From e39d82975e8ac8ae3e0e4f92960c99ba8e1e4277 Mon Sep 17 00:00:00 2001
From: Albin Vass <albin.vass@volvocars.com>
Date: Thu, 8 Jul 2021 11:27:53 +0200
Subject: [PATCH] Mount connection sshkeys on executors and mergers

Change-Id: I1628b2d4efe4ed949c70a0a96a5a06c037495a09
---
 zuul_operator/templates/zuul.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/zuul_operator/templates/zuul.yaml b/zuul_operator/templates/zuul.yaml
index ab8ae29..a9276cb 100644
--- a/zuul_operator/templates/zuul.yaml
+++ b/zuul_operator/templates/zuul.yaml
@@ -345,6 +345,13 @@ spec:
           mountPath: {{ volume.path }}
           {%- if volume.access == 'ro' %}readOnly: true{% endif %}
         {%- endfor %}
+        {%- for connection_name, connection in connections.items() %}
+        {%- if 'secretName' in connection %}
+        - name: connection-{{ connection_name }}
+          mountPath: /etc/zuul/connections/{{ connection_name }}
+          readOnly: true
+        {%- endif %}
+        {%- endfor %}
         securityContext:
           privileged: true
         terminationGracePeriodSeconds: {{ spec.executor.terminationGracePeriodSeconds }}
@@ -371,6 +378,13 @@ spec:
       {%- for volume in spec.get('jobVolumes', []) %}
       - {{ volume.volume | zuul_to_json }}
       {%- endfor %}
+      {%- for connection_name, connection in connections.items() %}
+      {%- if 'secretName' in connection %}
+      - name: connection-{{ connection_name }}
+        secret:
+          secretName: {{ connection['secretName'] }}
+      {%- endif %}
+      {%- endfor %}
 ---
 apiVersion: apps/v1
 kind: StatefulSet
@@ -415,6 +429,13 @@ spec:
         - name: zookeeper-client-tls
           mountPath: /tls/client
           readOnly: true
+        {%- for connection_name, connection in connections.items() %}
+        {%- if 'secretName' in connection %}
+        - name: connection-{{ connection_name }}
+          mountPath: /etc/zuul/connections/{{ connection_name }}
+          readOnly: true
+        {%- endif %}
+        {%- endfor %}
         terminationGracePeriodSeconds: 3600
       volumes:
       - name: zuul-var
@@ -425,6 +446,13 @@ spec:
       - name: zookeeper-client-tls
         secret:
           secretName: {{ spec.zookeeper.secretName }}
+      {%- for connection_name, connection in connections.items() %}
+      {%- if 'secretName' in connection %}
+      - name: connection-{{ connection_name }}
+        secret:
+          secretName: {{ connection['secretName'] }}
+      {%- endif %}
+      {%- endfor %}
 ---
 apiVersion: v1
 kind: Service