summaryrefslogtreecommitdiffstats
path: root/roles/openshift_metrics/tasks/generate_rolebindings.yaml
blob: 407d3196f7d92ccbfea990d191cc1aebc4d7e647 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

---
- name: generate view role binding for the hawkular service account
  template:
    src: rolebinding.j2
    dest: "{{ mktemp.stdout }}/templates/hawkular-rolebinding.yaml"
  vars:
    obj_name: hawkular-view
    labels:
      metrics-infra: hawkular
    roleRef:
      name: view
    subjects:
    - kind: ServiceAccount
      name: hawkular
  changed_when: no

- name: generate hawkular-metrics cluster role binding for the hawkular service account
  template:
    src: rolebinding.j2
    dest: "{{ mktemp.stdout }}/templates/hawkular-cluster-rolebinding.yaml"
  vars:
    cluster: True
    obj_name: hawkular-namespace-watcher
    labels:
      metrics-infra: hawkular
    roleRef:
      kind: ClusterRole
      name: hawkular-metrics
    subjects:
    - kind: ServiceAccount
      name: hawkular
      namespace: "{{openshift_metrics_project}}"
  changed_when: no

- name: generate the hawkular cluster role
  template:
    src: hawkular_metrics_role.j2
    dest: "{{ mktemp.stdout }}/templates/hawkular-cluster-role.yaml"
  changed_when: no

- name: Set hawkular cluster roles
  oc_obj:
    name: hawkular-metrics
    namespace: "{{ openshift_metrics_project }}"
    kind: clusterrole
    files:
    - "{{ mktemp.stdout }}/templates/hawkular-cluster-role.yaml"
    delete_after: true
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-09 08:15:37 +0000