From 4249161ad055dd9659995f416e24ff54c946fd55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Tue, 5 Jul 2022 08:35:10 +0200 Subject: [PATCH] RabbitMQ: add topic auth to more apps MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- inventory/group_vars/copr_back_aws | 2 ++ inventory/group_vars/copr_back_dev_aws | 2 ++ inventory/group_vars/github2fedmsg | 2 ++ inventory/group_vars/github2fedmsg_stg | 2 ++ .../copr-be-dev.cloud.fedoraproject.org | 2 ++ .../host_vars/copr-be.cloud.fedoraproject.org | 2 ++ playbooks/groups/batcave.yml | 10 ++++++---- playbooks/groups/koji-hub.yml | 2 ++ playbooks/groups/logserver.yml | 2 ++ playbooks/groups/mailman.yml | 6 ++++-- playbooks/groups/mirrormanager.yml | 7 +++++-- playbooks/groups/notifs-backend.yml | 7 +++++-- playbooks/groups/notifs-web.yml | 7 +++++-- playbooks/groups/odcs.yml | 6 ++++-- playbooks/groups/pdc.yml | 3 +++ playbooks/groups/people.yml | 1 + playbooks/groups/pkgs.yml | 2 ++ playbooks/groups/releng-compose.yml | 4 ++++ playbooks/groups/retrace.yml | 4 +++- playbooks/groups/sundries.yml | 8 +++++--- playbooks/groups/wiki.yml | 9 +++++++-- playbooks/manual/autosign.yml | 3 +++ .../openshift-apps/coreos-ostree-importer.yml | 2 ++ playbooks/openshift-apps/greenwave.yml | 2 ++ playbooks/openshift-apps/koschei.yml | 3 +++ .../openshift-apps/message-tagging-service.yml | 5 ++--- playbooks/openshift-apps/monitor_gating.yml | 2 ++ .../openshift-apps/resultsdb-ci-listener.yml | 5 ++--- playbooks/openshift-apps/resultsdb.yml | 2 ++ playbooks/openshift-apps/toddlers.yml | 5 ++--- playbooks/openshift-apps/waiverdb.yml | 2 ++ roles/messaging/base/tasks/main.yml | 1 + roles/rabbitmq_cluster/tasks/apps.yml | 18 +++--------------- roles/supybot/tasks/main.yml | 2 ++ 34 files changed, 98 insertions(+), 44 deletions(-) diff --git a/inventory/group_vars/copr_back_aws b/inventory/group_vars/copr_back_aws index a174c3c114..a851aa7476 100644 --- a/inventory/group_vars/copr_back_aws +++ b/inventory/group_vars/copr_back_aws @@ -46,6 +46,8 @@ messaging: - app_name: Copr build system key: copr username: copr + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.copr\..* nrpe_procs_crit: 2500 nrpe_procs_warn: 2200 root_auth_users: msuchy pingou frostyx praiskup diff --git a/inventory/group_vars/copr_back_dev_aws b/inventory/group_vars/copr_back_dev_aws index fe69c0a717..dfdc7ddbc5 100644 --- a/inventory/group_vars/copr_back_dev_aws +++ b/inventory/group_vars/copr_back_dev_aws @@ -40,6 +40,8 @@ messaging: - app_name: Copr build system key: copr username: copr + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.copr\..* root_auth_users: msuchy pingou frostyx praiskup spawn_in_advance: "false" tcp_ports: [ diff --git a/inventory/group_vars/github2fedmsg b/inventory/group_vars/github2fedmsg index 232ce1bc0e..dc647374ac 100644 --- a/inventory/group_vars/github2fedmsg +++ b/inventory/group_vars/github2fedmsg @@ -61,6 +61,8 @@ primary_auth_source: ipa tcp_ports: [80] # for fedora-messaging username: "github2fedmsg{{ env_suffix }}" +sent_topics: +- ^org\.fedoraproject\.{{ env_short }}\.github\..* # Definining these vars has a number of effects # 1) mod_wsgi is configured to use the vars for its own setup # 2) iptables opens enough ports for all threads for fedmsg diff --git a/inventory/group_vars/github2fedmsg_stg b/inventory/group_vars/github2fedmsg_stg index d11c5642b9..084b057105 100644 --- a/inventory/group_vars/github2fedmsg_stg +++ b/inventory/group_vars/github2fedmsg_stg @@ -60,6 +60,8 @@ num_cpus: 1 tcp_ports: [80] # for fedora-messaging username: "github2fedmsg{{ env_suffix }}" +sent_topics: +- ^org\.fedoraproject\.