resultsdb all in one role

roles/openshift-apps/resultsdb/templates/backend/configmaps.yml

@@ -47,4 +47,4 @@ data:
     ca_cert = "/etc/pki/rabbitmq/ca/resultsdb.ca"
     keyfile = "/etc/pki/rabbitmq/key/resultsdb.key"
     certfile = "/etc/pki/rabbitmq/crt/resultsdb.crt"
-{% endif %}
+{% endif %}

roles/openshift-apps/resultsdb/templates/backend/deploymentconfigs.yml

@@ -49,6 +49,17 @@ spec:
           image: "{{ prod_resultsdb_image }}"
 {% endif %}
           imagePullPolicy: Always
+          env:
+            - name: RESULTSDB_WSGI_SCRIPT_PATH
+              value: "/usr/share/resultsdb/resultsdb.wsgi"
+            - name: RESULTSDB_THREADS
+              value: "5"
+            - name: RESULTSDB_CONF_PATH
+              value: "/etc/httpd/conf.d/resultsdb.conf"
+            - name: RESULTSDB_LOG_LEVEL
+              value: "info"
+            - name: RESULTSDB_MESSAGING
+              value: "Y"
           ports:
             - containerPort: 5001
           volumeMounts:
@@ -113,4 +124,4 @@ spec:
             secretName: resultsdb-fedora-messaging-key
 {% endif %}
   triggers:
-    - type: ConfigChange}
+    - type: ConfigChange

roles/openshift-apps/resultsdb/templates/frontend/configmaps.yml

@@ -0,0 +1,51 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: "resultsdb-frontend-app-config"
+  labels:
+    app: resultsdb
+    service: web
+data:
+  settings.py: |-
+    import os    
+{% if env == 'staging' %}
+    RDB_URL = '{{ stg_resultsdb_frontend_api_url }}'
+{% else %}
+    RDB_URL = '{{ prod_resultsdb_frontend_api_url }}'
+{% endif %}
+    SECRET_KEY = os.environ['RESULTSDB_FRONTEND_SECRET_KEY']
+
+    FILE_LOGGING = False
+    LOGFILE = '/var/log/resultsdb_frontend/resultsdb_frontend.log'
+    SYSLOG_LOGGING = False
+    STREAM_LOGGING = True
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: "resultsdb-frontend-httpd-config"
+  labels:
+    app: resultsdb
+    service: web
+data:
+  resultsdb_frontend.conf: |-
+    WSGIDaemonProcess resultsdb_frontend user=apache group=apache threads=5
+    WSGIScriptAlias /web /usr/share/resultsdb_frontend/resultsdb_frontend.wsgi
+    WSGISocketPrefix /tmp/wsgi
+    
+    <Directory /usr/share/resultsdb_frontend>
+        WSGIProcessGroup resultsdb_frontend 
+        WSGIApplicationGroup %{GLOBAL}
+        WSGIScriptReloading On
+    
+        Order deny,allow
+        Allow from all
+        <IfModule mod_authz_core.c>
+            # Apache 2.4
+            Require all granted
+        </IfModule>
+        <IfModule !mod_auth_core.c>
+          Order allow,deny
+          Allow from all
+        </IfModule>
+    </Directory> 

