set up a clusterRole tower-resource-operator when the ansible job operator is installed. The clusterRole will be used by the ansible job operator and Ansible k8s runner job as well. Notice the clusterRole will be installed along with the ansilbe job operator CSV bundle.
Make ansible job operator cluster scopoed - watching all namespaces ansible job CRs.
Support to create Ansible job CR in any namespace, not only in ansible job operator namespace. This is done by dynamically creating a service account tower-resource-operator and a rolebinding in the same namespace to link to the opetaor clusterRole tower-resource-operator when the Ansible k8s runner job is created. The service account will be as the Ansible k8s runner job user.
Without the role/rolebinding, the Ansible k8s runner job will fail if it is ouside of the ansible job operator namespace
Othere misc changes
align individual yaml resources to the unified tower-resource-operator.yaml,
Signed-off-by: Xiangjing Li xiangli@redhat.com
set up a clusterRole
tower-resource-operatorwhen the ansible job operator is installed. The clusterRole will be used by the ansible job operator and Ansible k8s runner job as well. Notice the clusterRole will be installed along with the ansilbe job operator CSV bundle.Make ansible job operator cluster scopoed - watching all namespaces ansible job CRs.
Support to create Ansible job CR in any namespace, not only in ansible job operator namespace. This is done by dynamically creating a service account
tower-resource-operatorand a rolebinding in the same namespace to link to the opetaor clusterRoletower-resource-operatorwhen the Ansible k8s runner job is created. The service account will be as the Ansible k8s runner job user.Without the role/rolebinding, the Ansible k8s runner job will fail if it is ouside of the ansible job operator namespace