diff --git a/playbooks/openshift-apps/resultsdb-ci-listener.yml b/playbooks/openshift-apps/resultsdb-ci-listener.yml index a952c23fd4..c5c9f10e6e 100644 --- a/playbooks/openshift-apps/resultsdb-ci-listener.yml +++ b/playbooks/openshift-apps/resultsdb-ci-listener.yml @@ -48,6 +48,11 @@ key: resultsdb-ci-listener.ca privatefile: "rabbitmq/{{env}}/pki/ca.crt" + - role: openshift/object + app: resultsdb-ci-listener + template: secrets.yml + objectname: secrets.yml + - role: openshift/object app: resultsdb-ci-listener template: configmaps.yml diff --git a/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml b/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml index a85b8b0c24..8ae890de49 100644 --- a/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml +++ b/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml @@ -21,6 +21,9 @@ spec: imagePullPolicy: Always ports: - containerPort: 5001 + envFrom: + - secretRef: + name: resultsdb-ci-listener-auth volumeMounts: - name: config-volume mountPath: /etc/ci-resultsdb-listener diff --git a/roles/openshift-apps/resultsdb-ci-listener/templates/secrets.yml b/roles/openshift-apps/resultsdb-ci-listener/templates/secrets.yml new file mode 100644 index 0000000000..ea5a39dc53 --- /dev/null +++ b/roles/openshift-apps/resultsdb-ci-listener/templates/secrets.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + name: resultsdb-ci-listener-auth + labels: + app: resultsdb-ci-listener +data: +{% if env == 'staging' %} + RESULTSDB_AUTH_BASIC_USERNAME: {{ stg_resultsdb_httpd_user | b64encode }} + RESULTSDB_AUTH_BASIC_PASSWORD: {{ stg_resultsdb_httpd_password | b64encode }} +{% else %} + RESULTSDB_AUTH_BASIC_USERNAME: {{ prod_resultsdb_httpd_user | b64encode }} + RESULTSDB_AUTH_BASIC_PASSWORD: {{ prod_resultsdb_httpd_password | b64encode }} +{% endif %}