summaryrefslogtreecommitdiffstats
path: root/roles/openshift_hosted/tasks
diff options
context:
space:
mode:
authorJan Chaloupka <jchaloup@redhat.com>2017-02-11 10:06:42 +0100
committerGitHub <noreply@github.com>2017-02-11 10:06:42 +0100
commit9d25cb0280664f8bdef6247c8dc13520c90756da (patch)
treedd4d1022288e0d2f8ef805459230a724a3b49ca5 /roles/openshift_hosted/tasks
parent7c948bc637480e6d292b8af18b7a4c90b71d747c (diff)
parentb0f065dde8ddf14a8712a769152e63faea6688a3 (diff)
downloadopenshift-9d25cb0280664f8bdef6247c8dc13520c90756da.tar.gz
openshift-9d25cb0280664f8bdef6247c8dc13520c90756da.tar.bz2
openshift-9d25cb0280664f8bdef6247c8dc13520c90756da.tar.xz
openshift-9d25cb0280664f8bdef6247c8dc13520c90756da.zip
Merge pull request #3307 from ingvagabund/oc_serviceaccount_secret
Replace service account secrets handling with oc_serviceaccount_secret module
Diffstat (limited to 'roles/openshift_hosted/tasks')
-rw-r--r--roles/openshift_hosted/tasks/registry/secure.yml10
-rw-r--r--roles/openshift_hosted/tasks/registry/storage/object_storage.yml22
2 files changed, 12 insertions, 20 deletions
diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml
index d87a3847c..84b69d94c 100644
--- a/roles/openshift_hosted/tasks/registry/secure.yml
+++ b/roles/openshift_hosted/tasks/registry/secure.yml
@@ -54,10 +54,12 @@
failed_when: "'already exists' not in create_registry_certificates_secret.stderr and create_registry_certificates_secret.rc != 0"
- name: "Add the secret to the registry's pod service accounts"
- command: >
- {{ openshift.common.client_binary }} secrets add {{ item }} registry-certificates
- --config={{ openshift_hosted_kubeconfig }}
- -n default
+ oc_serviceaccount_secret:
+ service_account: "{{ item }}"
+ secret: registry-certificates
+ namespace: default
+ kubeconfig: "{{ openshift_hosted_kubeconfig }}"
+ state: present
with_items:
- registry
- default
diff --git a/roles/openshift_hosted/tasks/registry/storage/object_storage.yml b/roles/openshift_hosted/tasks/registry/storage/object_storage.yml
index e56a68e27..15128784e 100644
--- a/roles/openshift_hosted/tasks/registry/storage/object_storage.yml
+++ b/roles/openshift_hosted/tasks/registry/storage/object_storage.yml
@@ -53,23 +53,13 @@
create -f -
when: secrets.rc == 1
-- name: Determine if service account contains secrets
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_kubeconfig }}
- --namespace={{ openshift.hosted.registry.namespace | default('default') }}
- get serviceaccounts registry
- -o jsonpath='{.secrets[?(@.name=="{{ registry_config_secret_name }}")].name}'
- register: serviceaccount
- changed_when: false
-
- name: Add secrets to registry service account
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_kubeconfig }}
- --namespace={{ openshift.hosted.registry.namespace | default('default') }}
- secrets add serviceaccount/registry secrets/{{ registry_config_secret_name }}
- when: serviceaccount.stdout == ''
+ oc_serviceaccount_secret:
+ service_account: registry
+ secret: "{{ registry_config_secret_name }}"
+ namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
+ kubeconfig: "{{ openshift_hosted_kubeconfig }}"
+ state: present
- name: Determine if deployment config contains secrets
command: >
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 03:04:51 +0000