps, api_version, openshift_version):
+ def translate_idps(idps, api_version, openshift_version, deployment_type):
''' Translates a list of dictionaries into a valid identityProviders config '''
idp_list = []
@@ -479,7 +488,7 @@ class FilterModule(object):
idp_list.append(idp_inst)
- IdentityProviderBase.validate_idp_list(idp_list, openshift_version)
+ IdentityProviderBase.validate_idp_list(idp_list, openshift_version, deployment_type)
return yaml.safe_dump([idp.to_dict() for idp in idp_list], default_flow_style=False)
@staticmethod
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 64408fe72..63a54a0d9 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -139,7 +139,7 @@
- restart master api
- set_fact:
- translated_identity_providers: "{{ openshift.master.identity_providers | translate_idps('v1', openshift.common.version) }}"
+ translated_identity_providers: "{{ openshift.master.identity_providers | translate_idps('v1', openshift.common.version, openshift.common.deployment_type) }}"
# TODO: add the validate parameter when there is a validation command to run
- name: Create master config