{{ env_short }}\.github\..* # Definining these vars has a number of effects # 1) mod_wsgi is configured to use the vars for its own setup # 2) iptables opens enough ports for all threads for fedmsg diff --git a/inventory/host_vars/copr-be-dev.cloud.fedoraproject.org b/inventory/host_vars/copr-be-dev.cloud.fedoraproject.org index 1790eeacbe..3212889ebc 100644 --- a/inventory/host_vars/copr-be-dev.cloud.fedoraproject.org +++ b/inventory/host_vars/copr-be-dev.cloud.fedoraproject.org @@ -21,6 +21,8 @@ messaging: - app_name: Copr build system key: copr username: copr + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.copr\..* # There is no python2 on F30 nagios_Check_Services: dhcpd: false diff --git a/inventory/host_vars/copr-be.cloud.fedoraproject.org b/inventory/host_vars/copr-be.cloud.fedoraproject.org index 6ddf9b834c..9113019ff6 100644 --- a/inventory/host_vars/copr-be.cloud.fedoraproject.org +++ b/inventory/host_vars/copr-be.cloud.fedoraproject.org @@ -21,6 +21,8 @@ messaging: - app_name: Copr build system key: copr username: copr + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.copr\..* nagios_Check_Services: dhcpd: false httpd: false diff --git a/playbooks/groups/batcave.yml b/playbooks/groups/batcave.yml index 87cb8e4984..d94eae5147 100644 --- a/playbooks/groups/batcave.yml +++ b/playbooks/groups/batcave.yml @@ -29,8 +29,6 @@ - role: httpd/certificate certname: "{{wildcard_cert_name}}" SSLCertificateChainFile: "{{wildcard_int_file}}" - - role: rabbit/user - username: "mirror_pagure_ansible{{ env_suffix }}" - role: rabbit/user username: "batcave{{ env_suffix }}" sent_topics: @@ -40,18 +38,22 @@ username: "mirror_pagure_ansible{{ env_suffix }}" queue_name: "mirror_pagure_ansible{{ env_suffix }}" routing_keys: - - "io.pagure.*.pagure.git.receive" + - "io.pagure.*.pagure.git.receive" thresholds: warning: 10 critical: 100 + sent_topics: + - ^$ - role: rabbit/queue username: "mirror_pagure_ansible{{ env_suffix }}" queue_name: "mirror_pagure_ansible{{ env_suffix }}_13" routing_keys: - - "io.pagure.*.pagure.git.receive" + - "io.pagure.*.pagure.git.receive" thresholds: warning: 10 critical: 100 + sent_topics: + - ^$ when: datacenter != 'iad2' - batcave - role: grobisplitter diff --git a/playbooks/groups/koji-hub.yml b/playbooks/groups/koji-hub.yml index a940031b31..bfa243cb32 100644 --- a/playbooks/groups/koji-hub.yml +++ b/playbooks/groups/koji-hub.yml @@ -118,6 +118,8 @@ - sudo - role: rabbit/user username: "koji{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.buildsys\..* tasks: - import_tasks: "{{ tasks_path }}/motd.yml" diff --git a/playbooks/groups/logserver.yml b/playbooks/groups/logserver.yml index 746ecc8a79..dd1de021d4 100644 --- a/playbooks/groups/logserver.yml +++ b/playbooks/groups/logserver.yml @@ -31,6 +31,8 @@ # Set up for fedora-messaging - role: rabbit/user username: "logging{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.logging\.stats\..