Koschei: make admin DB password available to admin Pod

roles/openshift-apps/koschei/templates/admin-config.yml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: admin-config
+stringData:
+  config-admin.cfg: |
+    {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/config-admin.cfg.j2') | indent }}
+  config-backend.cfg: |
+    {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/config-backend.cfg.j2') | indent }}
+  fedora-messaging.toml: |
+    {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/fedora-messaging.toml.j2') | indent }}
+  krb5.conf: |
+    {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }}
+data:
+  rabbitmq-ca.crt: |
+    {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/ca.crt', rstrip=False) | b64encode | indent }}
+  rabbitmq-client.crt: |
+    {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/issued/' + app + env_suffix + '.crt', rstrip=False) | b64encode | indent }}
+  rabbitmq-client.key: |
+    {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/private/' + app + env_suffix + '.key', rstrip=False) | b64encode | indent }}

roles/openshift-apps/koschei/templates/admin-deployment.yml

@@ -40,7 +40,7 @@ spec:
       volumes:
       - name: config
         secret:
-          secretName: backend-config
+          secretName: admin-config
       - name: keytab
         secret:
           secretName: keytab

roles/openshift-apps/koschei/templates/config-admin.cfg.j2

@@ -0,0 +1,16 @@
+# This is a config file for Koschei that can override values in default
+# configuration in /usr/share/koschei/config.cfg. It is a python file expecting
+# assignment to config dictionary which will be recursively merged with the
+# default one.
+
+config = {
+    "database_config": {
+        "username": "koscheiadmin",
+        "password": "{{ koscheiadmin_db_password }}",
+    },
+}
+
+# Local Variables:
+# mode: Python
+# End:
+# vi: ft=python