roles/openshift-apps/resultsdb/templates/frontend/deploymentconfigs.yml

@@ -0,0 +1,74 @@
+apiVersion: v1
+kind: DeploymentConfig
+metadata:
+  name: "resultsdb-frontend"
+  labels:
+    app: resultsdb
+    service: web
+spec:
+  replicas: 2
+  selector:
+    app: resultsdb
+    service: web
+  strategy:
+    type: Rolling
+  template:
+    metadata:
+      labels:
+        app: resultsdb
+        service: web
+    spec:
+      containers:
+        - name: webapp
+{% if env == 'staging' %}
+          image: "{{ stg_resultsdb_frontend_image }}"
+{% else %}
+          image: "{{ prod_resultsdb_frontend_image }}"
+{% endif %}
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 5002
+          env:
+            - name: RESULTSDB_WSGI_SCRIPT_PATH
+              value: "/usr/share/resultsdb_frontend/resultsdb_frontend.wsgi"
+            - name: RESULTSDB_THREADS
+              value: "5"
+            - name: RESULTSDB_CONF_PATH
+              value: "/etc/httpd/conf.d/resultsdb_frontend.conf"
+            - name: RESULTSDB_LOG_LEVEL
+              value: "info"
+          volumeMounts:
+            - name: config-volume
+              mountPath: /etc/resultsdb_frontend
+              readOnly: true
+            - name: httpd-config-volume
+              mountPath: /etc/httpd/conf.d
+              readOnly: true
+          readinessProbe:
+            timeoutSeconds: 1
+            initialDelaySeconds: 5
+            httpGet:
+              path: /
+              port: 5002
+          livenessProbe:
+            timeoutSeconds: 1
+            initialDelaySeconds: 30
+            httpGet:
+              path: /
+              port: 5002
+          # Limit to 384MB memory. This is probably *not* enough but it is
+          # necessary in the current environment to allow for 2 replicas and
+          # rolling updates, without hitting the (very aggressive) memory quota.
+          resources:
+            limits:
+              memory: 384Mi
+              cpu: 0.3
+      volumes:
+        - name: config-volume
+          secret:
+            secretName: "resultsdb-frontend-app-config"
+        - name: httpd-config-volume
+          configMap:
+            name: "resultsdb-frontend-httpd-config"
+  triggers:
+    - type: ConfigChange

roles/openshift-apps/resultsdb/templates/frontend/secrets.yml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  # name: resultsdb-frontend-key
+  name: resultsdb-frontend-app-config
+  labels:
+    app: resultsdb
+    service: web
+stringData:
+  settings.py: |-
+    import os    
+{% if env == 'staging' %}
+    RDB_URL = '{{ stg_resultsdb_frontend_api_url }}'
+{% else %}
+    RDB_URL = '{{ prod_resultsdb_frontend_api_url }}'
+{% endif %}
+{% if env == 'staging' %}
+    SECRET_KEY = '{{ stg_resultsdb_frontend_secret_key }}'
+{% else %}
+    SECRET_KEY = '{{ prod_resultsdb_frontend_secret_key }}'
+{% endif %}
+    FILE_LOGGING = False
+    LOGFILE = '/var/log/resultsdb_frontend/resultsdb_frontend.log'
+    SYSLOG_LOGGING = False
+    STREAM_LOGGING = True

roles/openshift-apps/resultsdb/templates/frontend/services.yml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata: 
+  name: "resultsdb-frontend"
+  labels:
+    app: resultsdb
+    service: web
+spec:
+  selector:
+    app: resultsdb
+    service: web
+  ports:
+    - name: web
+      port: 5002
+      targetPort: 5002

roles/openshift-apps/resultsdb/templates/routes.yml

@@ -1,16 +0,0 @@
-apiVersion: v1
-  kind: Route
-  metadata:
-    name: "resultsdb-test-api"
-    labels:
-      app: resultsdb
-  spec:
-    path: /api
-    port:
-      targetPort: api
-    to:
-      kind: Service
-      name: "resultsdb-api"
-    tls:
-      termination: edge
-      insecureEdgeTerminationPolicy: Redirect

roles/openshift-apps/resultsdb/vars/main.yml

@@ -1,6 +1,16 @@
+# backend vars
+prod_resultsdb_image: quay.io/fedora-kube-sig/resultsdb-backend:latest-f35
+stg_resultsdb_image: quay.io/fedora-kube-sig/resultsdb-backend:latest-f35
+
 resultsdb_publish: true
 resultsdb_mod_wsgi_dir: '${MOD_WSGI_MODULES_DIRECTORY}'
 
 # For CRASHED see: https://pagure.io/task-abicheck/issue/19
 # For QUEUED and RUNNING see: https://pagure.io/fedora-infrastructure/issue/8989
 resultsdb_additional_result_outcomes: ['CRASHED', 'QUEUED', 'RUNNING']
+
+# frontend vars
+stg_resultsdb_frontend_image: 'quay.io/fedora-kube-sig/resultsdb-frontend:latest-f35'
+prod_resultsdb_frontend_image: 'quay.io/fedora-kube-sig/resultsdb-frontend:latest-f35'
+prod_resultsdb_frontend_api_url: 'http://resultsdb-api.resultsdb.svc.cluster.local:5001/api/v2.0'
+stg_resultsdb_frontend_api_url: 'http://resultsdb-api.resultsdb.svc.cluster.local:5001/api/v2.0'