| 12345678910111213141516171819202122232425262728293031 |
- ---
- - name: Create Controller service account
- oc_serviceaccount:
- name: kuryr-controller
- namespace: "{{ kuryr_namespace }}"
- register: saout
- - name: Create a role for the Kuryr
- oc_clusterrole: "{{ kuryr_clusterrole }}"
- - name: Fetch the created Kuryr controller cluster role
- oc_clusterrole:
- name: kuryrctl
- state: list
- register: crout
- - name: Grant Kuryr the privileged security context constraints
- oc_adm_policy_user:
- user: "system:serviceaccount:{{ kuryr_namespace }}:{{ saout.results.results.0.metadata.name }}"
- namespace: "{{ kuryr_namespace }}"
- resource_kind: scc
- resource_name: privileged
- state: present
- - name: Assign role to Kuryr service account
- oc_adm_policy_user:
- user: "system:serviceaccount:{{ kuryr_namespace }}:{{ saout.results.results.0.metadata.name }}"
- namespace: "{{ kuryr_namespace }}"
- resource_kind: cluster-role
- resource_name: "{{ crout.results.results.metadata.name }}"
- state: present
|
