openshift-apps/coreos-koji-tagger: update keytab bits

- start passing in environment variable
- point it to the actual location of the keytab
- use the right username (handled in coreos-koji-tagger code)

playbooks/openshift-apps/coreos-koji-tagger.yml

@@ -17,10 +17,12 @@
     - jlebon
     - mizdebsk
 
+# Create a keytab. The default username will be like:
+# coreos-koji-tagger/coreos-koji-tagger.phx2.fedoraproject.org@STG.FEDORAPROJECT.ORG
   - role: openshift/keytab
     app: coreos-koji-tagger
     key: koji-keytab
-    secret_name: coreos-koji-tagger-coreos-bot-keytab
+    secret_name: coreos-koji-tagger-keytab
     service: coreos-koji-tagger
     host: "coreos-koji-tagger{{ env_suffix }}.fedoraproject.org"
 

roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml

@@ -18,8 +18,8 @@ spec:
     spec:
       containers:
       - env:
-#       - name: COREOS_KOJI_TAGGER_KEYTAB_FILE
+        - name: COREOS_KOJI_TAGGER_KEYTAB_FILE
-#         value: /etc/coreos-koji-tagger-coreos-bot-keytab
+          value: /etc/coreos-koji-tagger-keytab/koji-keytab
         - name: COREOS_KOJI_TAGGER_USE_STG
 {% if env == "staging" %}
           value: "true"
@@ -27,17 +27,17 @@ spec:
           value: "false"
 {% endif %}
         volumeMounts:
-        - name: coreos-koji-tagger-coreos-bot-keytab-volume
+        - name: coreos-koji-tagger-keytab-volume
-          mountPath: /etc/coreos-koji-tagger-coreos-bot-keytab
+          mountPath: /etc/coreos-koji-tagger-keytab
           readOnly: true
         image: ""
         imagePullPolicy: IfNotPresent
         name: coreos-koji-tagger
         resources: {}
       volumes:
-      - name: coreos-koji-tagger-coreos-bot-keytab-volume
+      - name: coreos-koji-tagger-keytab-volume
         secret:
-          secretName: coreos-koji-tagger-coreos-bot-keytab
+          secretName: coreos-koji-tagger-keytab
           optional: true
       restartPolicy: Always
   test: false