diff options
author | Scott Dodson <sdodson@redhat.com> | 2016-11-22 09:21:43 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-11-22 09:21:43 -0500 |
commit | e6c354ba99ee823cc10a73b9882a96677075f36d (patch) | |
tree | 5fa22e6f009029d58032912ae92cfaf5b252e56b /roles | |
parent | 299e094177a05aeab939ae82ea22e7ec7046d08b (diff) | |
parent | a5ee83f0dcd7d71c6e2c9387b6ce0b7b1ffec68b (diff) | |
download | openshift-e6c354ba99ee823cc10a73b9882a96677075f36d.tar.gz openshift-e6c354ba99ee823cc10a73b9882a96677075f36d.tar.bz2 openshift-e6c354ba99ee823cc10a73b9882a96677075f36d.tar.xz openshift-e6c354ba99ee823cc10a73b9882a96677075f36d.zip |
Merge pull request #2711 from simon3z/hawkular-cluster-role
Add hawkular admin cluster role to management admin
Diffstat (limited to 'roles')
-rw-r--r-- | roles/openshift_manageiq/tasks/main.yaml | 10 | ||||
-rw-r--r-- | roles/openshift_manageiq/vars/main.yml | 15 |
2 files changed, 25 insertions, 0 deletions
diff --git a/roles/openshift_manageiq/tasks/main.yaml b/roles/openshift_manageiq/tasks/main.yaml index bdaf64b3f..a7214482f 100644 --- a/roles/openshift_manageiq/tasks/main.yaml +++ b/roles/openshift_manageiq/tasks/main.yaml @@ -50,6 +50,16 @@ failed_when: "'already exists' not in osmiq_create_cluster_role.stderr and osmiq_create_cluster_role.rc != 0" changed_when: osmiq_create_cluster_role.rc == 0 +- name: Create Hawkular Metrics Admin Cluster Role + shell: > + echo {{ manageiq_metrics_admin_clusterrole | to_json | quote }} | + {{ openshift.common.client_binary }} + --config={{manage_iq_tmp_conf}} + create -f - + register: oshawkular_create_cluster_role + failed_when: "'already exists' not in oshawkular_create_cluster_role.stderr and oshawkular_create_cluster_role.rc != 0" + changed_when: oshawkular_create_cluster_role.rc == 0 + - name: Configure role/user permissions command: > {{ openshift.common.client_binary }} adm {{item}} diff --git a/roles/openshift_manageiq/vars/main.yml b/roles/openshift_manageiq/vars/main.yml index 6a0c5b41b..37d4679ef 100644 --- a/roles/openshift_manageiq/vars/main.yml +++ b/roles/openshift_manageiq/vars/main.yml @@ -9,6 +9,20 @@ manageiq_cluster_role: verbs: - '*' +manageiq_metrics_admin_clusterrole: + apiVersion: v1 + kind: ClusterRole + metadata: + name: hawkular-metrics-admin + rules: + - apiGroups: + - "" + resources: + - hawkular-metrics + - hawkular-alerts + verbs: + - '*' + manageiq_service_account: apiVersion: v1 kind: ServiceAccount @@ -31,6 +45,7 @@ manage_iq_tasks: - policy add-cluster-role-to-user system:image-puller system:serviceaccount:management-infra:inspector-admin - policy add-scc-to-user privileged system:serviceaccount:management-infra:inspector-admin - policy add-cluster-role-to-user self-provisioner system:serviceaccount:management-infra:management-admin + - policy add-cluster-role-to-user hawkular-metrics-admin system:serviceaccount:management-infra:management-admin manage_iq_openshift_3_2_tasks: - policy add-cluster-role-to-user system:image-auditor system:serviceaccount:management-infra:management-admin |