From c8ede853ffdfc3607598489cb56a5f13bd7fb0a9 Mon Sep 17 00:00:00 2001
From: Clement Verna <cverna@tutanota.com>
Date: Mon, 9 Apr 2018 20:42:26 +0200
Subject: [PATCH] Use the service account koji token in buildvm to authenticate

Signed-off-by: Clement Verna <cverna@tutanota.com>
---
 playbooks/groups/buildvm.yml | 2 ++
 tasks/osbs_koji_token.yml    | 9 +++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 tasks/osbs_koji_token.yml

diff --git a/playbooks/groups/buildvm.yml b/playbooks/groups/buildvm.yml
index 566e5d817c..7e51e1a70e 100644
--- a/playbooks/groups/buildvm.yml
+++ b/playbooks/groups/buildvm.yml
@@ -75,6 +75,7 @@
   pre_tasks:
   - import_tasks: "{{ tasks_path }}/osbs_certs.yml"
   - import_tasks: "{{ tasks_path }}/osbs_repos.yml"
+  - import_tasks: "{{ tasks_path }}/osbs_koji_token.yml"
 
   roles:
   - {
@@ -111,6 +112,7 @@
           reactor_config_secret: 'reactor_config_secret',
           koji_certs_secret: 'kojisecret',
           token_secrets: 'x86-64-osbs:/var/run/secrets/atomic-reactor/x86-64-osbs',
+          token_file: '/etc/osbs/x86-64-osbs-stg-koji',
           namespace: 'osbs-fedora',
           can_orchestrate: true
         }
diff --git a/tasks/osbs_koji_token.yml b/tasks/osbs_koji_token.yml
new file mode 100644
index 0000000000..1d03af2774
--- /dev/null
+++ b/tasks/osbs_koji_token.yml
@@ -0,0 +1,9 @@
+---
+
+- name: put the koji token file in place
+  copy:
+    src: "{{ private }}/files/osbs/{{ env }}/x86-64-osbs-stg-koji"
+    dest: "/etc/osbs/x86-64-osbs-stg-koji"
+    owner: root
+    mode: 0400
+  when: env == "staging"