We need two distinct play here

Signed-off-by: Clement Verna <cverna@tutanota.com>

playbooks/groups/osbs-cluster.yml

@@ -588,7 +588,6 @@
 
   roles:
   - role: osbs-secret
-    osbs_namespace: "osbs-fedora"
     osbs_secret_name: "v2-registry-dockercfg"
     osbs_secret_type: kubernetes.io/dockercfg
     osbs_secret_files:
@@ -611,6 +610,46 @@
         state=absent
         path="/tmp/.dockercfg"
 
+- name: Add dockercfg secret to allow registry push worker
+  hosts: osbs-masters-stg[0]:osbs-masters[0]
+  tags:
+    - osbs-dockercfg-secret
+  user: root
+
+  vars_files:
+    - /srv/web/infra/ansible/vars/global.yml
+    - "/srv/private/ansible/vars.yml"
+    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  pre_tasks:
+    - set_fact:
+        auth_info_prod: "{{candidate_registry_osbs_prod_username}}:{{candidate_registry_osbs_prod_password}}"
+        auth_info_stg: "{{candidate_registry_osbs_stg_username}}:{{candidate_registry_osbs_stg_password}}"
+
+      origin_version: "{{origin_version_out.stdout}}"
+    - name: Create the dockercfg secret file
+      local_action: >
+        template
+        src="{{ files }}/osbs/dockercfg-{{env}}-secret.j2"
+        dest="/tmp/.dockercfg"
+        mode=0400
+
+  - role: osbs-secret
+    osbs_namespace: "{{ osbs_worker_namespace }}"
+    osbs_secret_name: "v2-registry-dockercfg"
+    osbs_secret_type: kubernetes.io/dockercfg
+    osbs_secret_files:
+    - source: "/tmp/.dockercfg"
+      dest: .dockercfg
+    when: env == "staging"
+
+  post_tasks:
+    - name: Delete the temporary secret file
+      local_action: >
+        file
+        state=absent
+        path="/tmp/.dockercfg"
+
 - name: Manage docker images and image stream
   hosts: osbs-masters[0]
   tags: