try and clean up templates

6 files changed, 45 insertions, 8 deletions

diff --git a/roles/openshift-apps/waiverdb/files/deploymentconfig.yml b/roles/openshift-apps/waiverdb/files/deploymentconfig.yml
index 61003293b..d495589df 100644
--- a/roles/openshift-apps/waiverdb/files/deploymentconfig.yml
+++ b/roles/openshift-apps/waiverdb/files/deploymentconfig.yml
@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: DeploymentConfig
 metadata:
-  name: waiverdb-stg-web
+  name: waiverdb-web
   labels:
     app: waiverdb
     service: web
@@ -33,12 +33,12 @@ spec:
         - name: DATABASE_PASSWORD
           valueFrom:
             secretKeyRef:
-              name: waiverdb-stg-secret
+              name: waiverdb-secret
               key: database-password
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:
-              name: waiverdb-stg-secret
+              name: waiverdb-secret
               key: flask-secret-key
         readinessProbe:
           timeoutSeconds: 1
@@ -58,10 +58,10 @@ spec:
       volumes:
       - name: config-volume
         configMap:
-          name: waiverdb-stg-configmap
+          name: waiverdb-configmap
       - name: secret-volume
         secret:
-          secretName: waiverdb-stg-secret
+          secretName: waiverdb-secret
   triggers:
   - type: ImageChange
     imageChangeParams:
diff --git a/roles/openshift-apps/waiverdb/files/route.yml b/roles/openshift-apps/waiverdb/files/route.yml
index 47b0848c3..4f77d8730 100644
--- a/roles/openshift-apps/waiverdb/files/route.yml
+++ b/roles/openshift-apps/waiverdb/files/route.yml
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Route
 metadata:
-  name: waiverdb-stg-web
+  name: waiverdb-web
   labels:
     app: waiverdb
 spec:
@@ -10,7 +10,7 @@ spec:
     targetPort: web
   to:
     kind: Service
-    name: waiverdb-stg-web
+    name: waiverdb-web
   tls:
     termination: edge
     insecureEdgeTerminationPolicy: Redirect
diff --git a/roles/openshift-apps/waiverdb/files/service.yml b/roles/openshift-apps/waiverdb/files/service.yml
index a0390f981..aab5f637a 100644
--- a/roles/openshift-apps/waiverdb/files/service.yml
+++ b/roles/openshift-apps/waiverdb/files/service.yml
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: waiverdb-stg-web
+  name: waiverdb-web
   labels:
     app: waiverdb
 spec:
diff --git a/roles/openshift-apps/waiverdb/templates/client_secrets.json b/roles/openshift-apps/waiverdb/templates/client_secrets.json
index 24b9e9bfd..f6c8ab4b2 100644
--- a/roles/openshift-apps/waiverdb/templates/client_secrets.json
+++ b/roles/openshift-apps/waiverdb/templates/client_secrets.json
@@ -1,3 +1,4 @@
+{% if env == 'staging' %}
 {"web": {
   "redirect_uris": ["https://waiverdb-waiverdb.app.os.stg.fedoraproject.org/"],
   "token_uri": "https://id.stg.fedoraproject.org/openidc/Token",
@@ -8,3 +9,15 @@
   "token_introspection_uri": "https://id.stg.fedoraproject.org/openidc/TokenInfo"
   }
 }
+{% else %}
+{"web": {
+  "redirect_uris": ["https://waiverdb-waiverdb.app.os.fedoraproject.org/"],
+  "token_uri": "https://id.fedoraproject.org/openidc/Token",
+  "auth_uri": "https://id.fedoraproject.org/openidc/Authorization",
+  "client_id": "waiverdb",
+  "client_secret": "{{waiverdb_oidc_secret}}",
+  "userinfo_uri": "https://id.fedoraproject.org/openidc/UserInfo",
+  "token_introspection_uri": "https://id.fedoraproject.org/openidc/TokenInfo"
+  }
+}
+{% endif %}
diff --git a/roles/openshift-apps/waiverdb/templates/configmap.yml b/roles/openshift-apps/waiverdb/templates/configmap.yml
index 7de26756d..046a2c6ea 100644
--- a/roles/openshift-apps/waiverdb/templates/configmap.yml
+++ b/roles/openshift-apps/waiverdb/templates/configmap.yml
@@ -1,7 +1,11 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
+{% if env == 'staging' %}
   name: waiverdb-stg-configmap
+{% else %}
+  name: waiverdb-configmap
+{% endif %}
   labels:
     app: waiverdb
 data:
diff --git a/roles/openshift-apps/waiverdb/templates/secret.yml b/roles/openshift-apps/waiverdb/templates/secret.yml
index da4675653..2321dc01f 100644
--- a/roles/openshift-apps/waiverdb/templates/secret.yml
+++ b/roles/openshift-apps/waiverdb/templates/secret.yml
@@ -1,10 +1,15 @@
 apiVersion: v1
 kind: Secret
 metadata:
+{% if env == 'staging' %}
   name: "waiverdb-stg-secret"
+{% else %}
+  name: "waiverdb-secret"
+{% endif %}
   labels:
     app: "waiverdb"
 stringData:
+{% if env == 'staging' %}
   flask-secret-key: "{{stg_waiverdb_secret_key}}"
   database-password: "{{stg_waiverdb_db_password}}"
   # This is the same non-secret config we have committed
@@ -18,3 +23,18 @@ stringData:
       "client_secret": "qgz8Bzjg6nO7JWCXoB0o8L49KfI5atLF",
       "userinfo_uri": "https://iddev.fedorainfracloud.org/openidc/UserInfo",
       "token_introspection_uri": "https://iddev.fedorainfracloud.org/openidc/TokenInfo"}}
+{% else %}
+  flask-secret-key: "{{prod_waiverdb_secret_key}}"
+  database-password: "{{prod_waiverdb_db_password}}"
+  # This is the same non-secret config we have committed
+  # as conf/client_secrets.json for using in dev environments.
+  client_secrets.json: |-
+    {"web": {
+      "redirect_uris": ["https://waiverdb-waiverdb.app.os.fedoraproject.org/"],
+      "token_uri": "https://iddev.fedorainfracloud.org/openidc/Token",
+      "auth_uri": "https://iddev.fedorainfracloud.org/openidc/Authorization",
+      "client_id": "D-e69a1ac7-30fa-4d18-9001-7468c4f34c3c",
+      "client_secret": "qgz8Bzjg6nO7JWCXoB0o8L49KfI5atLF",
+      "userinfo_uri": "https://iddev.fedorainfracloud.org/openidc/UserInfo",
+      "token_introspection_uri": "https://iddev.fedorainfracloud.org/openidc/TokenInfo"}}
+{% endif %}