okd/roles/nuage_master/tasks/serviceaccount.yml

---
- name: Create Admin Service Account
  oc_serviceaccount:
    name: nuage
    namespace: default
    state: present
  run_once: True
  delegate_to: "{{ nuage_ca_master }}"

- name: Configure role/user permissions
  oc_adm_policy_user:
    namespace: default
    resource_name: "{{ item.resource_name }}"
    resource_kind: "{{ item.resource_kind }}"
    user: "{{ item.user }}"
  with_items: "{{ nuage_tasks }}"
  run_once: True
  delegate_to: "{{ nuage_ca_master }}"

- name: Generate the node client config
  command: >
    {{ openshift_client_binary }} adm create-api-client-config
      --certificate-authority={{ openshift_master_ca_cert }}
      --client-dir={{ cert_output_dir }}
      --master={{ openshift.master.api_url }}
      --public-master={{ openshift.master.api_url }}
      --signer-cert={{ openshift_master_ca_cert }}
      --signer-key={{ openshift_master_ca_key }}
      --signer-serial={{ openshift_master_ca_serial }}
      --basename='nuage'
      --user={{ nuage_service_account }}
  delegate_to: "{{ nuage_ca_master }}"
  run_once: True