diff options
author | Jan Chaloupka <jchaloup@redhat.com> | 2017-02-11 10:32:29 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-11 10:32:29 +0100 |
commit | 3921f01be97ccfbb54e11666ce3647774c3fdbb9 (patch) | |
tree | fb49743460566722c42b30ec297f2f4e19d4a1eb /roles/nuage_master | |
parent | 5444c0f474f3701f22ae8392d1ac192403c8b5b7 (diff) | |
parent | badaa6dc09abfcbfb2770a2d2070c803a2aaaf03 (diff) | |
download | openshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.tar.gz openshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.tar.bz2 openshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.tar.xz openshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.zip |
Merge pull request #3321 from ashcrow/oc-serviceaccount-module
WIP: oc serviceaccount now done via oc_serviceaccount module
Diffstat (limited to 'roles/nuage_master')
-rw-r--r-- | roles/nuage_master/meta/main.yml | 1 | ||||
-rw-r--r-- | roles/nuage_master/tasks/serviceaccount.yml | 16 | ||||
-rw-r--r-- | roles/nuage_master/vars/main.yaml | 6 |
3 files changed, 7 insertions, 16 deletions
diff --git a/roles/nuage_master/meta/main.yml b/roles/nuage_master/meta/main.yml index a8a9bd3b4..e3ed9ac71 100644 --- a/roles/nuage_master/meta/main.yml +++ b/roles/nuage_master/meta/main.yml @@ -17,6 +17,7 @@ dependencies: - role: nuage_common - role: openshift_etcd_client_certificates - role: os_firewall +- role: lib_openshift os_firewall_allow: - service: openshift-monitor port: "{{ nuage_mon_rest_server_port }}/tcp" diff --git a/roles/nuage_master/tasks/serviceaccount.yml b/roles/nuage_master/tasks/serviceaccount.yml index 41143772e..16ea08244 100644 --- a/roles/nuage_master/tasks/serviceaccount.yml +++ b/roles/nuage_master/tasks/serviceaccount.yml @@ -13,20 +13,16 @@ changed_when: false - name: Create Admin Service Account - shell: > - echo {{ nuage_service_account_config | to_json | quote }} | - {{ openshift.common.client_binary }} create - -n default - --config={{nuage_tmp_conf}} - -f - - register: osnuage_create_service_account - failed_when: "'already exists' not in osnuage_create_service_account.stderr and osnuage_create_service_account.rc != 0" - changed_when: osnuage_create_service_account.rc == 0 + oc_serviceaccount: + kubeconfig: "{{ openshift_master_config_dir }}/admin.kubeconfig" + name: nuage + namespace: default + state: present - name: Configure role/user permissions command: > {{ openshift.common.client_binary }} adm {{item}} - --config={{nuage_tmp_conf}} + --config={{ nuage_tmp_conf }} with_items: "{{nuage_tasks}}" register: osnuage_perm_task failed_when: "'the object has been modified' not in osnuage_perm_task.stderr and osnuage_perm_task.rc != 0" diff --git a/roles/nuage_master/vars/main.yaml b/roles/nuage_master/vars/main.yaml index dba399a03..651d5775c 100644 --- a/roles/nuage_master/vars/main.yaml +++ b/roles/nuage_master/vars/main.yaml @@ -22,11 +22,5 @@ nuage_mon_rest_server_host: "{{ openshift.master.cluster_hostname | default(open nuage_master_crt_dir: /usr/share/nuage-openshift-monitor nuage_service_account: system:serviceaccount:default:nuage -nuage_service_account_config: - apiVersion: v1 - kind: ServiceAccount - metadata: - name: nuage - nuage_tasks: - policy add-cluster-role-to-user cluster-reader {{ nuage_service_account }} |