the-new-hotness: Add fedora messaging certificates

Signed-off-by: Michal Konečný <mkonecny@redhat.com>

playbooks/openshift-apps/the-new-hotness.yml

@@ -11,33 +11,43 @@
   roles:
   - role: openshift/project
     app: the-new-hotness
-    description: Fedora-messaging consumer that listens to release-monitoring.org and files bugzilla bugs in response.
+    description: Fedora-messaging consumer that listens to the-new-hotness.org and files bugzilla bugs in response.
     appowners:
     - zlopez
 
-#  - role: openshift/secret-file
-#    app: release-monitoring
-#    secret_name: release-monitoring-fedmsg-key
-#    key: fedmsg-release-monitoring.key
-#    privatefile: fedmsg-certs/keys/release-monitoring-stg.release-monitoring.org.key
-#    when: env == "staging"
-#  - role: openshift/secret-file
-#    app: release-monitoring
-#    secret_name: release-monitoring-fedmsg-cert
-#    key: fedmsg-release-monitoring.crt
-#    privatefile: fedmsg-certs/keys/release-monitoring-stg.release-monitoring.org.crt
-#    when: env == "staging"
-#  - role: openshift/secret-file
-#    app: release-monitoring
-#    secret_name: release-monitoring-fedmsg-key
-#    key: fedmsg-release-monitoring.key
-#    privatefile: fedmsg-certs/keys/release-monitoring-release-monitoring.org.key
-#    when: env != "staging"
-#  - role: openshift/secret-file
-#    app: release-monitoring
-#    secret_name: release-monitoring-fedmsg-cert
-#    key: fedmsg-release-monitoring.crt
-#    privatefile: fedmsg-certs/keys/release-monitoring-release-monitoring.org.crt
+  - role: openshift/secret-file
+    app: the-new-hotness
+    secret_name: the-new-hotness-fedora-messaging-ca
+    key: fedora-messaging-the-new-hotness.ca
+    privatefile: {{private}}/files/rabbitmq/{{env}}/pki/ca.crt
+
+  - role: openshift/secret-file
+    app: the-new-hotness
+    secret_name: the-new-hotness-fedora-messaging-key
+    key: fedora-messaging-the-new-hotness.key
+    privatefile: {{private}}/files/rabbitmq/{{env}}/pki/private/the-new-hotness.stg.key
+    when: env == "staging"
+
+  - role: openshift/secret-file
+    app: the-new-hotness
+    secret_name: the-new-hotness-fedora-messaging-cert
+    key: fedora-messaging-the-new-hotness.crt
+    privatefile: {{private}}/files/rabbitmq/{{env}}/pki/private/the-new-hotness.stg.crt
+    when: env == "staging"
+
+  - role: openshift/secret-file
+    app: the-new-hotness
+    secret_name: the-new-hotness-fedora-messaging-key
+    key: fedora-messaging-the-new-hotness.key
+    privatefile: {{private}}/files/rabbitmq/{{env}}/pki/private/the-new-hotness.key
+    when: env != "staging"
+
+  - role: openshift/secret-file
+    app: the-new-hotness
+    secret_name: the-new-hotness-fedora-messaging-cert
+    key: fedora-messaging-the-new-hotness.crt
+    privatefile: {{private}}/files/rabbitmq/{{env}}/pki/private/the-new-hotness.crt
+    when: env != "staging"
 
   - role: openshift/object
     app: the-new-hotness

roles/openshift-apps/the-new-hotness/files/deploymentconfig.yml

@@ -35,22 +35,28 @@ items:
             - name: config-volume
               mountPath: /etc/fedora-messaging
               readOnly: true
-#           - name: fedmsg-key-volume
-#             mountPath: /etc/pki/fedmsg/key
-#             readOnly: true
-#           - name: fedmsg-crt-volume
-#             mountPath: /etc/pki/fedmsg/crt
-#             readOnly: true
+            - name: fedora-messaging-ca-volume
+              mountPath: /etc/pki/rabbitmq/ca
+              readOnly: true
+            - name: fedora-messaging-key-volume
+              mountPath: /etc/pki/rabbitmq/key
+              readOnly: true
+            - name: fedora-messaging-cert-volume
+              mountPath: /etc/pki/rabbitmq/cert
+              readOnly: true
         volumes:
         - name: config-volume
           configMap:
             name: the-new-hotness-configmap
-#       - name: fedmsg-key-volume
-#         secret:
-#           secretName: release-monitoring-fedmsg-key
-#       - name: fedmsg-crt-volume
-#         secret:
-#           secretName: release-monitoring-fedmsg-cert
+        - name: fedora-messaging-ca-volume
+          secret:
+            secretName: release-monitoring-fedora-messaging-ca
+        - name: fedora-messaging-key-volume
+          secret:
+            secretName: release-monitoring-fedora-messaging-key
+        - name: fedora-messaging-cert-volume
+          secret:
+            secretName: release-monitoring-fedora-messaging-cert
     triggers:
     - imageChangeParams:
         automatic: true

roles/openshift-apps/the-new-hotness/templates/configmap.yml

@@ -33,9 +33,9 @@ items:
         ]
 
         [tls]
-        ca_cert = ""
-        keyfile = ""
-        certfile = ""
+        ca_cert = "/etc/pki/rabbitmq/ca/ca.crt"
+        keyfile = "/etc/pki/rabbitmq/key/fedora-messaging-release-monitoring.key"
+        certfile = "/etc/pki/rabbitmq/crt/fedora-messaging-release-monitoring.crt"
 
         [client_properties]
         app = "the-new-hotness"