diff options
Diffstat (limited to 'roles/openshift_serviceaccounts')
-rw-r--r-- | roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml | 3 | ||||
-rw-r--r-- | roles/openshift_serviceaccounts/tasks/main.yml | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml b/roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml index 8715fc64e..b8cbe9a84 100644 --- a/roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml +++ b/roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml @@ -1,3 +1,4 @@ +--- #### # # OSE 3.0.z did not have 'oadm policy add-scc-to-user'. @@ -9,7 +10,7 @@ path: /tmp/openshift state: directory owner: root - mode: 700 + mode: 0700 - name: Create service account configs template: diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml index e90384d37..d83ccf7de 100644 --- a/roles/openshift_serviceaccounts/tasks/main.yml +++ b/roles/openshift_serviceaccounts/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: test if service accounts exists command: > {{ openshift.common.client_binary }} get sa {{ item }} -n {{ openshift_serviceaccounts_namespace }} @@ -26,7 +27,7 @@ - name: Grant the user access to the appropriate scc command: > - {{ openshift.common.admin_binary }} policy add-scc-to-user + {{ openshift.common.client_binary }} adm policy add-scc-to-user {{ item.1.item }} system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item.0 }} when: "openshift.common.version_gte_3_1_or_1_1 and item.1.rc == 0 and 'system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item.0 }}' not in {{ (item.1.stdout | from_yaml).users | default([]) }}" with_nested: |