From 68141d381b0eb190b2b262d3e043ef47b1bf823c Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Tue, 21 Jun 2022 14:01:28 -0700 Subject: [PATCH] resultsdb: drop old vm's and adjust other apps to new openshift url Drop resultsdb vars and playbooks. resultsdb is now in openshift and on a different url. Adjust bodhi, pagure dist git for the new url. Drop taskotron roles. Signed-off-by: Kevin Fenzi --- inventory/group_vars/resultsdb_dev | 54 --------- inventory/group_vars/resultsdb_prod | 73 ----------- inventory/group_vars/resultsdb_stg | 68 ----------- .../resultsdb01.iad2.fedoraproject.org | 21 ---- .../resultsdb01.stg.iad2.fedoraproject.org | 20 ---- inventory/inventory | 10 -- playbooks/groups/resultsdb.yml | 113 ------------------ roles/bodhi2/base/templates/production.ini.j2 | 4 +- roles/ci_resultsdb/files/restart-on-fail.conf | 2 - roles/ci_resultsdb/tasks/main.yml | 50 -------- roles/ci_resultsdb/templates/config.toml | 96 --------------- roles/ci_resultsdb/templates/listener.cfg | 6 - roles/distgit/pagure/templates/pagure.cfg | 4 +- .../resultsdb-backend/defaults/main.yml | 2 - .../resultsdb-backend/tasks/main.yml | 112 ----------------- .../templates/config.toml.j2 | 19 --- .../templates/resultsdb.conf.j2 | 38 ------ .../templates/settings.py.j2 | 26 ---- .../taskotron/resultsdb-fedmsg/tasks/main.yml | 2 - .../resultsdb-frontend/defaults/main.yml | 2 - .../resultsdb-frontend/tasks/main.yml | 38 ------ .../templates/resultsdb_frontend.conf.j2 | 35 ------ .../templates/settings.py.j2 | 9 -- 23 files changed, 4 insertions(+), 800 deletions(-) delete mode 100644 inventory/group_vars/resultsdb_dev delete mode 100644 inventory/group_vars/resultsdb_prod delete mode 100644 inventory/group_vars/resultsdb_stg delete mode 100644 inventory/host_vars/resultsdb01.iad2.fedoraproject.org delete mode 100644 inventory/host_vars/resultsdb01.stg.iad2.fedoraproject.org delete mode 100644 playbooks/groups/resultsdb.yml delete mode 100644 roles/ci_resultsdb/files/restart-on-fail.conf delete mode 100644 roles/ci_resultsdb/tasks/main.yml delete mode 100644 roles/ci_resultsdb/templates/config.toml delete mode 100644 roles/ci_resultsdb/templates/listener.cfg delete mode 100644 roles/taskotron/resultsdb-backend/defaults/main.yml delete mode 100644 roles/taskotron/resultsdb-backend/tasks/main.yml delete mode 100644 roles/taskotron/resultsdb-backend/templates/config.toml.j2 delete mode 100644 roles/taskotron/resultsdb-backend/templates/resultsdb.conf.j2 delete mode 100644 roles/taskotron/resultsdb-backend/templates/settings.py.j2 delete mode 100644 roles/taskotron/resultsdb-fedmsg/tasks/main.yml delete mode 100644 roles/taskotron/resultsdb-frontend/defaults/main.yml delete mode 100644 roles/taskotron/resultsdb-frontend/tasks/main.yml delete mode 100644 roles/taskotron/resultsdb-frontend/templates/resultsdb_frontend.conf.j2 delete mode 100644 roles/taskotron/resultsdb-frontend/templates/settings.py.j2 diff --git a/inventory/group_vars/resultsdb_dev b/inventory/group_vars/resultsdb_dev deleted file mode 100644 index 51a102981b..0000000000 --- a/inventory/group_vars/resultsdb_dev +++ /dev/null @@ -1,54 +0,0 @@ ---- -############################################################ -# general information -############################################################ -allowed_hosts: - - 10.5.124 -deployment_type: dev -execdb_db_host: "{{ execdb_db_host_machine }}" -############################################################ -# execdb details -############################################################ -execdb_db_host_machine: db-qa01.qa.fedoraproject.org -execdb_db_name: execdb_dev -execdb_db_password: "{{ dev_execdb_db_password }}" -execdb_db_port: 5432 -execdb_db_user: "{{ dev_execdb_db_user }}" -execdb_endpoint: 'execdb' -execdb_secret_key: "{{ dev_execdb_secret_key }}" -external_hostname: taskotron-dev.fedoraproject.org -freezes: false -resultsdb_db_host: "{{ resultsdb_db_host_machine }}" -############################################################ -# resultsdb details -############################################################ - -# the db_host_machine bits are so that delegation continues to work, even if -# that db