fas: Add yubikey dc bc and svc

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>

roles/openshift-apps/fas/files/service-yubikey.yml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: yubikey
+  labels:
+    app: fas
+    service: yubikey
+  namespace: fas
+spec:
+  ports:
+    - name: web
+      port: 8080
+      targetPort: 8080
+  selector:
+    deploymentconfig: yubikey

roles/openshift-apps/fas/templates/buildconfig-yubikey.yml

@@ -0,0 +1,39 @@
+apiVersion: v1
+kind: BuildConfig
+metadata:
+  labels:
+    build: yubikey
+  name: yubikey
+spec:
+  runPolicy: Serial
+  source:
+    dockerfile: |-
+      FROM registry.access.redhat.com/rhel6
+      RUN curl -o /etc/yum.repos.d/rhel6.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/rhel6.repo && \
+          curl -o /etc/yum.repos.d/epel6.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/epel6.repo && \
+{% if env == "staging" %}
+          curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/rhel-infra-tags-stg.repo && \
+{% endif %}
+          curl -o /etc/yum.repos.d/infra-tags.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/rhel-infra-tags.repo
+
+      RUN yum install -y \
+          httpd \
+          yubikey-ksm \
+          yubikey-val \
+          php-pgsql
+
+      # Set up config symlinks
+      RUN rm -f /usr/share/ykval/ykval-config.php && \
+        rm -f /usr/share/ykksm/ykksm-config.php && \
+        ln -sf /etc/ykksm/ykksm-config.php /usr/share/ykksm/ykksm-config.php && \
+        ln -sf /etc/ykval/ykval-config.php /usr/share/ykval/ykval-config.php
+
+      EXPOSE 8080
+      ENTRYPOINT bash /etc/yubikey/start.sh
+    type: Dockerfile
+  strategy:
+    type: Docker
+  output:
+    to:
+      kind: ImageStreamTag
+      name: yubikey:latest

roles/openshift-apps/fas/templates/deploymentconfig-yubikey.yml

@@ -0,0 +1,69 @@
+apiVersion: v1
+kind: DeploymentConfig
+metadata:
+  labels:
+    app: fas
+    service: yubikey
+  name: yubikey
+spec:
+  replicas: 1
+  selector:
+    deploymentconfig: yubikey
+  strategy:
+    activeDeadlineSeconds: 21600
+    recreateParams:
+      timeoutSeconds: 600
+    resources: {}
+    rollingParams:
+      intervalSeconds: 1
+      maxSurge: 25%
+      maxUnavailable: 25%
+      timeoutSeconds: 600
+      updatePeriodSeconds: 1
+    type: Rolling
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: fas
+        deploymentconfig: yubikey
+    spec:
+      containers:
+      - name: yubikey
+        image: yubikey:latest
+        ports:
+        - containerPort: 8080
+        volumeMounts:
+        - name: config-volume
+          mountPath: /etc/yubikey
+          readOnly: true
+        - name: httpdir-volume
+          mountPath: /httpdir
+        readinessProbe:
+          timeoutSeconds: 5
+          initialDelaySeconds: 1
+          httpGet:
+            path: /
+            port: 8080
+        livenessProbe:
+          timeoutSeconds: 5
+          initialDelaySeconds: 1
+          httpGet:
+            path: /
+            port: 8080
+      volumes:
+      - name: config-volume
+        configMap:
+          name: yubikey
+        emptyDir: {}
+  triggers:
+  - imageChangeParams:
+      automatic: true
+      containerNames:
+      - yubikey
+      from:
+        kind: ImageStreamTag
+        name: yubikey:latest
+        namespace: fas
+    type: ImageChange
+  - type: ConfigChange