* - logging pre_tasks: diff --git a/playbooks/groups/mailman.yml b/playbooks/groups/mailman.yml index ed440ba4c7..6efc749dfb 100644 --- a/playbooks/groups/mailman.yml +++ b/playbooks/groups/mailman.yml @@ -99,8 +99,10 @@ mailman_hyperkitty_cookie_key: "{{ mailman_hk_cookie_key }}" - role: fedmsg/base # Set up for fedora-messaging - - { role: rabbit/user, - username: "mailman{{ env_suffix }}"} + - role: rabbit/user + username: "mailman{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.mailman\..* tasks: - name: install more needed packages diff --git a/playbooks/groups/mirrormanager.yml b/playbooks/groups/mirrormanager.yml index e4d2d7077d..5acaebf189 100644 --- a/playbooks/groups/mirrormanager.yml +++ b/playbooks/groups/mirrormanager.yml @@ -102,8 +102,11 @@ roles: - role: fedmsg/base # Set up for fedora-messaging - - { role: rabbit/user, - username: "mirrormanager{{ env_suffix }}"} + - role: rabbit/user + username: "mirrormanager{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.mirrormanager\..* + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* handlers: - import_tasks: "{{ handlers_path }}/restart_services.yml" diff --git a/playbooks/groups/notifs-backend.yml b/playbooks/groups/notifs-backend.yml index 7fdc179fb0..d7213db757 100644 --- a/playbooks/groups/notifs-backend.yml +++ b/playbooks/groups/notifs-backend.yml @@ -36,8 +36,11 @@ - collectd/base - fedmsg/base # Set up for fedora-messaging - - { role: rabbit/user, - username: "notifs-backend{{ env_suffix }}"} + - role: rabbit/user + username: "notifs-backend{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.fmn\..* + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* - sudo tasks: diff --git a/playbooks/groups/notifs-web.yml b/playbooks/groups/notifs-web.yml index 0846179d4e..b770767671 100644 --- a/playbooks/groups/notifs-web.yml +++ b/playbooks/groups/notifs-web.yml @@ -27,8 +27,11 @@ - mod_wsgi - role: fedmsg/base # Set up for fedora-messaging - - { role: rabbit/user, - username: "notifs-web{{ env_suffix }}"} + - role: rabbit/user + username: "notifs-web{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.fmn\..* + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* - notifs/frontend - sudo diff --git a/playbooks/groups/odcs.yml b/playbooks/groups/odcs.yml index fb42331768..1ec2585880 100644 --- a/playbooks/groups/odcs.yml +++ b/playbooks/groups/odcs.yml @@ -44,6 +44,8 @@ roles: - role: rabbit/user username: "odcs{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.odcs\..* - mod_wsgi - role: nfs/client mnt_dir: '/mnt/fedora_koji' @@ -144,8 +146,6 @@ roles: - role: keytab/service service: odcs - - role: rabbit/user - username: "fmc{{ env_suffix }}" - role: rabbit/queue username: "fmc{{ env_suffix }}" queue_name: "{{ fmc_queue_name }}" @@ -153,6 +153,8 @@ thresholds: warning: 100 critical: 1000 + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.odcs\..* - role: fmc handlers: diff --git a/playbooks/groups/pdc.yml b/playbooks/groups/pdc.yml index ed0d6e70e9..1df2c62afe 100644 --- a/playbooks/groups/pdc.yml +++ b/playbooks/groups/pdc.yml @@ -47,5 +47,8 @@ # Set up for fedora-messaging - role: rabbit/user username: "pdc{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.pdc\..* + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* when: inventory_hostname.startswith(('pdc-web01','pdc-web01.stg')) - pdc/frontend diff --git a/playbooks/groups/people.yml b/playbooks/groups/people.yml index 978711bba7..b837fc4f96 100644 --- a/playbooks/groups/people.yml +++ b/playbooks/groups/people.yml @@ -77,6 +77,7 @@ username: "planet{{ env_suffix }}" sent_topics: - ^org\.fedoraproject\.