osbuildapi-update: just keep adding to ipset

It seems sso.redhat.com has a 20 second time to live, so it changes
often. However, it seems to only change the pool of ips from a small
(5-10) number. So, lets just add to the set so we allow any of the ips
we have seen. The set will grow, but if the pool is small it should
stablize to have all the ips in the pool.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

roles/koji_builder/templates/osbuildapi-update.sh

@@ -3,11 +3,6 @@
 # Make sure the ipset is created.
 /usr/sbin/ipset create osbuildapi hash:ip >& /dev/null
 
-# Prepare a temporary set to store the new IPs, so we can atomically swap them
-/usr/sbin/ipset create osbuildapi_tmp hash:ip >& /dev/null
-# Make sure the temporary set is empty
-/usr/sbin/ipset flush osbuildapi_tmp
-
 # in staging we need to allow api.stage and in prod api.
 {% if env == 'staging' %}
 RESOLVEQUERY=`resolvectl -4 --cache=no --legend=no query api.stage.openshift.com 2> /dev/null`
@@ -20,7 +15,7 @@ NEWIPS=`echo "$RESOLVEQUERY" | grep link | sed -E 's/.* ([0-9]+\.[0-9]+\.[0-9]+\
 
 for j in $NEWIPS
 do
-     /usr/sbin/ipset add osbuildapi_tmp $j
+     /usr/sbin/ipset add osbuildapi $j
 done
 
 # both stage and prod authenticate using sso.redhat.com
@@ -31,9 +26,5 @@ NEWIDENTITYIPS=`echo "$RESOLVEQUERY" | grep link | sed -E 's/.* ([0-9]+\.[0-9]+\
 
 for j in $NEWIDENTITYIPS
 do
-     /usr/sbin/ipset add osbuildapi_tmp $j
+     /usr/sbin/ipset add osbuildapi $j
 done
-
-# Swap the sets atomically
-/usr/sbin/ipset swap osbuildapi osbuildapi_tmp
-/usr/sbin/ipset destroy osbuildapi_tmp