Change some auth settings for Copr MBS

roles/copr/mbs/tasks/main.yml

@@ -89,12 +89,11 @@
   file: path=/etc/module-build-service/__init__.py state=touch
 
 - name: Copy production config
-  copy: src=config.py dest=/etc/module-build-service/config.py
+  template: src=config.py dest=/etc/module-build-service/config.py
 
+- name: Install client_secrets.json
+  template: src=client_secrets.json dest=/etc/module-build-service/
 
-# @TODO Should be packaged in module_build_service package? Or we need to create our own?
-- name: Obtain client_secrets.json
-  get_url: url=https://pagure.io/fm-orchestrator/raw/master/f/conf/client_secrets.json dest=/etc/module-build-service/
 
 - name: Upgrade database
   command: mbs-upgradedb

roles/copr/mbs/templates/client_secrets.json

@@ -0,0 +1,12 @@
+{
+    "web": {
+        "auth_uri": "https://id.stg.fedoraproject.org/openidc/Authorization",
+        "client_id": "mbs-authorizer",
+        "client_secret": "{{ copr_mbs_client_secret }}",
+        "redirect_uris": [
+            "http://localhost:13747/"
+        ],
+        "token_uri": "https://id.stg.fedoraproject.org/openidc/Token",
+        "token_introspection_uri": "https://id.stg.fedoraproject.org/openidc/TokenInfo"
+    }
+}

roles/copr/mbs/templates/config.py

@@ -7,9 +7,9 @@ from base_config import confdir, dbdir
 
 class ProdConfiguration(base.ProdConfiguration):
     SYSTEM = 'copr'
-    FAS_USERNAME = 'someuser'
+    REQUIRE_PACKAGER = False
-    FAS_PASSWORD = 'secretkey'
     OIDC_CLIENT_SECRETS = '/etc/module-build-service/client_secrets.json'
+    SECRET_KEY = '{{ copr_mbs_secret_key }}'
 
 
 class DevConfiguration(base.DevConfiguration):