communishift: Add task to create namespace for communishift authorization operator
Create IPA keytab for communishift authorization operator Signed-off-by: David Kirwan <dkirwan@redhat.com> Signed-off-by: Lenka Segura <lsegura@redhat.com> Signed-off-by: Patrik Polakovic <ppolakov@redhat.com>
This commit is contained in:
David Kirwan
parent
a60f3caa8a
commit
d9fa6611ae
3 changed files with 51 additions and 1 deletions
|
|
@ -9,6 +9,13 @@
|
||||||
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
|
- name: Communishift Role
|
||||||
|
include_role:
|
||||||
|
name: communishift
|
||||||
|
tasks_from: administration-tasks
|
||||||
|
apply:
|
||||||
|
tags:
|
||||||
|
- deploy-operators
|
||||||
- name: Communishift Role
|
- name: Communishift Role
|
||||||
with_items: "{{ communishift_projects }}"
|
with_items: "{{ communishift_projects }}"
|
||||||
include_role:
|
include_role:
|
||||||
|
|
@ -22,6 +29,5 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: outer_item
|
loop_var: outer_item
|
||||||
vars:
|
vars:
|
||||||
ansible_python_interpreter: "/usr/bin/python"
|
|
||||||
communishift_projects:
|
communishift_projects:
|
||||||
- communishift-dev-test
|
- communishift-dev-test
|
||||||
|
|
|
||||||
2
roles/communishift/tasks/administration-tasks.yml
Normal file
2
roles/communishift/tasks/administration-tasks.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
- include_tasks: deploy-communishift-authorization-operator.yml
|
||||||
|
|
@ -0,0 +1,42 @@
|
||||||
|
---
|
||||||
|
- name: Create the CommunishiftAuthorization operator k8s namespace
|
||||||
|
community.okd.k8s:
|
||||||
|
api_key: "{{ communishift_ocp_api_token }}"
|
||||||
|
host: "{{ communishift_ocp_api_host }}"
|
||||||
|
name: "communishift-authorization-operator"
|
||||||
|
api_version: v1
|
||||||
|
kind: Namespace
|
||||||
|
state: present
|
||||||
|
tags:
|
||||||
|
- deploy-operators
|
||||||
|
|
||||||
|
|
||||||
|
- name: Acquire a keytab
|
||||||
|
include_role:
|
||||||
|
name: keytab/service
|
||||||
|
vars:
|
||||||
|
kt_location: "/etc/openshift_apps/communishift-authorization/communishift-authorization-operator-keytab.kt"
|
||||||
|
service: "communishift-authorization-operator"
|
||||||
|
host: "{{ communishift_ocp_api_host }}"
|
||||||
|
tags:
|
||||||
|
- deploy-operators
|
||||||
|
|
||||||
|
|
||||||
|
- name: Create the CommunishiftAuthorization operator k8s Secret
|
||||||
|
community.okd.k8s:
|
||||||
|
api_key: "{{ communishift_ocp_api_token }}"
|
||||||
|
host: "{{ communishift_ocp_api_host }}"
|
||||||
|
state: present
|
||||||
|
definition:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: "communishift-keytab-secret"
|
||||||
|
namespace: "communishift-authorization-operator"
|
||||||
|
data:
|
||||||
|
communishift-authorization-keytab: "{{ communishift_authorization_keytab_file | b64encode }}"
|
||||||
|
vars:
|
||||||
|
communishift_authorization_keytab_file: "{{ lookup('file', '/etc/openshift_apps/communishift-authorization/communishift-authorization-operator-keytab.kt') }}"
|
||||||
|
tags:
|
||||||
|
- deploy-operators
|
||||||
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue