From 1f883c50759767a4bc4fdbfb04e9fdada6790cbf Mon Sep 17 00:00:00 2001 From: Shawn Hurley Date: Tue, 19 Dec 2017 12:29:57 -0500 Subject: adding ability to interact with network resources. --- roles/ansible_service_broker/tasks/install.yml | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'roles/ansible_service_broker/tasks') diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml index 4ca47d074..52e20a72e 100644 --- a/roles/ansible_service_broker/tasks/install.yml +++ b/roles/ansible_service_broker/tasks/install.yml @@ -72,6 +72,12 @@ - apiGroups: ["image.openshift.io", ""] resources: ["images"] verbs: ["get", "list"] + - apiGroups: ["network.openshift.io"] + resources: ["clusternetworks", "netnamespaces"] + verbs: ["get"] + - apiGroups: ["network.openshift.io"] + resources: ["netnamespaces"] + verbs: ["update"] - name: Create asb-access cluster role oc_clusterrole: -- cgit v1.2.3 From e3cf9edff6d0186b09b1a112592f283fab6857d0 Mon Sep 17 00:00:00 2001 From: Michael Gugino Date: Tue, 19 Dec 2017 16:36:47 -0500 Subject: Remove references to deployment_type Move openshift_deployment_type check into sanity_check action plugin. Remove compatibility for deployment_type. deployment_type has been deprecated for some time now. --- roles/ansible_service_broker/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/ansible_service_broker/tasks') diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml index 4ca47d074..ba2f7293b 100644 --- a/roles/ansible_service_broker/tasks/install.yml +++ b/roles/ansible_service_broker/tasks/install.yml @@ -4,7 +4,7 @@ - name: Set default image variables based on deployment type include_vars: "{{ item }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" - name: set ansible_service_broker facts -- cgit v1.2.3 From d11b05456ab1b35708fa23269ec861dd7980923e Mon Sep 17 00:00:00 2001 From: Shawn Hurley Date: Fri, 5 Jan 2018 14:12:45 -0500 Subject: adding ability to add network policy objects. --- roles/ansible_service_broker/tasks/install.yml | 3 +++ 1 file changed, 3 insertions(+) (limited to 'roles/ansible_service_broker/tasks') diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml index 52e20a72e..09f7756d3 100644 --- a/roles/ansible_service_broker/tasks/install.yml +++ b/roles/ansible_service_broker/tasks/install.yml @@ -78,6 +78,9 @@ - apiGroups: ["network.openshift.io"] resources: ["netnamespaces"] verbs: ["update"] + - apiGroups: ["networking.k8s.io"] + resources: ["networkpolicies"] + verbs: ["create", "delete"] - name: Create asb-access cluster role oc_clusterrole: -- cgit v1.2.3 From 63494ced32e54a48181ff988a7ef5f9c6c50d469 Mon Sep 17 00:00:00 2001 From: Shawn Hurley Date: Thu, 11 Jan 2018 16:26:39 -0500 Subject: adding asb auth as a secret. --- roles/ansible_service_broker/tasks/install.yml | 2 ++ 1 file changed, 2 insertions(+) (limited to 'roles/ansible_service_broker/tasks') diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml index 1bc1b5e43..47dac7f48 100644 --- a/roles/ansible_service_broker/tasks/install.yml +++ b/roles/ansible_service_broker/tasks/install.yml @@ -402,6 +402,8 @@ org: {{ ansible_service_broker_registry_organization }} tag: {{ ansible_service_broker_registry_tag }} white_list: {{ ansible_service_broker_registry_whitelist | to_yaml }} + auth_type: secret + auth_name: asb-registry-auth - type: local_openshift name: localregistry namespaces: ['openshift'] -- cgit v1.2.3 From ed2c7ad8e2c00b696094cd20891822454eb02cdb Mon Sep 17 00:00:00 2001 From: Shawn Hurley Date: Tue, 16 Jan 2018 14:00:18 -0500 Subject: adding check if secret auth is needed --- roles/ansible_service_broker/tasks/install.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'roles/ansible_service_broker/tasks') diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml index 47dac7f48..f869b5fae 100644 --- a/roles/ansible_service_broker/tasks/install.yml +++ b/roles/ansible_service_broker/tasks/install.yml @@ -375,6 +375,11 @@ secret: secretName: etcd-auth-secret +- name: set auth name and type facts if needed + set_fact: + ansible_service_broker_registry_auth_type: "secret" + ansible_service_broker_registry_auth_name: "asb-registry-auth" + when: ansible_service_broker_registry_user != "" and ansible_service_broker_registry_password != "" # TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following: - name: Create config map for ansible-service-broker @@ -402,8 +407,8 @@ org: {{ ansible_service_broker_registry_organization }} tag: {{ ansible_service_broker_registry_tag }} white_list: {{ ansible_service_broker_registry_whitelist | to_yaml }} - auth_type: secret - auth_name: asb-registry-auth + auth_type: "{{ ansible_service_broker_registry_auth_type | default("") }}" + auth_name: "{{ ansible_service_broker_registry_auth_name | default("") }}" - type: local_openshift name: localregistry namespaces: ['openshift'] @@ -449,6 +454,7 @@ data: "{{ ansible_service_broker_registry_user }}" - path: password data: "{{ ansible_service_broker_registry_password }}" + when: ansible_service_broker_registry_user != "" and ansible_service_broker_registry_password != "" - name: Create the Broker resource in the catalog oc_obj: -- cgit v1.2.3