C3I: switch koji auth from ssl to kerberos

New pipeline-as-a-service Koji is going to use Kerberos instead SSL.
Added dist-git to services since new koji worker in
pipeline-as-a-service is integrated with dist-git.
Changing package_manager from dnf to yum which is configured in koji
from pipeline-as-a-service.

openshift/integration/koji/pipelines/snippets/mbs-integration-test.groovy

@@ -29,7 +29,7 @@ stage('Run integration tests') {
           }
           openshift.withCluster() {
             openshift.withProject(params.PIPELINE_AS_A_SERVICE_BUILD_NAMESPACE) {
-              def services = 'umb mbs-frontend mbs-backend krb5 ldap koji-hub'
+              def services = 'umb mbs-frontend mbs-backend krb5 ldap koji-hub dist-git'
               if (env.REUSE_PROJECT == "true") {
                 c3i.buildAndWait(script: this, objs: "bc/pipeline-as-a-service",
                   '-e', "DEFAULT_IMAGE_TAG=${env.ENVIRONMENT}",

openshift/integration/koji/pipelines/tests/module-build-init

@@ -79,8 +79,8 @@ while true; do
        echo "${TEST_TARGET_BUILD_TAG} does not have perm set to admin"
        continue
     fi
-    if ! grep -q "  mock.package_manager : 'dnf'" ${TEST_TARGET_TAG_INFO_FILE}; then
-       echo "${TEST_TARGET_BUILD_TAG} is not configured to use dnf"
+    if ! grep -q "  mock.package_manager : 'yum'" ${TEST_TARGET_TAG_INFO_FILE}; then
+       echo "${TEST_TARGET_BUILD_TAG} is not configured to use yum"
        continue
     fi
     if ! grep -q "  repo_include_all : True" ${TEST_TARGET_TAG_INFO_FILE}; then

openshift/integration/koji/pipelines/tests/module-build-init.groovy

@@ -82,8 +82,8 @@ def runTests() {
         echo "${target.build_tag_name} does not have perm set to admin"
         return false
       }
-      if (taginfo.extra.get("mock.package_manager", "") != "dnf") {
-        echo "${target.build_tag_name} is not configured to use dnf"
+      if (taginfo.extra.get("mock.package_manager", "") != "yum") {
+        echo "${target.build_tag_name} is not configured to use yum"
         return false
       }
       if (!taginfo.extra.get("repo_include_all", false)) {

openshift/integration/koji/pipelines/tests/runtests

@@ -11,8 +11,10 @@ if [ "$TESTCASES" == "skip" ]; then
     exit 0
 fi
 
+DOMAIN=${2:-"cloud.paas.psi.redhat.com"}
+CONTROLLER=http://${PIPELINE_ID}.${DOMAIN}
+
 export TEST_DIR=$(realpath $(dirname $0))
-CONTROLLER=http://${PIPELINE_ID}.cloud.paas.psi.redhat.com
 echo "Provisioning pipeline services..."
 curl -X POST -F data=@${TEST_DIR}/mbs-cgimport-vars.yaml $CONTROLLER/scripts/provision
 CERT_DIR=$(mktemp -d)
@@ -26,10 +28,6 @@ export MBS_USER="mbs-user-${PIPELINE_ID}"
 export MBS_USER_PASSWORD=$(curl -s ${CONTROLLER}/krb5/principal/${MBS_USER})
 kinit -V $MBS_USER <<<$MBS_USER_PASSWORD
 
-CLIENT_CERTS="${CERT_DIR}/client.pem"
-curl -s ${CONTROLLER}/ca/${MBS_USER}/cert > ${CLIENT_CERTS}
-curl -s ${CONTROLLER}/ca/${MBS_USER}/key >> ${CLIENT_CERTS}
-
 KOJI_HUB_HOST="$(curl -s ${CONTROLLER}/vars/KOJI_HUB_HOST)"
 export KOJI_CONFIG=$(mktemp)
 cat > $KOJI_CONFIG <<EOF
@@ -37,8 +35,7 @@ cat > $KOJI_CONFIG <<EOF
 server = https://${KOJI_HUB_HOST}/kojihub
 weburl = https://${KOJI_HUB_HOST}/koji
 serverca = $CACERT
-authtype = ssl
-cert = ${CLIENT_CERTS}
+authtype = kerberos
 EOF
 
 for TEST_FILE in $(ls ${TEST_DIR}); do