From 2d209bef3ab5b8e779f217591adec8303d0ae4a1 Mon Sep 17 00:00:00 2001 From: lrossett Date: Thu, 1 Jul 2021 18:09:19 -0300 Subject: [PATCH] resultsdb-ci-listener playbook and role --- .../openshift-apps/resultsdb-ci-listener.yml | 61 ++++++++ .../templates/configmaps.yml | 131 ++++++++++++++++++ .../templates/deploymentconfigs.yml | 77 ++++++++++ .../resultsdb-ci-listener/vars/main.yml | 0 .../resultsdb-ci-listener/vars/vars.yml | 0 5 files changed, 269 insertions(+) create mode 100644 playbooks/openshift-apps/resultsdb-ci-listener.yml create mode 100644 roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml create mode 100644 roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml create mode 100644 roles/openshift-apps/resultsdb-ci-listener/vars/main.yml create mode 100644 roles/openshift-apps/resultsdb-ci-listener/vars/vars.yml diff --git a/playbooks/openshift-apps/resultsdb-ci-listener.yml b/playbooks/openshift-apps/resultsdb-ci-listener.yml new file mode 100644 index 0000000000..43490e41c3 --- /dev/null +++ b/playbooks/openshift-apps/resultsdb-ci-listener.yml @@ -0,0 +1,61 @@ +- name: make the app be real + # hosts: os_masters[0]:os_masters_stg[0] + hosts: os_masters_stg[0] + user: root + gather_facts: False + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - /srv/private/ansible/vars.yml + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + TODO: uncomment + - role: rabbit/user + username: "resultsdb-ci-listener{{ env_suffix }}" + + # The openshift/project role breaks if the project already exists: + # https://pagure.io/fedora-infrastructure/issue/6404 + - role: openshift/project + app: resultsdb-ci-listener + description: resultsdb-ci-listener + appowners: + - ralph + - mjia + - dcallagh + - gnaponie + - cverna + - pingou + - lholecek + - vmaljulin + - lrossett + tags: + - apply-appowners + + - role: openshift/secret-file + app: resultsdb-ci-listener + secret_name: resultsdb-ci-listener-fedora-messaging-key + key: resultsdb-ci-listener.key + privatefile: "rabbitmq/{{env}}/pki/private/resultsdb{{env_suffix}}.key" + + - role: openshift/secret-file + app: resultsdb-ci-listener + secret_name: resultsdb-ci-listener-fedora-messaging-crt + key: resultsdb-ci-listener.crt + privatefile: "rabbitmq/{{env}}/pki/issued/resultsdb{{env_suffix}}.crt" + + - role: openshift/secret-file + app: resultsdb-ci-listener + secret_name: resultsdb-ci-listener-fedora-messaging-ca + key: resultsdb-ci-listener.ca + privatefile: "rabbitmq/{{env}}/pki/ca.crt" + + - role: openshift/object + app: resultsdb-ci-listener + template: configmaps.yml + objectname: configmaps.yml + + - role: openshift/object + app: resultsdb-ci-listener + template: deploymentconfigs.yml + objectname: deploymentconfigs.yml \ No newline at end of file diff --git a/roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml b/roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml new file mode 100644 index 0000000000..c6880bee65 --- /dev/null +++ b/roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml @@ -0,0 +1,131 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: "fedora-messaging-configmap" + labels: + app: resultsdb-ci-listener +data: + config.toml: |- + # A sample configuration for fedora-messaging. This file is in the TOML format. + # For complete details on all configuration options, see the documentation + # https://fedora-messaging.readthedocs.io/en/latest/configuration.html. + + amqp_url = "amqps://resultsdb{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" + + +{% if env == "staging" %} + topic_prefix = "org.fedoraproject.stg" +{% else %} + topic_prefix = "org.fedoraproject.prod" +{% endif %} + + publish_exchange = "amq.topic" + passive_declares = true + + callback = "resultsdb_listener.consumer:Consumer" + + + [queues."resultsdb{{ env_suffix }}_ci_listener"] + durable = true + auto_delete = false + exclusive = true + arguments = {} + + # Note the double brackets below. + # To add another binding, add another [[bindings]] section. + [[bindings]] + queue = "resultsdb{{ env_suffix }}_ci_listener" + exchange = "amq.topic" + routing_keys = [ +{% if env == "staging" %} + 'org.centos.stage.ci.pipeline.allpackages-build.complete', + 'org.centos.stage.ci.pipeline.allpackages-build.image.complete', + 'org.centos.stage.ci.pipeline.allpackages-build.package.test.functional.complete', + 'org.centos.stage.ci.pipeline.allpackages-build.package.complete', + 'org.centos.stage.ci.pipeline.allpackages-build.package.ignored', + 'org.centos.stage.ci.koji-build.test.queued', + 'org.centos.stage.ci.koji-build.test.running', + 'org.centos.stage.ci.koji-build.test.complete', + 'org.centos.stage.ci.koji-build.test.error' +{% else %} + 'org.centos.prod.ci.pipeline.allpackages-build.complete', + 