diff options
| author | Adam Miller <admiller@redhat.com> | 2017-08-04 17:01:58 +0000 |
|---|---|---|
| committer | Adam Miller <admiller@redhat.com> | 2017-08-04 17:02:00 +0000 |
| commit | 587e09f3a3fe51d4338c0a499dfc8b9b98b40db5 (patch) | |
| tree | 3eaf4b7fa268f77861db7f22a73d38a6112de841 /playbooks/groups | |
| parent | fe5f1c315259fc044149f78ecbea69fc5fa43560 (diff) | |
| download | ansible-587e09f3a3fe51d4338c0a499dfc8b9b98b40db5.tar.gz ansible-587e09f3a3fe51d4338c0a499dfc8b9b98b40db5.tar.xz ansible-587e09f3a3fe51d4338c0a499dfc8b9b98b40db5.zip | |
use correct osbs namespace per env for oadm policy config
Signed-off-by: Adam Miller <admiller@redhat.com>
Diffstat (limited to 'playbooks/groups')
| -rw-r--r-- | playbooks/groups/osbs-orchestrator-cluster.yml | 33 |
1 files changed, 29 insertions, 4 deletions
diff --git a/playbooks/groups/osbs-orchestrator-cluster.yml b/playbooks/groups/osbs-orchestrator-cluster.yml index 5d39d91cc..073121474 100644 --- a/playbooks/groups/osbs-orchestrator-cluster.yml +++ b/playbooks/groups/osbs-orchestrator-cluster.yml @@ -426,8 +426,33 @@ osbs_cpu_limitrange: "{{ os_cpu_limitrange }}" osbs_nodeselector: "{{ osbs_orchestrator_default_nodeselector|default('') }}" -- name: Setup Koji auth for OpenShift Orchestrator - hosts: osbs-masters-stg[0]:osbsworker-x86-64-masters-stg[0] +- name: Setup Koji auth for OSBS Orchestrator Cluster + hosts: osbs-masters-stg[0] + tags: + - osbs-master-req + user: root + gather_facts: True + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + + tasks: + - name: set policy for koji builder in openshift for osbs + shell: "oadm policy add-role-to-user -n {{ osbs_orchestrator_namespace }} edit htpasswd_provider: {{ osbs_koji_stg_username }} && touch /etc/origin/koji-builder-policy-added" + args: + creates: "/etc/origin/koji-builder-policy-added" + when: env == "staging" + + - name: set policy for koji builder in openshift for atomic-reactor + shell: "oadm policy add-role-to-user -n {{ osbs_orchestrator_namespace }} edit system:serviceaccount:{{osbs_orchestrator_namespace}}:{{osbs_builder_user}} && touch /etc/origin/atomic-reactor-policy-added" + args: + creates: "/etc/origin/atomic-reactor-policy-added" + +- name: Setup Koji auth for OSBS Worker Cluster + hosts: osbsworker-x86-64-masters-stg[0] tags: - osbs-master-req user: root @@ -441,13 +466,13 @@ tasks: - name: set policy for koji builder in openshift for osbs - shell: "oadm policy add-role-to-user -n {{ osbs_namespace }} edit htpasswd_provider: {{ osbs_koji_stg_username }} && touch /etc/origin/koji-builder-policy-added" + shell: "oadm policy add-role-to-user -n {{ osbs_worker_namespace }} edit htpasswd_provider: {{ osbs_koji_stg_username }} && touch /etc/origin/koji-builder-policy-added" args: creates: "/etc/origin/koji-builder-policy-added" when: env == "staging" - name: set policy for koji builder in openshift for atomic-reactor - shell: "oadm policy add-role-to-user -n {{ osbs_namespace }} edit system:serviceaccount:{{osbs_namespace}}:{{osbs_builder_user}} && touch /etc/origin/atomic-reactor-policy-added" + shell: "oadm policy add-role-to-user -n {{ osbs_worker_namespace }} edit system:serviceaccount:{{osbs_orchestrator_namespace}}:{{osbs_builder_user}} && touch /etc/origin/atomic-reactor-policy-added" args: creates: "/etc/origin/atomic-reactor-policy-added" |