diff --git a/playbooks/openshift-apps/waiverdb.yml b/playbooks/openshift-apps/waiverdb.yml index e8092361b7..375fe5d2b4 100644 --- a/playbooks/openshift-apps/waiverdb.yml +++ b/playbooks/openshift-apps/waiverdb.yml @@ -11,12 +11,12 @@ roles: - { role: openshift/object, app: waiverdb, template: project.yml, description: waiverdb } - { role: openshift/object, app: waiverdb, template: secret.yml } - - { role: openshift/secret-file - , app: waiverdb - , secret_name: waiverdb-stg-secret - , key: client_secrets.json - , template: client_secrets.json - } + #- { role: openshift/secret-file + # , app: waiverdb + # , secret_name: waiverdb-stg-secret + # , key: client_secrets.json + # , template: client_secrets.json + # } - { role: openshift/object, app: waiverdb, file: imagestream.yml } - { role: openshift/object, app: waiverdb, template: configmap.yml } - { role: openshift/object, app: waiverdb, file: service.yml } diff --git a/roles/openshift-apps/waiverdb/templates/secret.yml b/roles/openshift-apps/waiverdb/templates/secret.yml index 1739f6ed46..da46756538 100644 --- a/roles/openshift-apps/waiverdb/templates/secret.yml +++ b/roles/openshift-apps/waiverdb/templates/secret.yml @@ -7,3 +7,14 @@ metadata: stringData: flask-secret-key: "{{stg_waiverdb_secret_key}}" database-password: "{{stg_waiverdb_db_password}}" + # This is the same non-secret config we have committed + # as conf/client_secrets.json for using in dev environments. + client_secrets.json: |- + {"web": { + "redirect_uris": ["https://waiverdb-waiverdb.app.os.stg.fedoraproject.org/"], + "token_uri": "https://iddev.fedorainfracloud.org/openidc/Token", + "auth_uri": "https://iddev.fedorainfracloud.org/openidc/Authorization", + "client_id": "D-e69a1ac7-30fa-4d18-9001-7468c4f34c3c", + "client_secret": "qgz8Bzjg6nO7JWCXoB0o8L49KfI5atLF", + "userinfo_uri": "https://iddev.fedorainfracloud.org/openidc/UserInfo", + "token_introspection_uri": "https://iddev.fedorainfracloud.org/openidc/TokenInfo"}}