From cdda307297af61461a809f913053bff3e7158325 Mon Sep 17 00:00:00 2001 From: Mikolaj Izdebski Date: Mon, 3 Jun 2019 14:51:56 +0200 Subject: [PATCH] message-tagging-service: Add Kerberos keytab --- playbooks/openshift-apps/message-tagging-service.yml | 6 ++++++ .../message-tagging-service/templates/deployment.yml | 11 +++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/playbooks/openshift-apps/message-tagging-service.yml b/playbooks/openshift-apps/message-tagging-service.yml index 0acbef6aed..aa97d2028d 100644 --- a/playbooks/openshift-apps/message-tagging-service.yml +++ b/playbooks/openshift-apps/message-tagging-service.yml @@ -13,6 +13,12 @@ roles: - openshift/project + - role: openshift/keytab + secret_name: keytab + key: krb5.keytab + service: message-tagging-service + host: "message-tagging-service{{ env_suffix }}.fedoraproject.org" + tasks: - name: Apply objects include_role: name=openshift/object diff --git a/roles/openshift-apps/message-tagging-service/templates/deployment.yml b/roles/openshift-apps/message-tagging-service/templates/deployment.yml index 827b8ec518..2b8240f6a7 100644 --- a/roles/openshift-apps/message-tagging-service/templates/deployment.yml +++ b/roles/openshift-apps/message-tagging-service/templates/deployment.yml @@ -21,10 +21,14 @@ spec: image: quay.io/factory2/message-tagging-service:{{quay_tag}} ports: - containerPort: 8080 -# volumeMounts: + volumeMounts: # - name: config # mountPath: /etc/mts # readOnly: true + - name: keytab + mountPath: /etc/krb5.keytab + subPath: krb5.keytab + readOnly: true resources: requests: cpu: 500m @@ -44,7 +48,10 @@ spec: httpGet: path: / port: 8080 -# volumes: + volumes: # - name: config # secret: # secretName: mts-config + - name: keytab + secret: + secretName: keytab