---
|
|
- name: "Remove user {{ ocp_username }} from groups {{ ocp_user_groups }} to disable creating projects"
|
command: "oc adm groups remove-users {{ item }} {{ ocp_username }}"
|
loop: "{{ ocp_user_groups }}"
|
when:
|
- ocp_username is defined
|
- ocp_user_groups | default([]) | length > 0
|
|
- name: Remove ClusterResourceQuota and remove access to Grading Jenkins
|
k8s:
|
state: absent
|
definition: "{{ lookup('template', item ) | from_yaml }}"
|
loop:
|
- ./templates/cluster_resource_quota.j2
|
- ./templates/jenkins_role_binding.j2
|
|
- name: "Find all projects for user {{ ocp_username }}"
|
k8s_facts:
|
api_version: project.openshift.io/v1
|
kind: Project
|
register: r_projects
|
|
- name: "Remove user {{ ocp_username }}'s Projects"
|
k8s:
|
state: absent
|
api_version: project.openshift.io/v1
|
kind: Project
|
name: "{{ item.metadata.name }}"
|
when:
|
- item.metadata.annotations['openshift.io/requester'] is defined
|
- item.metadata.annotations['openshift.io/requester'] == ocp_username
|
- item.status.phase is defined
|
- item.status.phase != "Terminating"
|
loop: "{{ r_projects.resources }}"
|
|
# Leave this as the last task in the playbook.
|
- name: remove_workload tasks complete
|
debug:
|
msg: "Remove Workload tasks completed successfully."
|
when: not silent|bool
|
