fas: Add totpcgi start

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
2019-05-11 13:43:22 +02:00 · 2019-05-11 13:43:22 +02:00 · 15ff343aeb
commit 15ff343aeb
parent 43de4c3d7f
3 changed files with 108 additions and 0 deletions
--- a/playbooks/openshift-apps/fas.yml
+++ b/playbooks/openshift-apps/fas.yml
@ -41,6 +41,10 @@
    app: fas
    template: buildconfig-yubikey.yml
    objectname: buildconfig-yubikey.yml
+  - role: openshift/object
+    app: fas
+    template: buildconfig-totpcgi.yml
+    objectname: buildconfig-totpcgi.yml
  - role: openshift/object
    app: fas
    template_fullpath: "{{roles_path}}/fas_server/templates/configmap.yml"
--- a/roles/openshift-apps/fas/templates/buildconfig-totpcgi.yml
+++ b/roles/openshift-apps/fas/templates/buildconfig-totpcgi.yml
@ -0,0 +1,34 @@
+apiVersion: v1
+kind: BuildConfig
+metadata:
+  labels:
+    build: totpcgi
+  name: totpcgi
+spec:
+  runPolicy: Serial
+  source:
+    dockerfile: |-
+      FROM registry.access.redhat.com/rhel6
+      RUN curl -o /etc/yum.repos.d/rhel6.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/rhel6.repo && \
+          curl -o /etc/yum.repos.d/epel6.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/epel6.repo && \
+{% if env == "staging" %}
+          curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/rhel-infra-tags-stg.repo && \
+{% endif %}
+          curl -o /etc/yum.repos.d/infra-tags.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/rhel-infra-tags.repo
+
+      RUN yum install -y \
+          mod_auth_pgsql \
+          totpcgi \
+          totpcgi-provisioning \
+          python-qrcode \
+          httpd
+
+      EXPOSE 8080
+      ENTRYPOINT bash /etc/totpcgi/start.sh
+    type: Dockerfile
+  strategy:
+    type: Docker
+  output:
+    to:
+      kind: ImageStreamTag
+      name: totpcgi:latest
--- a/roles/openshift-apps/fas/templates/deploymentconfig-totpcgi.yml
+++ b/roles/openshift-apps/fas/templates/deploymentconfig-totpcgi.yml
@ -0,0 +1,70 @@
+apiVersion: v1
+kind: DeploymentConfig
+metadata:
+  labels:
+    app: fas
+    service: totpcgi
+  name: totpcgi
+spec:
+  replicas: 1
+  selector:
+    deploymentconfig: totpcgi
+  strategy:
+    activeDeadlineSeconds: 21600
+    recreateParams:
+      timeoutSeconds: 600
+    resources: {}
+    rollingParams:
+      intervalSeconds: 1
+      maxSurge: 25%
+      maxUnavailable: 25%
+      timeoutSeconds: 600
+      updatePeriodSeconds: 1
+    type: Rolling
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: fas
+        deploymentconfig: totpcgi
+    spec:
+      containers:
+      - name: totpcgi
+        image: totpcgi:latest
+        ports:
+        - containerPort: 8080
+        volumeMounts:
+        - name: config-volume
+          mountPath: /etc/totpcgi
+          readOnly: true
+        - name: httpdir-volume
+          mountPath: /httpdir
+        readinessProbe:
+          timeoutSeconds: 5
+          initialDelaySeconds: 1
+          httpGet:
+            path: /
+            port: 8080
+        livenessProbe:
+          timeoutSeconds: 5
+          initialDelaySeconds: 1
+          httpGet:
+            path: /
+            port: 8080
+      volumes:
+      - name: config-volume
+        configMap:
+          name: totpcgi
+      - name: httpdir-volume
+        emptyDir: {}
+  triggers:
+  - imageChangeParams:
+      automatic: true
+      containerNames:
+      - totpcgi
+      from:
+        kind: ImageStreamTag
+        name: totpcgi:latest
+        namespace: fas
+    type: ImageChange
+  - type: ConfigChange