{{ env_short }}\.planet\..* + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* - role: apache diff --git a/playbooks/groups/pkgs.yml b/playbooks/groups/pkgs.yml index f47555dfb9..2156421592 100644 --- a/playbooks/groups/pkgs.yml +++ b/playbooks/groups/pkgs.yml @@ -84,6 +84,8 @@ username: "pagure{{ env_suffix }}" sent_topics: - ^org\.fedoraproject\.{{ env_short }}\.pagure\..* + - ^org\.fedoraproject\.{{ env_short }}\.git\..* + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* handlers: - import_tasks: "{{ handlers_path }}/restart_services.yml" diff --git a/playbooks/groups/releng-compose.yml b/playbooks/groups/releng-compose.yml index 0832d39f75..23cfa83e89 100644 --- a/playbooks/groups/releng-compose.yml +++ b/playbooks/groups/releng-compose.yml @@ -130,6 +130,10 @@ - role: rabbit/user username: "pungi{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* + - ^org\.fedoraproject\.{{ env_short }}\.pungi\..* + - ^org\.fedoraproject\.{{ env_short }}\.compose\..* - { role: "push-container-registry", diff --git a/playbooks/groups/retrace.yml b/playbooks/groups/retrace.yml index f7c631ca60..b3ef738e47 100644 --- a/playbooks/groups/retrace.yml +++ b/playbooks/groups/retrace.yml @@ -27,7 +27,7 @@ roles: - role: rabbit/queue - username: faf + username: faf{{ env_suffix }} queue_name: faf routing_keys: - "org.fedoraproject.*.faf.report.threshold1" @@ -46,6 +46,8 @@ - "org.fedoraproject.*.faf.problem.threshold10000" - "org.fedoraproject.*.faf.problem.threshold100000" - "org.fedoraproject.*.faf.problem.threshold1000000" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.faf\..* - name: Setup retrace hosts hosts: retrace,retrace_stg diff --git a/playbooks/groups/sundries.yml b/playbooks/groups/sundries.yml index cef2d3e776..9b601897a5 100644 --- a/playbooks/groups/sundries.yml +++ b/playbooks/groups/sundries.yml @@ -55,9 +55,11 @@ when: master_sundries_node|bool - role: fedora-web/kinoite/build when: master_sundries_node|bool - - { role: rabbit/user, - username: "sundries{{ env_suffix }}", - when: master_sundries_node|bool and deployment_type == "stg" } + - role: rabbit/user + username: "sundries{{ env_suffix }}" + sent_topics: + - ^$ + when: master_sundries_node|bool and deployment_type == "stg" - role: fedmsg/base when: master_sundries_node|bool - role: nfs/client diff --git a/playbooks/groups/wiki.yml b/playbooks/groups/wiki.yml index 1723f1d765..0ca1ec83eb 100644 --- a/playbooks/groups/wiki.yml +++ b/playbooks/groups/wiki.yml @@ -30,8 +30,13 @@ - apache - fedmsg/base # Set up for fedora-messaging - - { role: rabbit/user, username: "wiki{{ env_suffix }}", when: inventory_hostname.startswith('wiki01') } - - { role: rabbit/queue, username: "wiki{{ env_suffix }}", queue_name: "wiki{{ env_suffix }}"} + - role: rabbit/queue + username: "wiki{{ env_suffix }}" + queue_name: "wiki{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.wiki\..* + - ^org\.fedoraproject\.{{ env_short }}\.logger\.log\..* + when: inventory_hostname.startswith('wiki01') - { role: nfs/client, when: env == "staging", mnt_dir: '/mnt/web/attachments', nfs_src_dir: 'fedora_app_staging/app/attachments' } - { role: nfs/client, when: env != "staging", mnt_dir: '/mnt/web/attachments', nfs_src_dir: 'fedora_app/app/attachments' } - mediawiki diff --git a/playbooks/manual/autosign.yml b/playbooks/manual/autosign.yml index 787fc654b7..cbf8f85c94 100644 --- a/playbooks/manual/autosign.yml +++ b/playbooks/manual/autosign.yml @@ -67,6 +67,9 @@ - "org.fedoraproject.