From 21a0370365dd63d11e8b94a4fee2e21c554b55d9 Mon Sep 17 00:00:00 2001
From: Ryan Lerch <rlerch@redhat.com>
Date: Mon, 11 Sep 2023 13:53:02 +1000
Subject: [PATCH] maubot: configure fedora messaging

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
---
 playbooks/openshift-apps/maubot.yml           | 20 ++++++++++++++++++-
 .../maubot/files/deploymentconfig.yml         |  6 ++++++
 .../maubot/templates/configmap.yml            | 10 ++++++++++
 3 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/playbooks/openshift-apps/maubot.yml b/playbooks/openshift-apps/maubot.yml
index 5a75c5fd3f..36f5794152 100644
--- a/playbooks/openshift-apps/maubot.yml
+++ b/playbooks/openshift-apps/maubot.yml
@@ -32,7 +32,7 @@
 
   roles:
   - role: rabbit/user
-    username: "zodbot-{{ env_short }}"
+    username: "maubot{{ env_suffix }}"
     sent_topics: ^org\.fedoraproject\.{{ env_short }}\.meetbot\..*
 
   - role: openshift/project
@@ -77,6 +77,24 @@
     template: configmap.yml
     objectname: configmap.yml
 
+  - role: openshift/secret-file
+    app: maubot
+    secret_name: maubot-fedora-messaging-key
+    key: maubot.key
+    privatefile: "rabbitmq/{{env}}/pki/private/maubot{{env_suffix}}.key"
+
+  - role: openshift/secret-file
+    app: maubot
+    secret_name: maubot-fedora-messaging-crt
+    key: maubot.crt
+    privatefile: "rabbitmq/{{env}}/pki/issued/maubot{{env_suffix}}.crt"
+
+  - role: openshift/secret-file
+    app: maubot
+    secret_name: maubot-fedora-messaging-ca
+    key: maubot.ca
+    privatefile: "rabbitmq/{{env}}/pki/ca.crt"
+
   - role: openshift/start-build
     app: maubot
     buildname: maubot-build
diff --git a/roles/openshift-apps/maubot/files/deploymentconfig.yml b/roles/openshift-apps/maubot/files/deploymentconfig.yml
index bd7fa2fd8d..fe5de13742 100644
--- a/roles/openshift-apps/maubot/files/deploymentconfig.yml
+++ b/roles/openshift-apps/maubot/files/deploymentconfig.yml
@@ -36,6 +36,9 @@ spec:
             - name: keytab-volume
               mountPath: /etc/keytabs
               readOnly: true
+            - name: fedora-messaging-config-volume
+              mountPath: /etc/fedora-messaging/
+              readOnly: true
           readinessProbe:
             timeoutSeconds: 1
             initialDelaySeconds: 5
@@ -64,6 +67,9 @@ spec:
         - name: keytab-volume
           secret:
             secretName: maubot-keytab
+        - name: fedora-messaging-config-volume
+          configMap:
+            name: fedora-messaging-configmap
   triggers:
   - type: ImageChange
     imageChangeParams:
diff --git a/roles/openshift-apps/maubot/templates/configmap.yml b/roles/openshift-apps/maubot/templates/configmap.yml
index 9fef7b3b44..e93d7ff12b 100644
--- a/roles/openshift-apps/maubot/templates/configmap.yml
+++ b/roles/openshift-apps/maubot/templates/configmap.yml
@@ -13,3 +13,13 @@ items:
   data:
     config.yml: |-
       {{ load_file('config.yml') | indent(6) }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: fedora-messaging-configmap
+  labels:
+    app: maubot
+data:
+  config.toml: |-
+    {{ load_file('config.toml') | indent }}