Adjust the secret-file role to work with OCP4

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

playbooks/openshift-apps/bodhi.yml

@@ -77,21 +77,25 @@
     secret_name: bodhi-keytab
     service: bodhi
     host: "bodhi{{ env_suffix }}.fedoraproject.org"
+    ocp4: true
   - role: openshift/secret-file
     app: bodhi
     secret_name: bodhi-fedora-messaging-ca
     key: cacert.pem
     privatefile: "rabbitmq/{{env}}/pki/ca.crt"
+    ocp4: true
   - role: openshift/secret-file
     app: bodhi
     secret_name: bodhi-fedora-messaging-crt
     key: bodhi-cert.pem
     privatefile: "rabbitmq/{{env}}/pki/issued/bodhi{{env_suffix}}.crt"
+    ocp4: true
   - role: openshift/secret-file
     app: bodhi
     secret_name: bodhi-fedora-messaging-key
     key: bodhi-key.pem
     privatefile: "rabbitmq/{{env}}/pki/private/bodhi{{env_suffix}}.key"
+    ocp4: true
   - role: openshift/object
     app: bodhi
     template: imagestreams-tagged.yml

roles/openshift/secret-file/defaults/main.yml

@@ -1 +1,2 @@
 os_app: "{{app}}"
+ocp4: false

roles/openshift/secret-file/tasks/main.yml

@@ -23,4 +23,9 @@
 - name: Call `oc secrets new` on the copied file
   shell: oc -n {{os_app}} secrets new {{secret_name}} {{key}}=/etc/openshift_apps/{{os_app}}/{{key}}
   register: create_out
-  when: secret_template.changed or secret_file.changed or secret_privatefile.changed
+  when: not ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)
+
+- name: Call `oc create secret generic` on the copied file
+  shell: oc -n {{os_app}} create secret generic {{secret_name}} --from-file={{key}}=/etc/openshift_apps/{{os_app}}/{{key}}
+  register: create_out
+  when: ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)