From 8bf8728bad2c15f3f9bd69ed4f336c7b28eae408 Mon Sep 17 00:00:00 2001
From: Erez Freiberger <efreiber@redhat.com>
Date: Wed, 9 Mar 2016 11:59:46 +0200
Subject: ManageIQ SA: Adding image-puller role

---
 roles/openshift_manageiq/vars/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'roles/openshift_manageiq/vars')

diff --git a/roles/openshift_manageiq/vars/main.yml b/roles/openshift_manageiq/vars/main.yml
index 77e1c304b..69ee2cb4c 100644
--- a/roles/openshift_manageiq/vars/main.yml
+++ b/roles/openshift_manageiq/vars/main.yml
@@ -15,6 +15,12 @@ manageiq_service_account:
     metadata:
       name: management-admin
 
+manageiq_image_inspector_service_account:
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: inspector-admin
+
 manage_iq_tmp_conf: /tmp/manageiq_admin.kubeconfig
 
 manage_iq_tasks:
@@ -22,3 +28,5 @@ manage_iq_tasks:
     - policy add-role-to-user -n management-infra management-infra-admin -z management-admin
     - policy add-cluster-role-to-user cluster-reader system:serviceaccount:management-infra:management-admin
     - policy add-scc-to-user privileged system:serviceaccount:management-infra:management-admin
+    - policy add-cluster-role-to-user system:image-puller system:serviceaccount:management-infra:inspector-admin
+    - policy add-scc-to-user privileged system:serviceaccount:management-infra:inspector-admin
-- 
cgit v1.2.1