Bug 1308411 - Fail to install OSE 3.0 for no add-scc-to-user command

roles/openshift_serviceaccounts/tasks/main.yml

@@ -27,7 +27,47 @@
   command: >
       {{ openshift.common.admin_binary }} policy add-scc-to-user
       privileged system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item.0 }}
-  when: "item.1.rc == 0 and 'system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item.0 }}' not in {{ (item.1.stdout | from_yaml).users }}"
+  when: "openshift.common.version_gte_3_1_or_1_1 and item.1.rc == 0 and 'system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item.0 }}' not in {{ (item.1.stdout | from_yaml).users }}"
   with_nested:
   - openshift_serviceaccounts_names
   - scc_test.results
+
+####
+#
+# Support for 3.0.z
+#
+####
+
+- name: tmp dir for openshift
+  file:
+    path: /tmp/openshift
+    state: directory
+    owner: root
+    mode: 700
+  when: not openshift.common.version_gte_3_1_or_1_1
+
+- name: Create service account configs
+  template:
+    src: serviceaccount.j2
+    dest: "/tmp/openshift/{{ item }}-serviceaccount.yaml"
+  with_items: openshift_serviceaccounts_names
+  when: not openshift.common.version_gte_3_1_or_1_1
+
+- name: Get current security context constraints
+  shell: >
+    {{ openshift.common.client_binary }} get scc privileged -o yaml
+    --output-version=v1 > /tmp/openshift/scc.yaml
+  changed_when: false
+  when: not openshift.common.version_gte_3_1_or_1_1
+
+- name: Add security context constraint for {{ item }}
+  lineinfile:
+    dest: /tmp/openshift/scc.yaml
+    line: "- system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item }}"
+    insertafter: "^users:$"
+  with_items: openshift_serviceaccounts_names
+  when: not openshift.common.version_gte_3_1_or_1_1
+
+- name: Apply new scc rules for service accounts
+  command: "{{ openshift.common.client_binary }} update -f /tmp/openshift/scc.yaml --api-version=v1"
+  when: not openshift.common.version_gte_3_1_or_1_1