diff --git a/playbooks/openshift-apps/greenwave.yml b/playbooks/openshift-apps/greenwave.yml index b66c9ad3d5..63c78236f1 100644 --- a/playbooks/openshift-apps/greenwave.yml +++ b/playbooks/openshift-apps/greenwave.yml @@ -36,31 +36,16 @@ secret_name: greenwave-fedora-messaging-key key: greenwave.key privatefile: "rabbitmq/{{env}}/pki/private/greenwave{{env_suffix}}.key" - when: env == "staging" - role: openshift/secret-file app: greenwave secret_name: greenwave-fedora-messaging-crt key: greenwave.crt privatefile: "rabbitmq/{{env}}/pki/issued/greenwave{{env_suffix}}.crt" - when: env == "staging" - role: openshift/secret-file app: greenwave secret_name: greenwave-fedora-messaging-ca key: greenwave.ca privatefile: "rabbitmq/{{env}}/pki/ca.crt" - when: env == "staging" - - role: openshift/secret-file - app: greenwave - secret_name: greenwave-fedmsg-key - key: fedmsg-greenwave.key - privatefile: fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.fedoraproject.org.key - when: env != "staging" - - role: openshift/secret-file - app: greenwave - secret_name: greenwave-fedmsg-crt - key: fedmsg-greenwave.crt - privatefile: fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.fedoraproject.org.crt - when: env != "staging" - role: openshift/object app: greenwave template: imagestream.yml diff --git a/roles/openshift-apps/greenwave/templates/buildconfig.yml b/roles/openshift-apps/greenwave/templates/buildconfig.yml index 7d50985a65..80ec770af3 100644 --- a/roles/openshift-apps/greenwave/templates/buildconfig.yml +++ b/roles/openshift-apps/greenwave/templates/buildconfig.yml @@ -8,36 +8,11 @@ spec: runPolicy: Serial source: dockerfile: |- -{% if env == 'staging' %} # See imagestream.yml for the definition FROM greenwave-upstream:latest USER 0 RUN dnf -y install fedora-messaging && dnf clean all USER 1001 -{% else %} - # See imagestream.yml for the definition - FROM greenwave-upstream:latest - - # fedmsg needs a username. - ENV USER=greenwave - - # Become root during build to chmod - USER 0 - - # create a symlink for configuring the fedmsg consumers. - RUN ln -sfn /etc/fedmsg-greenwave.d/greenwave.py /etc/fedmsg.d/zz_greenwave.py - - # And another two for putting the certs in place. - RUN mkdir -p /etc/pki/fedmsg/ - RUN ln -sf /etc/pki/fedmsg/key/fedmsg-greenwave.key /etc/pki/fedmsg/greenwave.key - RUN ln -sf /etc/pki/fedmsg/crt/fedmsg-greenwave.crt /etc/pki/fedmsg/greenwave.crt - - # Make sure fedmsg can write its CRL. - RUN chmod 777 /var/run/fedmsg/ - - # Become non-root again - USER 1001 -{% endif %} strategy: type: Docker dockerStrategy: diff --git a/roles/openshift-apps/greenwave/templates/configmap.yml b/roles/openshift-apps/greenwave/templates/configmap.yml index a062973894..48f919669b 100644 --- a/roles/openshift-apps/greenwave/templates/configmap.yml +++ b/roles/openshift-apps/greenwave/templates/configmap.yml @@ -11,17 +11,6 @@ data: {{ load_file('settings.py') | indent }} fedora.yaml: |- {{ load_file('fedora.yaml') | indent }} - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: greenwave-fedmsg-configmap -data: - greenwave.py: |- - {{ load_file('greenwave.py') | indent }} - -{% if env == 'staging' %} --- apiVersion: v1 kind: ConfigMap @@ -32,4 +21,3 @@ metadata: data: config.toml: |- {{ load_file('config.toml') | indent }} -{% endif %} diff --git a/roles/openshift-apps/greenwave/templates/deploymentconfig.yml b/roles/openshift-apps/greenwave/templates/deploymentconfig.yml index d8ffb11311..1a8d9c0aae 100644 --- a/roles/openshift-apps/greenwave/templates/deploymentconfig.yml +++ b/roles/openshift-apps/greenwave/templates/deploymentconfig.yml @@ -55,7 +55,6 @@ spec: kind: ImageStreamTag name: greenwave:latest - type: ConfigChange -{% if env == 'staging' %} --- # For fedmsg consumers apiVersion: v1 @@ -129,76 +128,6 @@ spec: kind: ImageStreamTag name: greenwave:latest - type: ConfigChange -{% else %} ---- -# For fedmsg consumers -apiVersion: v1 -kind: DeploymentConfig -metadata: - name: greenwave-fedmsg-consumers - labels: - app: greenwave - service: fedmsg-consumers -spec: - replicas: 1 - selector: - service: fedmsg-consumers - template: - metadata: - labels: - app: greenwave - service: fedmsg-consumers - spec: - containers: - - name: fedmsg-consumers - image: registry/greenwave:latest - ports: - - containerPort: 8081 - command: - - '/usr/bin/fedmsg-hub-3' - volumeMounts: - - name: config-volume - mountPath: /etc/greenwave - readOnly: true - - name: fedmsg-config-volume - mountPath: /etc/fedmsg-greenwave.d - readOnly: true - - name: fedmsg-key-volume - mountPath: /etc/pki/fedmsg/key - readOnly: true - - name: fedmsg-crt-volume - mountPath: /etc/pki/fedmsg/crt - readOnly: true - resources: - limits: - memory: 384Mi - volumes: - # Give the fedmsg-consumer container access to the general config - - name: config-volume - configMap: - name: greenwave-configmap - # But *also* access to the fedmsg-specific config - - name: fedmsg-config-volume - configMap: - name: greenwave-fedmsg-configmap - # And... this secret volume gets set up in the playbook - - name: fedmsg-key-volume - secret: - secretName: greenwave-fedmsg-key - - name: fedmsg-crt-volume - secret: - secretName: greenwave-fedmsg-crt - triggers: - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - fedmsg-consumers - from: - kind: ImageStreamTag - name: greenwave:latest - - type: ConfigChange -{% endif %} --- # For memcached apiVersion: v1 diff --git a/roles/openshift-apps/greenwave/templates/settings.py b/roles/openshift-apps/greenwave/templates/settings.py index 4741ef4c68..05510ba19b 100644 --- a/roles/openshift-apps/greenwave/templates/settings.py +++ b/roles/openshift-apps/greenwave/templates/settings.py @@ -26,6 +26,7 @@ WAIVERDB_API_URL = 'https://waiverdb-web-waiverdb.app.os.fedoraproject.org/api/v RESULTSDB_API_URL = 'https://taskotron.fedoraproject.org/resultsdb_api/api/v2.0' GREENWAVE_API_URL = 'https://greenwave.fedoraproject.org/api/v1.0' CORS_URL = 'https://bodhi.fedoraproject.org' +MESSAGING = "fedora-messaging" {% endif %} CACHE = {