From 4b1a070ac96903a767e0fdd1cb051214d7bbfe1c Mon Sep 17 00:00:00 2001 From: Ryan Lerch Date: Mon, 18 Mar 2024 13:02:47 +1000 Subject: [PATCH] kerneltest: add fedoramessaging configuration Signed-off-by: Ryan Lerch --- playbooks/openshift-apps/kerneltest.yml | 16 ++++++++ .../kerneltest/files/deploymentconfig.yml | 33 ++++++++++++++--- .../kerneltest/templates/configmap.yml | 9 +++++ .../templates/fedora-messaging.toml | 37 +++++++++++++++++++ 4 files changed, 89 insertions(+), 6 deletions(-) create mode 100644 roles/openshift-apps/kerneltest/templates/fedora-messaging.toml diff --git a/playbooks/openshift-apps/kerneltest.yml b/playbooks/openshift-apps/kerneltest.yml index 816b66bed0..43946b9f82 100644 --- a/playbooks/openshift-apps/kerneltest.yml +++ b/playbooks/openshift-apps/kerneltest.yml @@ -43,6 +43,22 @@ tags: - apply-appowners + - role: openshift/secret-file + app: kerneltest + secret_name: fedora-messaging-ca + key: cacert.pem + privatefile: "rabbitmq/{{env}}/pki/ca.crt" + - role: openshift/secret-file + app: kerneltest + secret_name: fedora-messaging-crt + key: kerneltest-cert.pem + privatefile: "rabbitmq/{{env}}/pki/issued/kerneltest{{env_suffix}}.crt" + - role: openshift/secret-file + app: kerneltest + secret_name: fedora-messaging-key + key: kerneltest-key.pem + privatefile: "rabbitmq/{{env}}/pki/private/kerneltest{{env_suffix}}.key" + - role: openshift/object app: kerneltest file: imagestream.yml diff --git a/roles/openshift-apps/kerneltest/files/deploymentconfig.yml b/roles/openshift-apps/kerneltest/files/deploymentconfig.yml index c88a6a440c..8b64252308 100644 --- a/roles/openshift-apps/kerneltest/files/deploymentconfig.yml +++ b/roles/openshift-apps/kerneltest/files/deploymentconfig.yml @@ -66,9 +66,21 @@ spec: - name: wsgi-script-volume mountPath: "/opt/app-root/src/deploy" readOnly: true - # - name: kerneltest-secrets-volume - # mountPath: /etc/kerneltest-secrets - # readOnly: true + - name: fedora-messaging-config-volume + mountPath: "/etc/fedora-messaging" + readOnly: true + - name: fedora-messaging-ca-volume + mountPath: /etc/pki/fedora-messaging/cacert.pem + subPath: cacert.pem + readOnly: true + - name: fedora-messaging-crt-volume + mountPath: /etc/pki/fedora-messaging/kerneltest-cert.pem + subPath: kerneltest-cert.pem + readOnly: true + - name: fedora-messaging-key-volume + mountPath: /etc/pki/fedora-messaging/kerneltest-key.pem + subPath: kerneltest-key.pem + readOnly: true - name: ipa-config-volume mountPath: /etc/ipa readOnly: true @@ -96,9 +108,18 @@ spec: - name: wsgi-script-volume configMap: name: wsgi-script - # - name: kerneltest-secrets-volume - # secret: - # secretName: kerneltest-secrets + - name: fedora-messaging-config-volume + configMap: + name: fedora-messaging-config + - name: fedora-messaging-ca-volume + secret: + secretName: fedora-messaging-ca + - name: fedora-messaging-crt-volume + secret: + secretName: fedora-messaging-crt + - name: fedora-messaging-key-volume + secret: + secretName: fedora-messaging-key - name: testlogs persistentVolumeClaim: claimName: testlogs diff --git a/roles/openshift-apps/kerneltest/templates/configmap.yml b/roles/openshift-apps/kerneltest/templates/configmap.yml index 02293149ed..179c9a4dc3 100644 --- a/roles/openshift-apps/kerneltest/templates/configmap.yml +++ b/roles/openshift-apps/kerneltest/templates/configmap.yml @@ -36,4 +36,13 @@ items: wsgi.py: |- {{ load_file('wsgi.py') | indent(6) }} __init__.py: "" +- apiVersion: v1 + kind: ConfigMap + metadata: + name: fedora-messaging-config + labels: + app: {{ app }} + data: + config.toml: |- + {{ load_file('fedora-messaging.toml') | indent(6) }} diff --git a/roles/openshift-apps/kerneltest/templates/fedora-messaging.toml b/roles/openshift-apps/kerneltest/templates/fedora-messaging.toml new file mode 100644 index 0000000000..bcecd25438 --- /dev/null +++ b/roles/openshift-apps/kerneltest/templates/fedora-messaging.toml @@ -0,0 +1,37 @@ +amqp_url = "amqps://kerneltest:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" + +# Just check if the queue exist, don't try to create it (the server does not allow it). +passive_declares = true + +# The topic_prefix configuration value will add a prefix to the topics of every sent message. +# This is used for migrating from fedmsg, and should not be used afterwards. +{% if env == "staging" %} +topic_prefix = "org.fedoraproject.stg" +{% else %} +topic_prefix = "org.fedoraproject.prod" +{% endif %} + +[tls] +ca_cert = "/etc/pki/fedora-messaging/cacert.pem" +keyfile = "/etc/pki/fedora-messaging/kerneltest-key.pem" +certfile = "/etc/pki/fedora-messaging/kerneltest-cert.pem" + +[client_properties] +app = "kerneltest" + +[log_config] +version = 1 +disable_existing_loggers = true +[log_config.formatters.simple] +format = "[%(levelname)s %(name)s] %(message)s" +[log_config.handlers.console] +class = "logging.StreamHandler" +formatter = "simple" +stream = "ext://sys.stdout" +[log_config.loggers.fedora_messaging] +level = "INFO" +propagate = false +handlers = ["console"] +[log_config.root] +level = "WARNING" +handlers = ["console"]