Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Simplify the Bodhi playbooks

Browse source 
It should not actually change anything on the hosts.

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2022-05-23 14:58:07 +02:00
parent 95ed6285d1
commit 2050d7112b
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
7 changed files with 7 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

10
playbooks/groups/bodhi-backend.yml
View file

@ -77,15 +77,7 @@
owner_user: apache owner_user: apache
owner_group: apache owner_group: apache
service: bodhi service: bodhi
host: "bodhi.fedoraproject.org" host: "bodhi{{ env_suffix }}.fedoraproject.org"
when: env == "production"
- role: keytab/service
owner_user: apache
owner_group: apache
service: bodhi
host: "bodhi.stg.fedoraproject.org"
when: env == "staging"
- role: zabbix/zabbix_agent - role: zabbix/zabbix_agent
when: env == "staging" when: env == "staging"

5
playbooks/openshift-apps/bodhi.yml
View file

@ -23,11 +23,6 @@
- set_fact: - set_fact:
args: args:
bodhi_version: "{{ bodhi_version }}" bodhi_version: "{{ bodhi_version }}"
when: env == "staging"
- set_fact:
args:
bodhi_version: "{{ bodhi_version }}"
when: env == "production"
roles: roles:
- role: rabbit/user - role: rabbit/user

8
roles/bodhi2/base/templates/production.ini.j2
View file

@ -419,11 +419,7 @@ fmn_url = https://apps{{env_suffix}}.fedoraproject.org/notifications/
# krb_principal = # krb_principal =
# krb_keytab = # krb_keytab =
# krb_ccache= # krb_ccache=
{% if env == 'staging' %}
krb_ccache = /tmp/krb5cc_%%{uid} krb_ccache = /tmp/krb5cc_%%{uid}
{% else %}
krb_ccache = /tmp/krb5cc_%%{uid}
{% endif %}
krb_principal = bodhi/bodhi{{ env_suffix }}.fedoraproject.org@{{ ipa_realm }} krb_principal = bodhi/bodhi{{ env_suffix }}.fedoraproject.org@{{ ipa_realm }}
krb_keytab = /etc/krb5.bodhi_bodhi{{ env_suffix }}.fedoraproject.org.keytab krb_keytab = /etc/krb5.bodhi_bodhi{{ env_suffix }}.fedoraproject.org.keytab
@ -669,8 +665,8 @@ openid.sreg_required = email nickname
{% if env == 'staging' %} {% if env == 'staging' %}
# OIDC (OpenID Connect) # OIDC (OpenID Connect)
oidc.fedora.client_id = bodhi oidc.fedora.client_id = bodhi
oidc.fedora.client_secret = {{ bodhi2_oidc_client_secret_staging }} oidc.fedora.client_secret = {{ (env == 'staging')|ternary(bodhi2_oidc_client_secret_staging, bodhi2_oidc_client_secret) }}
oidc.fedora.server_metadata_url = http://id.stg.fedoraproject.org/openidc/.well-known/openid-configuration oidc.fedora.server_metadata_url = http://id{{ env_suffix }}.fedoraproject.org/openidc/.well-known/openid-configuration
{% endif %} {% endif %}

4
roles/openshift-apps/bodhi/templates/buildconfig.yml
View file

@ -11,11 +11,7 @@ items:
runPolicy: Serial runPolicy: Serial
source: source:
dockerfile: |- dockerfile: |-
{% if env == "staging" %}
{{ load_file('dockerfile-base.stg') | indent(8) }}
{% else %}
{{ load_file('dockerfile-base') | indent(8) }} {{ load_file('dockerfile-base') | indent(8) }}
{% endif %}
type: Dockerfile type: Dockerfile
strategy: strategy:
type: Docker type: Docker

12
roles/openshift-apps/bodhi/templates/deploymentconfig.yml
View file

@ -8,11 +8,7 @@ items:
service: web service: web
name: bodhi-web name: bodhi-web
spec: spec:
{% if env == "staging" %}
replicas: {{ bodhi_openshift_pods }} replicas: {{ bodhi_openshift_pods }}
{% else %}
replicas: {{ bodhi_openshift_pods }}
{% endif %}
selector: selector:
deploymentconfig: bodhi-web deploymentconfig: bodhi-web
strategy: strategy:
@ -142,11 +138,7 @@ items:
service: consumer service: consumer
name: bodhi-consumer name: bodhi-consumer
spec: spec:
{% if env == "staging" %}
replicas: {{ bodhi_openshift_pods }} replicas: {{ bodhi_openshift_pods }}
{% else %}
replicas: {{ bodhi_openshift_pods }}
{% endif %}
selector: selector:
deploymentconfig: bodhi-consumer deploymentconfig: bodhi-consumer
strategy: strategy:
@ -239,11 +231,7 @@ items:
service: celery service: celery
name: bodhi-celery name: bodhi-celery
spec: spec:
{% if env == "staging" %}
replicas: {{ bodhi_openshift_pods }} replicas: {{ bodhi_openshift_pods }}
{% else %}
replicas: {{ bodhi_openshift_pods }}
{% endif %}
selector: selector:
deploymentconfig: bodhi-celery deploymentconfig: bodhi-celery
strategy: strategy:

4
roles/openshift-apps/bodhi/templates/dockerfile-base
View file

@ -1,4 +1,8 @@
{% if env == "staging" %}
FROM fedora:35
{% else %}
FROM fedora:34 FROM fedora:34
{% endif %}
LABEL \ LABEL \
name="bodhi-base" \ name="bodhi-base" \
vendor="Fedora Infrastructure" \ vendor="Fedora Infrastructure" \

23
roles/openshift-apps/bodhi/templates/dockerfile-base.stg
View file

@ -1,23 +0,0 @@
FROM fedora:35
LABEL \
name="bodhi-base" \
vendor="Fedora Infrastructure" \
license="MIT"
{% if env == "staging" %}
RUN curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/infra/ansible/files/common/fedora-infra-tags-stg.repo
{% else %}
RUN curl -o /etc/yum.repos.d/infra-tags.repo https://infrastructure.fedoraproject.org/infra/ansible/files/common/fedora-infra-tags.repo
{% endif %}
# While dnf has a --nodocs, it doesen't have a --docs...
RUN sed -i '/nodocs/d' /etc/dnf/dnf.conf
{% if env == "staging" %}
RUN dnf install -y bodhi-server bodhi-docs python3-pyramid_sawing python3-gunicorn --refresh
{% else %}
RUN dnf install -y bodhi-server-{{bodhi_version}} bodhi-docs-{{bodhi_version}} python3-pyramid_sawing python3-gunicorn
{% endif %}
# Set up krb5
RUN rm -f /etc/krb5.conf && \
ln -sf /etc/bodhi/krb5.conf /etc/krb5.conf && \
ln -sf /etc/keytabs/koji-keytab /etc/krb5.bodhi_bodhi{{ env_suffix }}.fedoraproject.org.keytab
ENV USER=openshift