From ec2028fcf14a934a2294d99181b75c47943f5e24 Mon Sep 17 00:00:00 2001
From: Dusty Mabe <dusty@dustymabe.com>
Date: Thu, 27 Jun 2019 16:16:39 -0400
Subject: [PATCH] openshift-apps/coreos-koji-tagger: update keytab bits

- start passing in environment variable
- point it to the actual location of the keytab
- use the right username (handled in coreos-koji-tagger code)
---
 playbooks/openshift-apps/coreos-koji-tagger.yml      |  4 +++-
 .../templates/deploymentconfig.yml                   | 12 ++++++------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/playbooks/openshift-apps/coreos-koji-tagger.yml b/playbooks/openshift-apps/coreos-koji-tagger.yml
index 8726370660..ef62183f42 100644
--- a/playbooks/openshift-apps/coreos-koji-tagger.yml
+++ b/playbooks/openshift-apps/coreos-koji-tagger.yml
@@ -17,10 +17,12 @@
     - jlebon
     - mizdebsk
 
+# Create a keytab. The default username will be like:
+# coreos-koji-tagger/coreos-koji-tagger.phx2.fedoraproject.org@STG.FEDORAPROJECT.ORG
   - role: openshift/keytab
     app: coreos-koji-tagger
     key: koji-keytab
-    secret_name: coreos-koji-tagger-coreos-bot-keytab
+    secret_name: coreos-koji-tagger-keytab
     service: coreos-koji-tagger
     host: "coreos-koji-tagger{{ env_suffix }}.fedoraproject.org"
 
diff --git a/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml b/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml
index e589666ce4..c183dd0e35 100644
--- a/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml
+++ b/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml
@@ -18,8 +18,8 @@ spec:
     spec:
       containers:
       - env:
-#       - name: COREOS_KOJI_TAGGER_KEYTAB_FILE
-#         value: /etc/coreos-koji-tagger-coreos-bot-keytab
+        - name: COREOS_KOJI_TAGGER_KEYTAB_FILE
+          value: /etc/coreos-koji-tagger-keytab/koji-keytab
         - name: COREOS_KOJI_TAGGER_USE_STG
 {% if env == "staging" %}
           value: "true"
@@ -27,17 +27,17 @@ spec:
           value: "false"
 {% endif %}
         volumeMounts:
-        - name: coreos-koji-tagger-coreos-bot-keytab-volume
-          mountPath: /etc/coreos-koji-tagger-coreos-bot-keytab
+        - name: coreos-koji-tagger-keytab-volume
+          mountPath: /etc/coreos-koji-tagger-keytab
           readOnly: true
         image: ""
         imagePullPolicy: IfNotPresent
         name: coreos-koji-tagger
         resources: {}
       volumes:
-      - name: coreos-koji-tagger-coreos-bot-keytab-volume
+      - name: coreos-koji-tagger-keytab-volume
         secret:
-          secretName: coreos-koji-tagger-coreos-bot-keytab
+          secretName: coreos-koji-tagger-keytab
           optional: true
       restartPolicy: Always
   test: false