From b52b62bdf43da5369c175032c495ffd7b2c600b3 Mon Sep 17 00:00:00 2001
From: Clement Verna <cverna@tutanota.com>
Date: Apr 10 2020 06:58:11 +0000
Subject: kerneltest: add the openidc client_secrets.json file


Signed-off-by: Clement Verna <cverna@tutanota.com>

---

diff --git a/roles/openshift-apps/kerneltest/templates/client_secrets.json b/roles/openshift-apps/kerneltest/templates/client_secrets.json
new file mode 100644
index 0000000..2399841
--- /dev/null
+++ b/roles/openshift-apps/kerneltest/templates/client_secrets.json
@@ -0,0 +1,23 @@
+{% if env == 'staging' %}
+{"web": {
+  "redirect_uris": ["https://apps.stg.fedoraproject.org/kerneltest"],
+  "token_uri": "https://id.stg.fedoraproject.org/openidc/Token",
+  "auth_uri": "https://id.stg.fedoraproject.org/openidc/Authorization",
+  "client_id": "kerneltest-stg",
+  "client_secret": "{{stg_kerneltest_oidc_secret}}",
+  "userinfo_uri": "https://id.stg.fedoraproject.org/openidc/UserInfo",
+  "token_introspection_uri": "https://id.stg.fedoraproject.org/openidc/TokenInfo"
+  }
+}
+{% else %}
+{"web": {
+  "redirect_uris": ["https://apps.fedoraproject.org/kerneltest"],
+  "token_uri": "https://id.fedoraproject.org/openidc/Token",
+  "auth_uri": "https://id.fedoraproject.org/openidc/Authorization",
+  "client_id": "kerneltest",
+  "client_secret": "{{prod_kerneltest_oidc_secret}}",
+  "userinfo_uri": "https://id.fedoraproject.org/openidc/UserInfo",
+  "token_introspection_uri": "https://id.fedoraproject.org/openidc/TokenInfo"
+  }
+}
+{% endif %}
diff --git a/roles/openshift-apps/kerneltest/templates/config.toml b/roles/openshift-apps/kerneltest/templates/config.toml
index 9a5bd6d..4cb3815 100644
--- a/roles/openshift-apps/kerneltest/templates/config.toml
+++ b/roles/openshift-apps/kerneltest/templates/config.toml
@@ -6,3 +6,4 @@ SECRET_KEY = "{{ kerneltest_secretkey }}"
 DB_URL = "postgresql://{{ kerneltest_db_user }}:{{ kerneltest_db_pass }}@{{ kerneltest_db_host }}/kerneltest"
 {% endif %}
 ADMIN_GROUP = ["sysadmin-kernel", "sysadmin-main"]
+OIDC_CLIENT_SECRETS = "/etc/kerneltest/client_secrets.json"
diff --git a/roles/openshift-apps/kerneltest/templates/configmap.yml b/roles/openshift-apps/kerneltest/templates/configmap.yml
index ff1b0cb..057cc2b 100644
--- a/roles/openshift-apps/kerneltest/templates/configmap.yml
+++ b/roles/openshift-apps/kerneltest/templates/configmap.yml
@@ -9,3 +9,5 @@ metadata:
 data:
   config.toml: |-
     {{ load_file('config.toml') | indent }}
+  client_secrets.json: |-
+    {{ load_file('client_secrets.json') | indent }}