From 524b07800a26ca10e93520a8e3b0494ba0b60875 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Kalu=C5=BEa?= <jkaluza@redhat.com>
Date: Mon, 11 Dec 2017 10:43:38 +0000
Subject: [PATCH] Move ODCS kerberos configuration from koji conf to odcs conf.

---
 roles/odcs/backend/templates/etc/koji.conf.d/odcs.conf.j2 | 4 ----
 roles/odcs/base/templates/etc/odcs/config.py.j2           | 8 ++++++++
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/roles/odcs/backend/templates/etc/koji.conf.d/odcs.conf.j2 b/roles/odcs/backend/templates/etc/koji.conf.d/odcs.conf.j2
index 67a5f233c7..a2e2d27287 100644
--- a/roles/odcs/backend/templates/etc/koji.conf.d/odcs.conf.j2
+++ b/roles/odcs/backend/templates/etc/koji.conf.d/odcs.conf.j2
@@ -4,8 +4,6 @@ weburl = https://koji.fedoraproject.org/koji
 topurl = https://kojipkgs.fedoraproject.org/
 authtype = kerberos
 krb_rdns = false
-principal = odcs/odcs.fedoraproject.org@FEDORAPROJECT.ORG
-keytab = /etc/krb5.odcs_odcs{{env_suffix}}.fedoraproject.org.keytab
 
 [stg]
 server = https://koji.stg.fedoraproject.org/kojihub
@@ -13,6 +11,4 @@ weburl = https://koji.stg.fedoraproject.org/koji
 topurl = https://kojipkgs.stg.fedoraproject.org/
 authtype = kerberos
 krb_rdns = false
-principal = odcs/odcs.stg.fedoraproject.org@STG.FEDORAPROJECT.ORG
-keytab = /etc/krb5.odcs_odcs{{env_suffix}}.fedoraproject.org.keytab
 
diff --git a/roles/odcs/base/templates/etc/odcs/config.py.j2 b/roles/odcs/base/templates/etc/odcs/config.py.j2
index bb18b884fe..f0782f4f8a 100644
--- a/roles/odcs/base/templates/etc/odcs/config.py.j2
+++ b/roles/odcs/base/templates/etc/odcs/config.py.j2
@@ -75,6 +75,9 @@ class ProdConfiguration(BaseConfiguration):
     KOJI_PROFILE = 'stg'
 
     PDC_URL = 'https://pdc.stg.fedoraproject.org/rest_api/v1'
+
+    KRB_PRINCIPAL = odcs/odcs.stg.fedoraproject.org@STG.FEDORAPROJECT.ORG
+
 {% else %}
     AUTH_OPENIDC_USERINFO_URI = 'https://id.fedoraproject.org/openidc/UserInfo'
     SECRET_KEY = "{{ odcs_prod_secret_key }}"
@@ -84,10 +87,15 @@ class ProdConfiguration(BaseConfiguration):
     KOJI_PROFILE = 'production'
 
     PDC_URL = 'https://pdc.fedoraproject.org/rest_api/v1'
+
+    KRB_PRINCIPAL = odcs/odcs.stg.fedoraproject.org@STG.FEDORAPROJECT.ORG
 {% endif %}
     PDC_INSECURE = {{ odcs_pdc_insecure }}
     PDC_DEVELOP = {{ odcs_pdc_develop }}
 
+    KRB_KEYTAB = /etc/krb5.odcs_odcs{{env_suffix}}.fedoraproject.org.keytab
+    KRB_CCACHE = None
+
     TARGET_DIR = "{{ odcs_target_dir }}"
     TARGET_DIR_URL = "{{ odcs_target_dir_url }}"