diff --git a/playbooks/openshift-apps/greenwave.yml b/playbooks/openshift-apps/greenwave.yml index 46e5d8a689..363bfaaee2 100644 --- a/playbooks/openshift-apps/greenwave.yml +++ b/playbooks/openshift-apps/greenwave.yml @@ -31,74 +31,83 @@ - pingou tags: - apply-appowners + - role: openshift/secret-file app: greenwave secret_name: greenwave-fedora-messaging-key key: greenwave.key privatefile: "rabbitmq/{{env}}/pki/private/greenwave{{env_suffix}}.key" - when: env == "staging" + - role: openshift/secret-file app: greenwave secret_name: greenwave-fedora-messaging-crt key: greenwave.crt privatefile: "rabbitmq/{{env}}/pki/issued/greenwave{{env_suffix}}.crt" - when: env == "staging" + - role: openshift/secret-file app: greenwave secret_name: greenwave-fedora-messaging-ca key: greenwave.ca privatefile: "rabbitmq/{{env}}/pki/ca.crt" - when: env == "staging" + - role: openshift/secret-file app: greenwave secret_name: greenwave-fedmsg-key key: fedmsg-greenwave.key privatefile: fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.fedoraproject.org.key - when: env != "staging" + - role: openshift/secret-file app: greenwave secret_name: greenwave-fedmsg-crt key: fedmsg-greenwave.crt privatefile: fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.fedoraproject.org.crt - when: env != "staging" + - role: openshift/object app: greenwave template: imagestream.yml objectname: imagestream.yml + - role: openshift/object app: greenwave template: buildconfig.yml objectname: buildconfig.yml tags: - apply-buildconfig + - role: openshift/object app: greenwave template: configmap.yml objectname: configmap.yml + - role: openshift/object app: greenwave file: service.yml objectname: service.yml + - role: openshift/route app: greenwave routename: web-pretty host: "greenwave{{ env_suffix }}.fedoraproject.org" serviceport: web servicename: greenwave-web + # TODO -- someday retire this old route in favor of the pretty one above. - role: openshift/object app: greenwave file: route.yml objectname: route.yml + - role: openshift/object app: greenwave template: deploymentconfig.yml objectname: deploymentconfig.yml tags: - apply-deploymentconfig + - role: openshift/rollout app: greenwave dcname: greenwave-web + - role: openshift/rollout app: greenwave dcname: greenwave-fedmsg-consumers diff --git a/roles/openshift-apps/greenwave/templates/buildconfig.yml b/roles/openshift-apps/greenwave/templates/buildconfig.yml index 7d50985a65..8d3df929d5 100644 --- a/roles/openshift-apps/greenwave/templates/buildconfig.yml +++ b/roles/openshift-apps/greenwave/templates/buildconfig.yml @@ -8,13 +8,6 @@ spec: runPolicy: Serial source: dockerfile: |- -{% if env == 'staging' %} - # See imagestream.yml for the definition - FROM greenwave-upstream:latest - USER 0 - RUN dnf -y install fedora-messaging && dnf clean all - USER 1001 -{% else %} # See imagestream.yml for the definition FROM greenwave-upstream:latest @@ -24,6 +17,8 @@ spec: # Become root during build to chmod USER 0 + RUN dnf -y install fedora-messaging && dnf clean all + # create a symlink for configuring the fedmsg consumers. RUN ln -sfn /etc/fedmsg-greenwave.d/greenwave.py /etc/fedmsg.d/zz_greenwave.py @@ -37,7 +32,6 @@ spec: # Become non-root again USER 1001 -{% endif %} strategy: type: Docker dockerStrategy: diff --git a/roles/openshift-apps/greenwave/templates/configmap.yml b/roles/openshift-apps/greenwave/templates/configmap.yml index a062973894..f8b678ee28 100644 --- a/roles/openshift-apps/greenwave/templates/configmap.yml +++ b/roles/openshift-apps/greenwave/templates/configmap.yml @@ -12,16 +12,6 @@ data: fedora.yaml: |- {{ load_file('fedora.yaml') | indent }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: greenwave-fedmsg-configmap -data: - greenwave.py: |- - {{ load_file('greenwave.py') | indent }} - -{% if env == 'staging' %} --- apiVersion: v1 kind: ConfigMap @@ -32,4 +22,3 @@ metadata: data: config.toml: |- {{ load_file('config.toml') | indent }} -{% endif %} diff --git a/roles/openshift-apps/greenwave/templates/deploymentconfig.yml b/roles/openshift-apps/greenwave/templates/deploymentconfig.yml index d8ffb11311..ba8656fb46 100644 --- a/roles/openshift-apps/greenwave/templates/deploymentconfig.yml +++ b/roles/openshift-apps/greenwave/templates/deploymentconfig.yml @@ -55,7 +55,7 @@ spec: kind: ImageStreamTag name: greenwave:latest - type: ConfigChange -{% if env == 'staging' %} + --- # For fedmsg consumers apiVersion: v1 @@ -129,76 +129,7 @@ spec: kind: ImageStreamTag name: greenwave:latest - type: ConfigChange -{% else %} ---- -# For fedmsg consumers -apiVersion: v1 -kind: DeploymentConfig -metadata: - name: greenwave-fedmsg-consumers - labels: - app: greenwave - service: fedmsg-consumers -spec: - replicas: 1 - selector: - service: fedmsg-consumers - template: - metadata: - labels: - app: greenwave - service: fedmsg-consumers - spec: - containers: - - name: fedmsg-consumers - image: registry/greenwave:latest - ports: - - containerPort: 8081 - command: - - '/usr/bin/fedmsg-hub-3' - volumeMounts: - - name: config-volume - mountPath: /etc/greenwave - readOnly: true - - name: fedmsg-config-volume - mountPath: /etc/fedmsg-greenwave.d - readOnly: true - - name: fedmsg-key-volume - mountPath: /etc/pki/fedmsg/key - readOnly: true - - name: fedmsg-crt-volume - mountPath: /etc/pki/fedmsg/crt - readOnly: true - resources: - limits: - memory: 384Mi - volumes: - # Give the fedmsg-consumer container access to the general config - - name: config-volume - configMap: - name: greenwave-configmap - # But *also* access to the fedmsg-specific config - - name: fedmsg-config-volume - configMap: - name: greenwave-fedmsg-configmap - # And... this secret volume gets set up in the playbook - - name: fedmsg-key-volume - secret: - secretName: greenwave-fedmsg-key - - name: fedmsg-crt-volume - secret: - secretName: greenwave-fedmsg-crt - triggers: - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - fedmsg-consumers - from: - kind: ImageStreamTag - name: greenwave:latest - - type: ConfigChange -{% endif %} + --- # For memcached apiVersion: v1 diff --git a/roles/openshift-apps/greenwave/templates/settings.py b/roles/openshift-apps/greenwave/templates/settings.py index 4741ef4c68..40f192d42f 100644 --- a/roles/openshift-apps/greenwave/templates/settings.py +++ b/roles/openshift-apps/greenwave/templates/settings.py @@ -3,6 +3,8 @@ PORT = 8080 DEBUG = False POLICIES_DIR = '/etc/greenwave/' +MESSAGING = "fedora-messaging" + {% if env == 'staging' %} DIST_GIT_BASE_URL = 'https://src.stg.fedoraproject.org' DIST_GIT_URL_TEMPLATE = '{DIST_GIT_BASE_URL}/{pkg_namespace}/{pkg_name}/raw/{rev}/f/gating.yaml' @@ -14,7 +16,6 @@ WAIVERDB_API_URL = 'https://waiverdb-web-waiverdb.app.os.stg.fedoraproject.org/a RESULTSDB_API_URL = 'https://taskotron.stg.fedoraproject.org/resultsdb_api/api/v2.0' GREENWAVE_API_URL = 'https://greenwave.stg.fedoraproject.org/api/v1.0' CORS_URL = '*' -MESSAGING = "fedora-messaging" {% else %} DIST_GIT_BASE_URL = 'https://src.fedoraproject.org' DIST_GIT_URL_TEMPLATE = '{DIST_GIT_BASE_URL}/{pkg_namespace}/{pkg_name}/raw/{rev}/f/gating.yaml'