add developer as admin to project

playbooks/strategy-start.yml

@@ -3,6 +3,8 @@
   hosts: workstation.lab.example.com
   gather_subset: min
   become: no
+  vars:
+    ge_nsp: deployments-strategy
   tasks:
     - name: Make sure kubeconfig is there on utility
       delegate_to: utility.lab.example.com
@@ -30,13 +32,13 @@
         validate_certs: no
         api_version: v1
         kind: namespace
-        name: deployments-strategy
-      register: ge_nsp
+        name: "{{ ge_nsp }}"
+      register: ge_exists
 
     - name: Fail if the namespace exists
       fail:
-        msg: "The exercise namespace already exists: deployments-strategy; please run strategy-finish.yml to clean up first and then re-run this playbook."
-      when: ge_nsp.resources | length > 0
+        msg: "The exercise namespace already exists: {{ ge_nsp }}; please run strategy-finish.yml to clean up first and then re-run this playbook."
+      when: ge_exists.resources | length > 0
 
     - name: Ensure there is a namespace for the exercise
       k8s:
@@ -44,5 +46,23 @@
         validate_certs: no
         api_version: v1
         kind: namespace
-        name: deployments-strategy
+        name: "{{ ge_nsp }}"
+
+    - name: Give developer admin role in the project
+      k8s:
+        kubeconfig: tmp/kubeconfig-ocp4
+        validate_certs: no
+        api_version: rbac.authorization.k8s.io/v1
+        kind: rolebinding
+        namespace: "{{ ge_nsp }}"
+        name: dev-admin
+        definition:
+          roleRef:
+            apiGroup: rbac.authorization.k8s.io
+            kind: ClusterRole
+            name: admin
+          subjects:
+          - apiGroup: rbac.authorization.k8s.io
+            kind: User
+            name: developer