*.coreos.build.request.artifacts-sign" - "org.fedoraproject.*.coreos.build.request.ostree-sign" - "org.fedoraproject.*.buildsys.tag" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.coreos\..*\.finished$ + - ^org\.fedoraproject\.{{ env_short }}\.robosignatory\..*\.finished$ - robosignatory - role: keytab/service service: autosign diff --git a/playbooks/openshift-apps/coreos-ostree-importer.yml b/playbooks/openshift-apps/coreos-ostree-importer.yml index 4c03cd5cd2..e387664df2 100644 --- a/playbooks/openshift-apps/coreos-ostree-importer.yml +++ b/playbooks/openshift-apps/coreos-ostree-importer.yml @@ -43,6 +43,8 @@ thresholds: warning: 10 critical: 100 + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.coreos\..* # Fedora Messaging secrets - role: openshift/secret-file diff --git a/playbooks/openshift-apps/greenwave.yml b/playbooks/openshift-apps/greenwave.yml index 7e0b725e8f..45bbdbe80d 100644 --- a/playbooks/openshift-apps/greenwave.yml +++ b/playbooks/openshift-apps/greenwave.yml @@ -19,6 +19,8 @@ thresholds: warning: 50 critical: 100 + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.greenwave\..* # The openshift/project role breaks if the project already exists: # https://pagure.io/fedora-infrastructure/issue/6404 diff --git a/playbooks/openshift-apps/koschei.yml b/playbooks/openshift-apps/koschei.yml index b88e4ed18c..8a9410e37c 100644 --- a/playbooks/openshift-apps/koschei.yml +++ b/playbooks/openshift-apps/koschei.yml @@ -16,6 +16,9 @@ queue_name: "{{ app }}{{ env_suffix }}" routing_keys: [] message_ttl: 60000 + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.koschei\..* + - ^org\.fedoraproject\.{{ env_short }}\.ci\..* - openshift/project diff --git a/playbooks/openshift-apps/message-tagging-service.yml b/playbooks/openshift-apps/message-tagging-service.yml index 2be775ce66..f08fb12095 100644 --- a/playbooks/openshift-apps/message-tagging-service.yml +++ b/playbooks/openshift-apps/message-tagging-service.yml @@ -37,9 +37,6 @@ # Setup for fedora-messaging - - role: rabbit/user - username: "mts{{ env_suffix }}" - - role: rabbit/queue username: "mts{{ env_suffix }}" queue_name: "mts{{ env_suffix }}" @@ -48,6 +45,8 @@ thresholds: warning: 10 critical: 100 + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.build\.tag\..* # cacert, certificate and private key for fedora-messaging diff --git a/playbooks/openshift-apps/monitor_gating.yml b/playbooks/openshift-apps/monitor_gating.yml index 043c0855bc..cdc5ba121b 100644 --- a/playbooks/openshift-apps/monitor_gating.yml +++ b/playbooks/openshift-apps/monitor_gating.yml @@ -26,6 +26,8 @@ - role: rabbit/user username: "monitor-gating{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.monitor-gating\..* - role: openshift/keytab app: monitor-gating diff --git a/playbooks/openshift-apps/resultsdb-ci-listener.yml b/playbooks/openshift-apps/resultsdb-ci-listener.yml index 2a2a8f2d8c..57ef03db1b 100644 --- a/playbooks/openshift-apps/resultsdb-ci-listener.yml +++ b/playbooks/openshift-apps/resultsdb-ci-listener.yml @@ -9,9 +9,6 @@ - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml roles: - - role: rabbit/user - username: "resultsdb{{ env_suffix }}_ci_listener" - - role: rabbit/queue username: "resultsdb{{ env_suffix }}_ci_listener" queue_name: "resultsdb{{ env_suffix }}_ci_listener" @@ -25,6 +22,8 @@ - 'org.centos.