--- - name: "Configure {{ name }} fact" set_fact: "kaas_{{ name }}_path={{ path }}" - name: "Configure {{ name }} fact" set_fact: "kaas_{{ name }}_hostpath={{ hostpath }}" - name: "Ensure {{ path }} exists" file: path: "{{ path }}" state: "directory" recurse: "no" register: mkdir - name: "Ensure the {{ path }} is writeable by project pods" vars: default_group: "{{ kaas_openshift_gid_ranges[kaas_project] | default('') | regex_replace('^([0-9]+)[^0-9]*.*$', '\\1') }}" file: path: "{{ path }}" state: "directory" recurse: "no" mode: "{{ volume.mode | default(02775) }}" owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" group: "{{ volume.group | default(kaas_project_config.file_group) | default(default_group) }}" register: chmod when: - mkdir | changed - kaas_openshift_gid_ranges[kaas_project] is defined - osvpath[:1] != "/" # There is no other way to write for users. There will be just two osv's one writeable and one not. # We may create a dir with the wrong one and have permissions not set # - volume.write | default(false) - name: "Setting default permissions for non standard locations" file: path: "{{ path }}" state: "directory" recurse: "no" mode: "{{ volume.mode | default(0755) }}" owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" group: "{{ volume.group | default(kaas_project_config.file_group) | default(kaas_default_file_group) }}" when: - mkdir | changed - chmod | skipped - name: "Setting SELinux context for non standard locations" sefcontext: target="{{ hostpath }}" setype="svirt_sandbox_file_t" state="present" reload="yes" when: - mkdir | changed - chmod | skipped - voltype[0] == "host" - name: "Apply SELinux context for non standard locations" shell: restorecon "{{ hostpath }}" when: - mkdir | changed - chmod | skipped - voltype[0] == "host"