Fixed Automation Broker Role
1 files added
2 files modified
| | |
| | | - ./templates/automation_broker.j2 |
| | | |
| | | - name: Grant Automation Broker Service Account cluster-admin |
| | | command: "oc adm policy add-cluster-role-to-user cluster-admin system:serviceaccount:{{ broker_project }}:ansible-service-broker" |
| | | k8s: |
| | | state: present |
| | | definition: "{{ lookup('template', './templates/cluster_role_binding.j2' ) | from_yaml }}" |
| | | |
| | | # Leave this as the last task in the playbook. |
| | | - name: workload tasks complete |
New file |
| | |
| | | kind: ClusterRoleBinding |
| | | apiVersion: rbac.authorization.k8s.io/v1 |
| | | metadata: |
| | | name: automation-broker-binding |
| | | subjects: |
| | | - kind: ServiceAccount |
| | | name: ansible-service-broker |
| | | namespace: "{{ _broker_project }}" |
| | | roleRef: |
| | | kind: ClusterRole |
| | | name: cluster-admin |
| | | apiGroup: rbac.authorization.k8s.io |
| | |
| | | channel: alpha |
| | | installPlanApproval: Automatic |
| | | name: automationbroker |
| | | source: installed-community-automation-broker |
| | | source: installed-community-openshift-automation-broker |
| | | sourceNamespace: "{{ _broker_project }}" |
| | | startingCSV: "{{ _broker_subscription_csv }}" |