diff --git a/playbooks/openshift-apps/bugzilla2fedmsg.yml b/playbooks/openshift-apps/bugzilla2fedmsg.yml index 27538c4fda..71bfebda49 100644 --- a/playbooks/openshift-apps/bugzilla2fedmsg.yml +++ b/playbooks/openshift-apps/bugzilla2fedmsg.yml @@ -55,6 +55,15 @@ key: msg-client-fedora-prod.key privatefile: "bugzilla2fedmsg/msg-client-fedora-prod.key" + # FASJSON access + - role: openshift/ipa-client + app: bugzilla2fedmsg + - role: openshift/keytab + app: bugzilla2fedmsg + key: service.keytab + secret_name: keytab + service: bugzilla2fedmsg + - role: openshift/imagestream app: bugzilla2fedmsg imagename: bugzilla2fedmsg diff --git a/roles/openshift-apps/bugzilla2fedmsg/templates/deploymentconfig.yml b/roles/openshift-apps/bugzilla2fedmsg/templates/deploymentconfig.yml index fd4251f9a3..04db31bad8 100644 --- a/roles/openshift-apps/bugzilla2fedmsg/templates/deploymentconfig.yml +++ b/roles/openshift-apps/bugzilla2fedmsg/templates/deploymentconfig.yml @@ -27,6 +27,10 @@ spec: value: "/opt/app-root/bin/bugzilla2fedmsg" # - name: FEDORA_MESSAGING_CONF # value: "/etc/fedora-messaging/config.toml" + - name: KRB5_CONFIG + value: /etc/ipa/krb5.conf + - name: KRB5_CLIENT_KTNAME + value: /etc/keytabs/service.keytab volumeMounts: - name: fedora-messaging-config-volume mountPath: /etc/fedora-messaging @@ -51,6 +55,12 @@ spec: mountPath: /etc/pki/stomp/msg-client-fedora-prod.key subPath: msg-client-fedora-prod.key readOnly: true + - name: ipa-config-volume + mountPath: /etc/ipa + readOnly: true + - name: keytab-volume + mountPath: /etc/keytabs + readOnly: true volumes: - name: fedora-messaging-config-volume configMap: @@ -70,6 +80,12 @@ spec: - name: stomp-key-volume secret: secretName: stomp-key + - name: ipa-config-volume + configMap: + name: ipa-client-config + - name: keytab-volume + secret: + secretName: keytab triggers: - type: ConfigChange