make certs for push-docker role more restricted access

Signed-off-by: Adam Miller <admiller@redhat.com>

roles/push-docker/tasks/main.yml

@@ -13,11 +13,15 @@
   copy:
     src: "{{private}}/files/koji/{{docker_cert_name}}.cert.pem"
     dest: "{{docker_cert_dir}}/client.cert"
+    owner: root
+    mode: 0600
 
 - name: install docker client key for registry
   copy:
     src: "{{private}}/files/koji/{{docker_cert_name}}.key.pem"
     dest: "{{docker_cert_dir}}/client.key"
+    owner: root
+    mode: 0600
 
 - name: start and enable docker
   service: name=docker state=started enabled=yes