*.ci.koji-build.test.running' - 'org.centos.*.ci.koji-build.test.complete' - 'org.centos.*.ci.koji-build.test.error' + sent_topics: + - ^$ # The openshift/project role breaks if the project already exists: # https://pagure.io/fedora-infrastructure/issue/6404 diff --git a/playbooks/openshift-apps/resultsdb.yml b/playbooks/openshift-apps/resultsdb.yml index 5250cb5559..21bca18bbd 100644 --- a/playbooks/openshift-apps/resultsdb.yml +++ b/playbooks/openshift-apps/resultsdb.yml @@ -40,6 +40,8 @@ roles: - role: rabbit/user username: "resultsdb{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.resultsdb\..* # The openshift/project role breaks if the project already exists: # https://pagure.io/fedora-infrastructure/issue/6404 diff --git a/playbooks/openshift-apps/toddlers.yml b/playbooks/openshift-apps/toddlers.yml index c8eb5870fa..9f51c407e2 100644 --- a/playbooks/openshift-apps/toddlers.yml +++ b/playbooks/openshift-apps/toddlers.yml @@ -22,9 +22,6 @@ tags: - appowners - - role: rabbit/user - username: "toddlers{{ env_suffix }}" - - role: rabbit/queue username: toddlers{{ env_suffix }} queue_name: toddlers{{ env_suffix }} @@ -56,6 +53,8 @@ thresholds: warning: 10 critical: 100 + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.toddlers\..* - role: openshift/keytab app: toddlers diff --git a/playbooks/openshift-apps/waiverdb.yml b/playbooks/openshift-apps/waiverdb.yml index 550faf0f0c..aad223effa 100644 --- a/playbooks/openshift-apps/waiverdb.yml +++ b/playbooks/openshift-apps/waiverdb.yml @@ -39,6 +39,8 @@ roles: - role: rabbit/user username: "waiverdb{{ env_suffix }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.waiverdb\..* # The openshift/project role breaks if the project already exists: # https://pagure.io/fedora-infrastructure/issue/6404 diff --git a/roles/messaging/base/tasks/main.yml b/roles/messaging/base/tasks/main.yml index 1433cc235b..f4d02a874b 100644 --- a/roles/messaging/base/tasks/main.yml +++ b/roles/messaging/base/tasks/main.yml @@ -56,6 +56,7 @@ include_role: name=rabbit/user vars: - username: "{{ item.username }}{{ env_suffix }}" + sent_topics: "{{ item.sent_topics }}" with_items: "{{ messaging.certificates }}" tags: - fedora-messaging diff --git a/roles/rabbitmq_cluster/tasks/apps.yml b/roles/rabbitmq_cluster/tasks/apps.yml index 16ab2f60b7..cd5f8a30df 100644 --- a/roles/rabbitmq_cluster/tasks/apps.yml +++ b/roles/rabbitmq_cluster/tasks/apps.yml @@ -68,14 +68,9 @@ include_role: name: rabbit/user vars: - username: copr{{ env_suffix }} - -- name: faf - run_once: true - include_role: - name: rabbit/user - vars: - username: faf{{ env_suffix }} + username: copr{{ env_suffix }} + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.copr\..* - name: CentOS Stream run_once: true @@ -371,13 +366,6 @@ # # ELN BEGIN -- name: eln build user - run_once: true - include_role: - name: rabbit/user - vars: - username: distrobuildsync-eln - - name: eln queue run_once: true include_role: diff --git a/roles/supybot/tasks/main.yml b/roles/supybot/tasks/main.yml index 3b5d47b61e..85ba60ac3c 100644 --- a/roles/supybot/tasks/main.yml +++ b/roles/supybot/tasks/main.yml @@ -104,6 +104,8 @@ name: rabbit/user vars: username: "{{ botnames[env] }}" + sent_topics: + - ^org\.fedoraproject\.{{ env_short }}\.meetbot\..* when: - inventory_hostname.startswith('value02')