releng: copy the koji.conf needed to authenticate

Signed-off-by: Clement Verna <cverna@tutanota.com>

playbooks/manual/releng/koji-release-tags.yml

@@ -7,15 +7,21 @@
   - ktdreyer.koji_ansible
 
   tasks:
+  - name: copy the koji.conf file with the correct variables
+    template:
+      src: koji.conf.j2
+      dest: /etc/koji.conf
+      owner: root
+      group: root
+      mode: 0644
+
   - name: create the main koji tag
     koji_tag:
-      koji: stg
       name: f33
       state: present
       perm: admin
   - name: create the updates tag
     koji_tag:
-      koji: stg
       name: f33-updates
       state: present
       perm: admin

playbooks/manual/releng/templates/koji.conf.j2

@@ -0,0 +1,39 @@
+[koji]
+;configuration for koji cli tool
+;url of XMLRPC server
+server = https://koji{{env_suffix}}.fedoraproject.org/kojihub
+
+;url of web interface
+weburl = https://koji{{env_suffix}}.fedoraproject.org/koji
+
+topurl = https://kojipkgs{{env_suffix}}.fedoraproject.org/
+
+;configuration for Kerberos authentication
+authtype = kerberos
+krb_rdns = false
+
+;the service name of the principal being used by the hub
+krbservice = compose
+
+;the principal to auth as for automated clients
+{% if env == "staging" %}
+principal = compose/koji.stg.fedoraproject.org@STG.FEDORAPROJECT.ORG
+krb_server_realm = STG.FEDORAPROJECT.ORG
+keytab = /etc/krb5.compose_koji.stg.phx2.fedoraproject.org.keytab
+{% else %}
+principal = compose/koji.fedoraproject.org@FEDORAPROJECT.ORG
+krb_server_realm = FEDORAPROJECT.ORG
+keytab = /etc/krb5.compose_koji.phx2.fedoraproject.org.keytab
+{%endif%}
+
+;enable to lookup dns canonical hostname for krb auth
+;krb_canon_host = no
+
+;[not_implemented_yet]
+;enabled plugins for CLI, runroot and save_failed_tree are available
+;plugins =
+; runroot plugin is enabled by default in fedora
+plugins = runroot
+
+; use the fast upload feature of koji by default
+use_fast_upload = yes