From 486b746324171edd691fd1682ef1221825157e62 Mon Sep 17 00:00:00 2001
From: Samuel Padgett <spadgett@redhat.com>
Date: Thu, 11 Jan 2018 15:24:37 -0500
Subject: Add console RBAC template

---
 roles/openshift_web_console/tasks/install.yml | 13 +++++++++----
 roles/openshift_web_console/vars/main.yml     |  1 +
 2 files changed, 10 insertions(+), 4 deletions(-)

(limited to 'roles/openshift_web_console')

diff --git a/roles/openshift_web_console/tasks/install.yml b/roles/openshift_web_console/tasks/install.yml
index 12916961b..287d8973d 100644
--- a/roles/openshift_web_console/tasks/install.yml
+++ b/roles/openshift_web_console/tasks/install.yml
@@ -21,20 +21,21 @@
     node_selector:
       - ""
 
-- name: Make temp directory for asset config files
+- name: Make temp directory for the web console config files
   command: mktemp -d /tmp/console-ansible-XXXXXX
   register: mktemp
   changed_when: False
 
-- name: Copy asset config template to temp directory
+- name: Copy the web console config template to temp directory
   copy:
     src: "{{ __console_files_location }}/{{ item }}"
     dest: "{{ mktemp.stdout }}/{{ item }}"
   with_items:
     - "{{ __console_template_file }}"
+    - "{{ __console_rbac_file }}"
     - "{{ __console_config_file }}"
 
-- name: Update asset config properties
+- name: Update the web console config properties
   yedit:
     src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
     edits:
@@ -50,7 +51,11 @@
     src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
   register: config
 
-- name: Apply template file
+- name: Reconcile with the web console RBAC file
+  shell: >
+    {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __console_rbac_file }}" | {{ openshift_client_binary }} auth reconcile -f -
+
+- name: Apply the web console template file
   shell: >
     {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __console_template_file }}"
     --param API_SERVER_CONFIG="{{ config['content'] | b64decode }}"
diff --git a/roles/openshift_web_console/vars/main.yml b/roles/openshift_web_console/vars/main.yml
index 80bc56a17..e91048e38 100644
--- a/roles/openshift_web_console/vars/main.yml
+++ b/roles/openshift_web_console/vars/main.yml
@@ -2,4 +2,5 @@
 __console_files_location: "../../../files/origin-components/"
 
 __console_template_file: "console-template.yaml"
+__console_rbac_file: "console-rbac-template.yaml"
 __console_config_file: "console-config.yaml"
-- 
cgit v1.2.3