Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

kerneltest: add fedoramessaging configuration

Browse source 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
This commit is contained in:
Ryan Lercho 2024-03-18 13:02:47 +10:00
parent fa729a6210
commit 4b1a070ac9
4 changed files with 89 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

16
playbooks/openshift-apps/kerneltest.yml
View file

@ -43,6 +43,22 @@
tags:
- apply-appowners
- role: openshift/secret-file
app: kerneltest
secret_name: fedora-messaging-ca
key: cacert.pem
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
- role: openshift/secret-file
app: kerneltest
secret_name: fedora-messaging-crt
key: kerneltest-cert.pem
privatefile: "rabbitmq/{{env}}/pki/issued/kerneltest{{env_suffix}}.crt"
- role: openshift/secret-file
app: kerneltest
secret_name: fedora-messaging-key
key: kerneltest-key.pem
privatefile: "rabbitmq/{{env}}/pki/private/kerneltest{{env_suffix}}.key"
- role: openshift/object
app: kerneltest
file: imagestream.yml

33
roles/openshift-apps/kerneltest/files/deploymentconfig.yml
View file

@ -66,9 +66,21 @@ spec:
- name: wsgi-script-volume
mountPath: "/opt/app-root/src/deploy"
readOnly: true
# - name: kerneltest-secrets-volume
# mountPath: /etc/kerneltest-secrets
# readOnly: true
- name: fedora-messaging-config-volume
mountPath: "/etc/fedora-messaging"
readOnly: true
- name: fedora-messaging-ca-volume
mountPath: /etc/pki/fedora-messaging/cacert.pem
subPath: cacert.pem
readOnly: true
- name: fedora-messaging-crt-volume
mountPath: /etc/pki/fedora-messaging/kerneltest-cert.pem
subPath: kerneltest-cert.pem
readOnly: true
- name: fedora-messaging-key-volume
mountPath: /etc/pki/fedora-messaging/kerneltest-key.pem
subPath: kerneltest-key.pem
readOnly: true
- name: ipa-config-volume
mountPath: /etc/ipa
readOnly: true
@ -96,9 +108,18 @@ spec:
- name: wsgi-script-volume
configMap:
name: wsgi-script
# - name: kerneltest-secrets-volume
# secret:
# secretName: kerneltest-secrets
- name: fedora-messaging-config-volume
configMap:
name: fedora-messaging-config
- name: fedora-messaging-ca-volume
secret:
secretName: fedora-messaging-ca
- name: fedora-messaging-crt-volume
secret:
secretName: fedora-messaging-crt
- name: fedora-messaging-key-volume
secret:
secretName: fedora-messaging-key
- name: testlogs
persistentVolumeClaim:
claimName: testlogs

9
roles/openshift-apps/kerneltest/templates/configmap.yml
View file

@ -36,4 +36,13 @@ items:
wsgi.py: |-
{{ load_file('wsgi.py') | indent(6) }}
__init__.py: ""
- apiVersion: v1
kind: ConfigMap
metadata:
name: fedora-messaging-config
labels:
app: {{ app }}
data:
config.toml: |-
{{ load_file('fedora-messaging.toml') | indent(6) }}

37
roles/openshift-apps/kerneltest/templates/fedora-messaging.toml Normal file
View file

@ -0,0 +1,37 @@
amqp_url = "amqps://kerneltest:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
# Just check if the queue exist, don't try to create it (the server does not allow it).
passive_declares = true
# The topic_prefix configuration value will add a prefix to the topics of every sent message.
# This is used for migrating from fedmsg, and should not be used afterwards.
{% if env == "staging" %}
topic_prefix = "org.fedoraproject.stg"
{% else %}
topic_prefix = "org.fedoraproject.prod"
{% endif %}
[tls]
ca_cert = "/etc/pki/fedora-messaging/cacert.pem"
keyfile = "/etc/pki/fedora-messaging/kerneltest-key.pem"
certfile = "/etc/pki/fedora-messaging/kerneltest-cert.pem"
[client_properties]
app = "kerneltest"
[log_config]
version = 1
disable_existing_loggers = true
[log_config.formatters.simple]
format = "[%(levelname)s %(name)s] %(message)s"
[log_config.handlers.console]
class = "logging.StreamHandler"
formatter = "simple"
stream = "ext://sys.stdout"
[log_config.loggers.fedora_messaging]
level = "INFO"
propagate = false
handlers = ["console"]
[log_config.root]
level = "WARNING"
handlers = ["console"]