External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-05 03:24:55 -03:30
Code Issues Packages Projects Releases Wiki Activity

Template out known_users.csv, optionally add groups

Browse Source
This commit is contained in:
Dann Bohn
2017-07-14 09:27:20 -04:00
parent 637f445c3f
commit d1f58fed4c
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/kubernetes/secrets/tasks/main.yml
View File

@@ -27,12 +27,10 @@
group: "{{ kube_cert_group }}"
- name: Populate users for basic auth in API
lineinfile:
template:
src: known_users.csv.j2
dest: "{{ kube_users_dir }}/known_users.csv"
create: yes
line: '{{ item.value.pass }},{{ item.key }},{{ item.value.role }}'
backup: yes
with_dict: "{{ kube_users }}"
when: inventory_hostname in "{{ groups['kube-master'] }}" and kube_basic_auth|default(true)
notify: set secret_changed

3
roles/kubernetes/secrets/templates/known_users.csv.j2 Normal file
View File

@@ -0,0 +1,3 @@
{% for user in kube_users %}
{{kube_users[user].pass}},{{user}},{{kube_users[user].role}}{% if kube_users[user].groups is defined %},{% set groups_csv = kube_users[user].groups|join(',') -%}"{{groups_csv}}"{% endif %}
{% endfor %}