'org.centos.prod.ci.pipeline.allpackages-build.image.complete', + 'org.centos.prod.ci.pipeline.allpackages-build.package.test.functional.complete', + 'org.centos.prod.ci.pipeline.allpackages-build.package.complete', + 'org.centos.prod.ci.pipeline.allpackages-build.package.ignored', + 'org.centos.prod.ci.koji-build.test.queued', + 'org.centos.prod.ci.koji-build.test.running', + 'org.centos.prod.ci.koji-build.test.complete', + 'org.centos.prod.ci.koji-build.test.error' +{%- endif %} + ] + + [tls] + ca_cert = "/etc/pki/rabbitmq/ca/resultsdb-ci-listener.ca" + keyfile = "/etc/pki/rabbitmq/key/resultsdb-ci-listener.key" + certfile = "/etc/pki/rabbitmq/crt/resultsdb-ci-listener.crt" + + [client_properties] + app = "resultsdb_listener" + # Some suggested extra fields: + # URL of the project that provides this consumer + app_url = "https://pagure.io/ci-resultsdb-listener/" + # Contact emails for the maintainer(s) of the consumer - in case the + # broker admin needs to contact them, for e.g. + app_contacts_email = [ + "pingou@fedoraproject.org", + "lrossett@fedoraproject.org" + ] + + [qos] + prefetch_size = 0 + prefetch_count = 25 + + [log_config] + version = 1 + disable_existing_loggers = true + + [log_config.formatters.simple] + format = "[%(name)s %(levelname)s] %(message)s" + + [log_config.handlers.console] + class = "logging.StreamHandler" + formatter = "simple" + stream = "ext://sys.stdout" + + [log_config.loggers.fedora_messaging] + level = "INFO" + propagate = false + handlers = ["console"] + + [log_config.loggers.resultsdb_listener] + level = "DEBUG" + propagate = false + handlers = ["console"] + + [log_config.root] + level = "WARNING" + handlers = ["console"] +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: "resultsdb-ci-listener-cfg" + labels: + app: resultsdb-ci-listener +data: + listener.cfg: |- + [general] +{% if env == "staging" %} + datagrepper_url = https://apps.stg.fedoraproject.org/datagrepper/raw +{% else %} + datagrepper_url = https://apps.fedoraproject.org/datagrepper/raw +{% endif %} + + [sender] + sender_type = ResultsdbSender +{% if env == "staging" %} + resultsdb_url = {{ stg_results_ci_listener_resultsdb_url }} +{% else %} + resultsdb_url = {{ prod_results_ci_listener_resultsdb_url }} +{% endif %} \ No newline at end of file diff --git a/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml b/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml new file mode 100644 index 0000000000..459f2cf90e --- /dev/null +++ b/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml @@ -0,0 +1,77 @@ +apiVersion: v1 +kind: DeploymentConfig +metadata: + name: "resultsdb-ci-listener" + labels: + app: resultsdb-ci-listener +spec: + replicas: 1 + selector: + app: resultsdb-ci-listener + strategy: + type: Rolling + template: + metadata: + labels: + app: resultsdb-ci-listener + spec: + containers: + - name: listener +{% if env == 'staging' %} + image: "{{ stg_resultsdb_ci_listener_image }}" +{% else %} + image: "{{ prod_resultsdb_ci_listener_image }}" +{% endif %} + imagePullPolicy: Always + ports: + - containerPort: 5001 + volumeMounts: + - name: config-volume + mountPath: /etc/ci-resultsdb-listener + readOnly: true +{% if deployment_type not in ['local', 'dev'] %} + - name: fedora-messaging-ca-volume + mountPath: /etc/pki/rabbitmq/ca + readOnly: true + - name: fedora-messaging-key-volume + mountPath: /etc/pki/rabbitmq/key + readOnly: true + - name: fedora-messaging-crt-volume + mountPath: /etc/pki/rabbitmq/crt + readOnly: true + - name: fedora-messaging-config-volume + mountPath: /etc/fedora-messaging + readOnly: true +{% endif %} + livenessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 30 + exec: + command: + - ps + - -C + - fedora-messaging + resources: + limits: + memory: 500Mi + cpu: 0.3 + volumes: + - name: config-volume + configMap: + name: resultsdb-ci-listener-cfg +{% if deployment_type not in ['local', 'dev']%} + - name: fedora-messaging-config-volume + configMap: + name: fedora-messaging-configmap + - name: fedora-messaging-ca-volume + secret: + secretName: resultsdb-ci-listener-fedora-messaging-key + - name: fedora-messaging-crt-volume + secret: + secretName: resultsdb-ci-listener-fedora-messaging-crt + - name: fedora-messaging-key-volume + secret: + secretName: resultsdb-ci-listener-fedora-messaging-key +{% endif %} + triggers: + - type: ConfigChange \ No newline at end of file diff --git a/roles/openshift-apps/resultsdb-ci-listener/vars/main.yml b/roles/openshift-apps/resultsdb-ci-listener/vars/main.yml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/roles/openshift-apps/resultsdb-ci-listener/vars/vars.yml b/roles/openshift-apps/resultsdb-ci-listener/vars/vars.yml new file mode 100644 index 0000000000..e69de29bb2