Badges: add the FM certs in the cronjobs

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-03-26 10:33:04 +01:00 · 2024-03-26 10:33:04 +01:00 · e66b73760b
commit e66b73760b
parent 24b8b7a98e
2 changed files with 36 additions and 0 deletions
--- a/roles/openshift-apps/badges/templates/cron-award.yml
+++ b/roles/openshift-apps/badges/templates/cron-award.yml
@ -35,6 +35,15 @@ spec:
              - name: keytab-volume
                mountPath: /etc/keytabs
                readOnly: true
+              - name: fedora-messaging-ca-volume
+                mountPath: /etc/pki/fedora-messaging/ca
+                readOnly: true
+              - name: fedora-messaging-key-volume
+                mountPath: /etc/pki/fedora-messaging/key
+                readOnly: true
+              - name: fedora-messaging-crt-volume
+                mountPath: /etc/pki/fedora-messaging/crt
+                readOnly: true
            env:
              - name: FEDORA_MESSAGING_CONF
                value: "/etc/badges/fm-fedbadges.toml"
@ -51,4 +60,13 @@ spec:
            - name: keytab-volume
              secret:
                secretName: fedbadges-keytab
+            - name: fedora-messaging-ca-volume
+              secret:
+                secretName: fedora-messaging-ca
+            - name: fedora-messaging-key-volume
+              secret:
+                secretName: fedora-messaging-key
+            - name: fedora-messaging-crt-volume
+              secret:
+                secretName: fedora-messaging-crt
 {% endfor %}
--- a/roles/openshift-apps/badges/templates/cron-update-rules.yml
+++ b/roles/openshift-apps/badges/templates/cron-update-rules.yml
@ -34,6 +34,15 @@ spec:
              - name: keytab-volume
                mountPath: /etc/keytabs
                readOnly: true
+              - name: fedora-messaging-ca-volume
+                mountPath: /etc/pki/fedora-messaging/ca
+                readOnly: true
+              - name: fedora-messaging-key-volume
+                mountPath: /etc/pki/fedora-messaging/key
+                readOnly: true
+              - name: fedora-messaging-crt-volume
+                mountPath: /etc/pki/fedora-messaging/crt
+                readOnly: true
            env:
              - name: FEDORA_MESSAGING_CONF
                value: "/etc/badges/fm-fedbadges.toml"
@ -50,5 +59,14 @@ spec:
            - name: keytab-volume
              secret:
                secretName: fedbadges-keytab
+            - name: fedora-messaging-ca-volume
+              secret:
+                secretName: fedora-messaging-ca
+            - name: fedora-messaging-key-volume
+              secret:
+                secretName: fedora-messaging-key
+            - name: fedora-messaging-crt-volume
+              secret:
+                secretName: fedora-messaging-crt
          securityContext:
            supplementalGroups: [1001050000]