diff --git a/playbooks/openshift-apps/coreos-koji-tagger.yml b/playbooks/openshift-apps/coreos-koji-tagger.yml index ef62183f42..3654db0c87 100644 --- a/playbooks/openshift-apps/coreos-koji-tagger.yml +++ b/playbooks/openshift-apps/coreos-koji-tagger.yml @@ -26,6 +26,12 @@ service: coreos-koji-tagger host: "coreos-koji-tagger{{ env_suffix }}.fedoraproject.org" +# Copy in a kerberos config that is unique to fedora infra + - role: openshift/object + app: coreos-koji-tagger + template: configmap.yml + objectname: configmap.yml + - role: openshift/object app: coreos-koji-tagger template: imagestream.yml diff --git a/roles/openshift-apps/coreos-koji-tagger/templates/configmap.yml b/roles/openshift-apps/coreos-koji-tagger/templates/configmap.yml new file mode 100644 index 0000000000..f8b15bb7c1 --- /dev/null +++ b/roles/openshift-apps/coreos-koji-tagger/templates/configmap.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: coreos-koji-tagger-krb5-conf + labels: + app: coreos-koji-tagger +data: + krb5.conf: |- + {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }} diff --git a/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml b/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml index 77041aacc5..f0477844a6 100644 --- a/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml +++ b/roles/openshift-apps/coreos-koji-tagger/templates/deploymentconfig.yml @@ -32,6 +32,10 @@ spec: - name: coreos-koji-tagger-keytab-volume mountPath: /etc/coreos-koji-tagger-keytab readOnly: true + - name: coreos-koji-tagger-krb5-conf-volume + mountPath: /etc/krb5.conf + subPath: krb5.conf + readOnly: true image: "" imagePullPolicy: IfNotPresent name: coreos-koji-tagger @@ -41,6 +45,9 @@ spec: secret: secretName: coreos-koji-tagger-keytab optional: true + - name: coreos-koji-tagger-krb5-conf-volume + configMap: + name: coreos-koji-tagger-krb5-conf restartPolicy: Always test: false triggers: