summaryrefslogtreecommitdiffstats
path: root/roles/openshift_service_catalog/tasks/install.yml
diff options
context:
space:
mode:
authorewolinetz <ewolinet@redhat.com>2017-07-14 09:00:39 -0500
committerewolinetz <ewolinet@redhat.com>2017-07-14 13:33:38 -0500
commit61be9961c467758264519058369bd2a589c10e94 (patch)
tree73a38cab91966dc9d7a305687fd2e020ff92af95 /roles/openshift_service_catalog/tasks/install.yml
parent0b0a7af456c8786dace49bb38ecf462c8f3336c3 (diff)
downloadopenshift-61be9961c467758264519058369bd2a589c10e94.tar.gz
openshift-61be9961c467758264519058369bd2a589c10e94.tar.bz2
openshift-61be9961c467758264519058369bd2a589c10e94.tar.xz
openshift-61be9961c467758264519058369bd2a589c10e94.zip
Adding in permissions to edit and admin cluster roles
Diffstat (limited to 'roles/openshift_service_catalog/tasks/install.yml')
-rw-r--r--roles/openshift_service_catalog/tasks/install.yml34
1 files changed, 34 insertions, 0 deletions
diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml
index 1f9ecc2b8..de7511f71 100644
--- a/roles/openshift_service_catalog/tasks/install.yml
+++ b/roles/openshift_service_catalog/tasks/install.yml
@@ -66,6 +66,40 @@
template_name: kube-system-service-catalog
namespace: kube-system
+- oc_obj:
+ name: edit
+ kind: clusterrole
+ state: list
+ register: edit_yaml
+
+- name: Generate apply template for clusterrole/edit
+ template:
+ src: sc_role_patching.j2
+ dest: "{{ mktemp.stdout }}/edit_sc_patch.yml"
+ vars:
+ original_content: "{{ edit_yaml.results.results[0] | to_yaml }}"
+
+- name: update edit role for service catalog and pod preset access
+ command: >
+ oc apply -f {{ mktemp.stdout }}/edit_sc_patch.yml
+
+- oc_obj:
+ name: admin
+ kind: clusterrole
+ state: list
+ register: admin_yaml
+
+- name: Generate apply template for clusterrole/admin
+ template:
+ src: sc_role_patching.j2
+ dest: "{{ mktemp.stdout }}/admin_sc_patch.yml"
+ vars:
+ original_content: "{{ admin_yaml.results.results[0] | to_yaml }}"
+
+- name: update admin role for service catalog and pod preset access
+ command: >
+ oc apply -f {{ mktemp.stdout }}/admin_sc_patch.yml
+
- shell: >
oc get policybindings/kube-system:default -n kube-system || echo "not found"
register: get_kube_system
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-10 21:19:16 +0000