From d1cf752d7e9c0fadd7e4404a59a27fcda100d88d Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Thu, 9 May 2019 12:05:24 +0200
Subject: [PATCH] Supposedly add all build config parts

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
---
 playbooks/openshift-apps/ipsilon.yml          |  1 +
 .../ipsilon/templates/buildconfig.yml         | 28 ++++++++++++++++---
 roles/openshift-apps/ipsilon/vars/build.yml   | 11 ++++++++
 3 files changed, 36 insertions(+), 4 deletions(-)
 create mode 100644 roles/openshift-apps/ipsilon/vars/build.yml

diff --git a/playbooks/openshift-apps/ipsilon.yml b/playbooks/openshift-apps/ipsilon.yml
index 48f7d4c3e7..f9b36097e2 100644
--- a/playbooks/openshift-apps/ipsilon.yml
+++ b/playbooks/openshift-apps/ipsilon.yml
@@ -7,6 +7,7 @@
     - /srv/web/infra/ansible/vars/global.yml
     - "/srv/private/ansible/vars.yml"
     - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+    - /srv/web/infra/ansible/roles/openshift-apps/ipsilon/vars/build.yml
 
   pre_tasks:
   - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
diff --git a/roles/openshift-apps/ipsilon/templates/buildconfig.yml b/roles/openshift-apps/ipsilon/templates/buildconfig.yml
index f19299372e..0756210c3e 100644
--- a/roles/openshift-apps/ipsilon/templates/buildconfig.yml
+++ b/roles/openshift-apps/ipsilon/templates/buildconfig.yml
@@ -8,19 +8,39 @@ spec:
   runPolicy: Serial
   source:
     dockerfile: |-
-      FROM fedora:29
+      FROM fedora:latest
       RUN curl -o /etc/yum.repos.d/infra-tags.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/fedora-infra-tags.repo
 {% if env == "staging" %}
       RUN curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/fedora-infra-tags-stg.repo
 {% endif %}
-      RUN dnf install -y ipsilon ipsilon-authfas ipsilon-openid ipsilon-saml2 ipsilon-persona ipsilon-infofas ipsilon-authgssapi ipsilon-openidc mod_auth_openidc python-psycopg2 httpd mod_wsgi
+      RUN dnf install -y \
+          ipsilon \
+          ipsilon-authfas \
+          ipsilon-openid \
+          ipsilon-saml2 \
+          ipsilon-persona \
+          ipsilon-infofas \
+          ipsilon-authgssapi \
+          ipsilon-openidc \
+          fedora-ipsilontheme \
+          mod_auth_openidc \
+          python-psycopg2 \
+          httpd \
+          mod_wsgi
+
+      # Fedora specific stuff - Terrible hacky way to install, but works for testing purposes
+      curl https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/roles/ipsilon/files/api.py -o /usr/lib/python2.7/site-packages/ipsilon/providers/openid/extensions/api.py
+      curl https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/roles/ipsilon/files/infofas.py -o /usr/lib/python2.7/site-packages/ipsilon/info/infofas.py
+
+{% for scope_file in oidc_scope_filenames %}
+    curl https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/roles/ipsilon/files/oidc_scopes/{{ scope_file }}.py -o /usr/lib/python2.7/site-packages/ipsilon/providers/openidc/plugins/{{scope_file}}.py
+{% endif %}
+
       EXPOSE 8080
       ENTRYPOINT bash /etc/ipsilon/start.sh
     type: Dockerfile
   strategy:
     type: Docker
-    dockerStrategy:
-      noCache: false
   output:
     to:
       kind: ImageStreamTag
diff --git a/roles/openshift-apps/ipsilon/vars/build.yml b/roles/openshift-apps/ipsilon/vars/build.yml
new file mode 100644
index 0000000000..e26488beec
--- /dev/null
+++ b/roles/openshift-apps/ipsilon/vars/build.yml
@@ -0,0 +1,11 @@
+---
+oidc_scope_filenames:
+- account-scopes
+- mbs
+- beaker
+- waiverdb
+- odcs
+- wiki
+- freshmaker
+- src
+- fpdc