From f3af5bb308237d27a8114a61aed87c9b024b638c Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Mon, 21 Jan 2019 09:11:08 +0000
Subject: [PATCH] Add initial caiapi configmap

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 .../accountsystem/templates/configmap_caiapi.yml    | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/roles/openshift-apps/accountsystem/templates/configmap_caiapi.yml b/roles/openshift-apps/accountsystem/templates/configmap_caiapi.yml
index d8adb5d6f1..23a470189f 100644
--- a/roles/openshift-apps/accountsystem/templates/configmap_caiapi.yml
+++ b/roles/openshift-apps/accountsystem/templates/configmap_caiapi.yml
@@ -7,4 +7,15 @@ metadata:
     app: accountsystem
 data:
     caiapi.cfg: |-
-      # TODO
+      OIDC_CLIENT_SECRET = '/etc/caiapi_oidc.json'
+      KRB5_REALM = '{{ ipa_realm }}'
+      KRB5_PRINCIPAL = 'CAIAPI/caiapi{{ env_suffix }}.fedoraproject.org'
+      KRB5_KEYTAB = '/etc'
+      LDAP_SERVER = 'ldaps://ipa01{{ env_suffix }}.fedoraproject.org'
+      LDAP_CACERT = '/etc'
+{% if env == "staging" %}
+      LDAP_BASE = 'dc=stg,dc=fedoraproject,dc=org'
+{% else %}
+      LDAP_BASE = 'dc=fedoraproject,dc=org'
+{% endif %}
+      # TODO: Include file for CLIENTS