openscanhub: add private key for aws

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
2024-03-12 16:53:06 +01:00 · 2024-03-12 16:53:06 +01:00 · 28d3c54056
commit 28d3c54056
parent 9383cc201b
3 changed files with 18 additions and 0 deletions
--- a/playbooks/openshift-apps/openscanhub.yml
+++ b/playbooks/openshift-apps/openscanhub.yml
@ -107,6 +107,11 @@
    template: aws-credentials-configmap.yml
    objectname: aws-credentials-configmap
    when: env == "staging"
+  - role: openshift/object
+    app: openscanhub
+    template: aws-openscanhub-key.yml
+    objectname: aws-openscanhub-key
+    when: env == "staging"
  - role: openshift/object
    app: openscanhub
    file: deployment-resalloc-server.yml
--- a/roles/openshift-apps/openscanhub/files/deployment-resalloc-server.yml
+++ b/roles/openshift-apps/openscanhub/files/deployment-resalloc-server.yml
@ -62,6 +62,8 @@ spec:
          - mountPath: /var/lib/resallocserver/.aws/credentials
            name: aws-credentials-configmap
            subPath: credentials
+          - mountPath: /var/lib/resallocserver/.ssh/id_rsa
+            name: aws-openscanhub-key
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
@ -77,3 +79,7 @@ spec:
        - name: aws-credentials-configmap
          configMap:
            name: aws-credentials-config
+        - name: aws-openscanhub-key
+          secret:
+            defaultMode: 400
+            secretName: aws-openscanhub-key
--- a/roles/openshift-apps/openscanhub/templates/aws-openscanhub-key.yml
+++ b/roles/openshift-apps/openscanhub/templates/aws-openscanhub-key.yml
@ -0,0 +1,7 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: aws-openscanhub-key
+data:
+  aws-openscanhub-key: {{ lookup('file', private+'/files/openscanhub/openscanhub.key') | b64encode }}