From ee273f2a58032076a26ab0d164c4d8b87bd2233e Mon Sep 17 00:00:00 2001
From: Dusty Mabe <dusty@dustymabe.com>
Date: Wed, 7 Aug 2019 11:11:29 -0400
Subject: [PATCH] openshift-apps/coreos-koji-tagger: add in infra krb5.conf

This is required when running kerberos operations inside of fedora's
infrastructure.
---
 playbooks/openshift-apps/coreos-koji-tagger.yml          | 6 ++++++
 .../coreos-koji-tagger/templates/configmap.yml           | 9 +++++++++
 .../coreos-koji-tagger/templates/deploymentconfig.yml    | 7 +++++++
 3 files changed, 22 insertions(+)
 create mode 100644 roles/openshift-apps/coreos-koji-tagger/templates/configmap.yml

diff --git a/playbooks/openshift-apps/coreos-koji-tagger.yml b/playbooks/openshift-apps/coreos-koji-tagger.yml
index ef62183f42..3654db0c87 100644
--- a/playbooks/openshift-apps/coreos-koji-tagger.yml
+++ b/playbooks/openshift-apps/coreos-koji-tagger.yml
@@ -26,6 +26,12 @@
     service: coreos-koji-tagger
     host: "coreos-koji-tagger{{ env_suffix }}.fedoraproject.org"
 
+# Copy in a kerberos config that is unique to fedora infra
+  - role: openshift/object
+    app: coreos-koji-tagger
+    template: configmap.yml
+    objectname: configmap.yml
+
   - role: openshift/object
     app: coreos-koji-tagger
     template: imagestream.yml
diff --git a/roles/openshift-apps/coreos-koji-tagger/templates/configmap.yml b/roles/openshift-apps/coreos-koji-tagger/templates/configmap.yml
new file mode 100644
index 0000000000..f8b15bb7c1
--- /dev/null
+++ b/roles/openshift-apps/coreos-koji-tagger/templates/configmap.yml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coreos-koji-tagger-krb5-conf
+  labels:
+    app: coreos-koji-tagger
+data:
+  krb5.conf: |-
+    {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }}
diff --git a/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml b/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml
index 77041aacc5..f0477844a6 100644
--- a/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml
+++ b/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml
@@ -32,6 +32,10 @@ spec:
         - name: coreos-koji-tagger-keytab-volume
           mountPath: /etc/coreos-koji-tagger-keytab
           readOnly: true
+        - name: coreos-koji-tagger-krb5-conf-volume
+          mountPath: /etc/krb5.conf
+          subPath: krb5.conf
+          readOnly: true
         image: ""
         imagePullPolicy: IfNotPresent
         name: coreos-koji-tagger
@@ -41,6 +45,9 @@ spec:
         secret:
           secretName: coreos-koji-tagger-keytab
           optional: true
+      - name: coreos-koji-tagger-krb5-conf-volume
+        configMap:
+          name: coreos-koji-tagger-krb5-conf
       restartPolicy: Always
   test: false
   triggers: