Try setting the principle in the kt file

3 years ago · ce845c9ade
2 changed files with 2 additions and 2 deletions
--- a/k8s/prod/osh-client-tekton/osh-client-config.yaml
+++ b/k8s/prod/osh-client-tekton/osh-client-config.yaml
@ -70,7 +70,7 @@ data:
    KRB_REALM = "IPA.REDHAT.COM"

    # Kerberos principal. If commented, default principal obtained by kinit is used.
-    KRB_PRINCIPAL = "HTTP/prodsec-scanchain.apps.ocp-c1.prod.psi.redhat.com"
+    KRB_PRINCIPAL = "oshw-prod-svc-principle"

    # Kerberos keytab file.
    KRB_KEYTAB = "/kerberos/kerberos-keytab-osh"
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -117,7 +117,7 @@ quarkus.arc.remove-unused-beans=false
 %prod.quarkus.openshift.mounts.osh-wrapper.path=/kerberos
 %prod.quarkus.openshift.mounts.osh-wrapper.read-only=true
 %prod.quarkus.kerberos.keytab-path= /kerberos/kerberos-keytab-osh
-%prod.quarkus.kerberos.service-principal-name= HTTP/prodsec-scanchain.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM
+%prod.quarkus.kerberos.service-principal-name= oshw-prod-svc-principle@IPA.REDHAT.COM

 %prod.quarkus.openshift.mounts.osh-wrapper-config-vol.path=/etc/krb5.conf
 %prod.quarkus.openshift.mounts.osh-wrapper-config-vol.sub-path=linux-krb5.conf