is localhost relative to resultsdb -# -resultsdb_db_host_machine: db-qa01.qa.fedoraproject.org -resultsdb_db_name: resultsdb_dev -resultsdb_db_password: "{{ dev_resultsdb_db_password }}" -resultsdb_db_port: 5432 -resultsdb_db_user: "{{ dev_resultsdb_db_user }}" -resultsdb_endpoint: 'resultsdb_api' -############################################################ -# resultsdb-frontend details -############################################################ -resultsdb_fe_endpoint: "resultsdb" -resultsdb_frontend_secret_key: "{{ dev_resultsdb_frontend_secret_key }}" -resultsdb_secret_key: "{{ dev_resultsdb_secret_key }}" -tcp_ports: [80, 443, "{{ resultsdb_db_port }}", "{{ execdb_db_port }}"] -vault_db_host: "{{ vault_db_host_machine }}" -vault_db_host_machine: db-qa01.qa.fedoraproject.org -vault_db_name: vault_dev -vault_db_password: "{{ dev_vault_db_password }}" -vault_db_port: 5432 -vault_db_user: "{{ dev_vault_db_user }}" -vault_endpoint: 'vault' -vault_masterkey: "{{dev_vault_masterkey}}" -############################################################ -# vault details -############################################################ -vault_public_url: "https://taskotron-dev.fedoraproject.org/vault" -vault_secret_key: "{{ dev_vault_secret_key }}" diff --git a/inventory/group_vars/resultsdb_prod b/inventory/group_vars/resultsdb_prod deleted file mode 100644 index 9da659ac16..0000000000 --- a/inventory/group_vars/resultsdb_prod +++ /dev/null @@ -1,73 +0,0 @@ ---- -############################################################ -# general information -############################################################ -allowed_hosts: - - 10.3.160.0/19 -deployment_type: prod -execdb_db_host: "{{ execdb_db_host_machine }}" -############################################################ -# execdb details -############################################################ -execdb_db_host_machine: db01.iad2.fedoraproject.org -execdb_db_name: execdb -execdb_db_password: "{{ prod_execdb_db_password }}" -execdb_db_port: 5432 -execdb_db_user: "{{ prod_execdb_db_user }}" -execdb_endpoint: 'execdb' -execdb_secret_key: "{{ prod_execdb_secret_key }}" -external_hostname: taskotron.fedoraproject.org -############################################################ -# fedmsg details -############################################################ -fedmsg_active: True -fedmsg_cert_prefix: resultsdb -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - taskotron.result.new - - resultsdb.result.new - group: apache - owner: root - service: resultsdb -ipa_client_shell_groups: - - sysadmin-qa -ipa_client_sudo_groups: - - sysadmin-qa -ipa_host_group: resultsdb -ipa_host_group_desc: ResultsDB application servers -# common items for the releng-* boxes -lvm_size: 50000 -mem_size: 16384 -nrpe_procs_crit: 300 -nrpe_procs_warn: 250 -num_cpus: 4 -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -primary_auth_source: ipa -resultsdb_db_host: "{{ resultsdb_db_host_machine }}" -############################################################ -# resultsdb details -############################################################ - -# the db_host_machine bits are so that delegation continues to work, even if -# that db is localhost relative to resultsdb -resultsdb_db_host_machine: db01.iad2.fedoraproject.org -resultsdb_db_name: resultsdb -resultsdb_db_password: "{{ prod_resultsdb_db_password }}" -resultsdb_db_port: 5432 -resultsdb_db_user: "{{ prod_resultsdb_db_user }}" -resultsdb_endpoint: 'resultsdb_api' -############################################################ -# resultsdb-frontend details -############################################################ -resultsdb_fe_endpoint: "resultsdb" -resultsdb_frontend_secret_key: "{{ prod_resultsdb_frontend_secret_key }}" -resultsdb_secret_key: "{{ prod_resultsdb_secret_key }}" -tcp_ports: [80, 443, "{{ resultsdb_db_port }}"] -vpn: true diff --git a/inventory/group_vars/resultsdb_stg b/inventory/group_vars/resultsdb_stg deleted file mode 100644 index e44d2b8c1f..0000000000 --- a/inventory/group_vars/resultsdb_stg +++ /dev/null @@ -1,68 +0,0 @@ ---- -############################################################ -# general information -############################################################ -allowed_hosts: - - 10.3.160.0/19 -deployment_type: stg -execdb_db_host: "{{ execdb_db_host_machine }}" -############################################################ -# execdb details -############################################################ -execdb_db_host_machine: db-qa01.qa.fedoraproject.org -execdb_db_name: execdb_stg -execdb_db_password: "{{ stg_execdb_db_password }}" -execdb_db_port: 5432 -execdb_db_user: "{{ stg_execdb_db_user }}" -execdb_endpoint: 'execdb' -execdb_secret_key: "{{ stg_execdb_secret_key }}" -external_hostname: taskotron.stg.fedoraproject.org -############################################################ -# fedmsg details -############################################################ -fedmsg_active: True -fedmsg_cert_prefix: resultsdb -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - taskotron.result.new - - resultsdb.result.new - group: apache - owner: root - service: resultsdb -# make sure we're using the stg fedsmg bus -fedmsg_env: stg -freezes: false -ipa_client_shell_groups: - - fi-apprentice - - sysadmin-noc - - sysadmin-qa - - sysadmin-veteran -ipa_client_sudo_groups: - - sysadmin-qa -ipa_host_group: resultsdb -ipa_host_group_desc: ResultsDB application servers -resultsdb_db_host: "{{ resultsdb_db_host_machine }}" -############################################################ -# resultsdb details -############################################################ - -# the db_host_machine bits are so that delegation continues to work, even if -# that db is localhost relative to resultsdb -resultsdb_db_host_machine: db01.stg.iad2.fedoraproject.org -resultsdb_db_name: resultsdb_stg -resultsdb_db_password: "{{ stg_resultsdb_db_password }}" -resultsdb_db_port: 5432 -resultsdb_db_user: "{{ stg_resultsdb_db_user }}" -resultsdb_endpoint: 'resultsdb_api' -############################################################ -# resultsdb-frontend details -############################################################ -resultsdb_fe_endpoint: "resultsdb" -resultsdb_frontend_secret_key: "{{ stg_resultsdb_frontend_secret_key }}" -resultsdb_secret_key: "{{ stg_resultsdb_secret_key }}" -tcp_ports: [80, 443, "{{ resultsdb_db_port }}"] diff --git a/inventory/host_vars/resultsdb01.iad2.fedoraproject.org b/inventory/host_vars/resultsdb01.iad2.fedoraproject.org deleted file mode 100644 index 8426a9ba01..0000000000 --- a/inventory/host_vars/resultsdb01.iad2.fedoraproject.org +++ /dev/null @@ -1,21 +0,0 @@ ---- -############################################################ -# networking -############################################################ -datacenter: iad2 -eth0_ipv4_gw: 10.3.163.254 -eth0_ipv4_ip: 10.3.163.89 -ks_repo: http://10.3.163.35/pub/fedora/linux/releases/31/Server/x86_64/os/ -############################################################ -# install -############################################################ -ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-31-iad2 -############################################################ -# virtual machine -############################################################ -lvm_size: 50000 -mem_size: 16384 -num_cpus: 4 -sudoers: "{{ private }}/files/sudo/qavirt-sudoers" -vmhost: vmhost-x86-05.iad2.fedoraproject.org -volgroup: /dev/vg_guests diff --git a/inventory/host_vars/resultsdb01.stg.iad2.fedoraproject.org b/inventory/host_vars/resultsdb01.stg.iad2.fedoraproject.org deleted file mode 100644 index c1c5f88a14..0000000000 --- a/inventory/host_vars/resultsdb01.stg.iad2.fedoraproject.org +++ /dev/null @@ -1,20 +0,0 @@ ---- -############################################################ -# networking -############################################################ -datacenter: iad2 -eth0_ipv4_gw: 10.3.166.254 -eth0_ipv4_ip: 10.3.166.36 -ks_repo: http://10.3.163.35/pub/fedora/linux/releases/31/Server/x86_64/os/ -############################################################ -# install -############################################################ -ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-31-iad2 -############################################################ -# virtual machine -############################################################ -lvm_size: 50000 -mem_size: 16384 -num_cpus: 4 -vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org -volgroup: /dev/vg_guests diff --git a/inventory/inventory b/inventory/inventory index 341a513db5..65282092d1 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -601,16 +601,6 @@ openqa01.iad2.fedoraproject.org [testcase_stats] openqa01.iad2.fedoraproject.org -[resultsdb:children] -resultsdb_stg -resultsdb_prod - -[resultsdb_stg] -resultsdb01.stg.iad2.fedoraproject.org - -[resultsdb_prod] -resultsdb01.iad2.fedoraproject.org - [smtp_mm] smtp-mm-ib01.fedoraproject.org smtp-mm-osuosl01.fedoraproject.org diff --git a/playbooks/groups/resultsdb.yml b/playbooks/groups/resultsdb.yml deleted file mode 100644 index 43f2b5a99d..0000000000 --- a/playbooks/groups/resultsdb.yml +++ /dev/null @@ -1,113 +0,0 @@ ---- -# create a new resultsdb production server -# NOTE: make sure there is room/space for this server on the vmhost -# NOTE: most of these vars_path come from group_vars/mirrorlist or from hostvars - -- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=resultsdb_dev:resultsdb_stg:resultsdb_prod" - -- name: make the box be real - hosts: resultsdb_stg:resultsdb_prod - user: root - gather_facts: True - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - pre_tasks: - - import_tasks: "{{ tasks_path }}/yumrepos.yml" - - roles: - - { role: base, tags: ['base'] } - - { role: rkhunter, tags: ['rkhunter'] } - - { role: nagios_client, tags: ['nagios_client'] } - - { role: hosts, tags: ['hosts']} - - { role: openvpn/client, - when: deployment_type == "prod" } - - ipa/client - - { role: collectd/base, tags: ['collectd_base'] } - - { role: sudo, tags: ['sudo'] } - - apache - - fedmsg/base - - { role: dnf-automatic, tags: ['dnfautomatic'] } - # Set up for fedora-messaging - - { role: rabbit/user, - username: "resultsdb{{ env_suffix }}"} - - role: rabbit/queue - username: "resultsdb{{ env_suffix }}" - queue_name: "resultsdb{{ env_suffix }}_ci_listener" - routing_keys: - - "org.centos.prod.ci.pipeline.allpackages-build.complete" - - "org.centos.prod.ci.pipeline.allpackages-build.image.complete" - - "org.centos.prod.ci.pipeline.allpackages-build.package.test.functional.complete" - - "org.centos.prod.ci.pipeline.allpackages-build.package.complete" - - "org.centos.prod.ci.pipeline.allpackages-build.package.ignored" - - "org.centos.prod.ci.koji-build.test.queued" - - "org.centos.prod.ci.koji-build.test.running" - - "org.centos.prod.ci.koji-build.test.complete" - - "org.centos.prod.ci.koji-build.test.error" - when: deployment_type == "prod" - thresholds: - warning: 10 - critical: 100 - tags: - - rabbit/queue - - - role: rabbit/queue - username: "resultsdb{{ env_suffix }}" - queue_name: "resultsdb{{ env_suffix }}_ci_listener" - routing_keys: - - "org.centos.*.ci.pipeline.allpackages-build.complete" - - "org.centos.*.ci.pipeline.allpackages-build.image.complete" - - "org.centos.*.ci.pipeline.allpackages-build.package.test.functional.complete" - - "org.centos.*.ci.pipeline.allpackages-build.package.complete" - - "org.centos.*.ci.pipeline.allpackages-build.package.ignored" - - "org.centos.*.ci.koji-build.test.queued" - - "org.centos.*.ci.koji-build.test.running" - - "org.centos.*.ci.koji-build.test.complete" - - "org.centos.*.ci.koji-build.test.error" - when: deployment_type == "stg" - tags: - - rabbit/queue - - tasks: - # this is how you include other task lists - - import_tasks: "{{ tasks_path }}/motd.yml" - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - -- name: configure resultsdb production - hosts: resultsdb_stg:resultsdb_prod - user: root - gather_facts: True - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - roles: - - { role: taskotron/resultsdb-fedmsg, tags: ['resultsdb-fedmsg'], when: deployment_type == "prod"} - - { role: taskotron/resultsdb-backend, tags: ['resultsdb-be'] } - - { role: taskotron/resultsdb-frontend, tags: ['resultsdb-fe'] } - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - -- name: Install ci-resultsdb-listener - hosts: resultsdb_stg:resultsdb_prod - user: root - gather_facts: True - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - roles: - - { role: ci_resultsdb, tags: ['ci_resultsdb'] } diff --git a/roles/bodhi2/base/templates/production.ini.j2 b/roles/bodhi2/base/templates/production.ini.j2 index d3495b374b..5d22275c6d 100644 --- a/roles/bodhi2/base/templates/production.ini.j2 +++ b/roles/bodhi2/base/templates/production.ini.j2 @@ -100,8 +100,8 @@ wiki_url = https://{{env_prefix}}fedoraproject.org/w/api.php test_case_base_url = https://{{env_prefix}}fedoraproject.org/wiki/ # URL of the resultsdb for integrating checks and stuff -# resultsdb_api_url = https://taskotron.fedoraproject.org/resultsdb_api/ -resultsdb_url = https://taskotron{{env_suffix}}.fedoraproject.org/resultsdb/ +resultsdb_api_url = https://resultdb{{env_suffix}}.fedoraproject.org/ +resultsdb_url = https://resultsdb{{env_suffix}}.fedoraproject.org/results/ # Set this to True to enable gating based on policies enforced by Greenwave. If you set this to # True, be sure to have celery-beat enabled in one of the Celery workers. diff --git a/roles/ci_resultsdb/files/restart-on-fail.conf b/roles/ci_resultsdb/files/restart-on-fail.conf deleted file mode 100644 index eedb19cd59..0000000000 --- a/roles/ci_resultsdb/files/restart-on-fail.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Restart=on-failure diff --git a/roles/ci_resultsdb/tasks/main.yml b/roles/ci_resultsdb/tasks/main.yml deleted file mode 100644 index 2dec3b262e..0000000000 --- a/roles/ci_resultsdb/tasks/main.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -- name: install ci_resultsdb's - package: name={{ item }} state=present - with_items: - - python-ci-resultsdb-listener - - fedora-messaging - tags: - - packages - -- name: make systemd drop-in override dir - file: name=/etc/systemd/system/httpd.service.d - state=directory - recurse=yes - owner=root group=root - tags: - - config - -- name: override httpd service to restart on failure - copy: dest=/etc/systemd/system/httpd.service.d/restart-on-fail.conf - src=restart-on-fail.conf - notify: - - reload systemd - - reload httpd - tags: - - config - -- name: Create /etc/ci-resultsdb-listener/ - file: name=/etc/ci-resultsdb-listener/ - state=directory - recurse=yes - owner=root group=root - tags: - - config - -- name: generate ci-resultsdb config files - template: src={{ item.file }} - dest={{ item.location }}/{{ item.file }} - owner=root group=root mode=0644 - with_items: - - { file: listener.cfg, location: /etc/ci-resultsdb-listener/} - - { file: config.toml, location: /etc/fedora-messaging/} - notify: - - reload httpd - tags: - - config - -- name: Start and enable the fedora-messaging service - service: name={{ item }} enabled=yes state=started - with_items: - - fm-consumer@config.service diff --git a/roles/ci_resultsdb/templates/config.toml b/roles/ci_resultsdb/templates/config.toml deleted file mode 100644 index cfb77c6f0f..0000000000 --- a/roles/ci_resultsdb/templates/config.toml +++ /dev/null @@ -1,96 +0,0 @@ -# A sample configuration for fedora-messaging. This file is in the TOML format. -# For complete details on all configuration options, see the documentation -# https://fedora-messaging.readthedocs.io/en/latest/configuration.html. - -amqp_url = "amqps://resultsdb{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" - - -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - -publish_exchange = "amq.topic" -passive_declares = true - -callback = "resultsdb_listener.consumer:Consumer" - - -[queues."resultsdb{{ env_suffix }}_ci_listener"] -durable = true -auto_delete = false -exclusive = true -arguments = {} - -# Note the double brackets below. -# To add another binding, add another [[bindings]] section. -[[bindings]] -queue = "resultsdb{{ env_suffix }}_ci_listener" -exchange = "amq.topic" -routing_keys = [ - 'org.centos.prod.ci.pipeline.allpackages-build.complete', - 'org.centos.prod.ci.pipeline.allpackages-build.image.complete', - 'org.centos.prod.ci.pipeline.allpackages-build.package.test.functional.complete', - 'org.centos.prod.ci.pipeline.allpackages-build.package.complete', - 'org.centos.prod.ci.pipeline.allpackages-build.package.ignored', - 'org.centos.prod.ci.koji-build.test.queued', - 'org.centos.prod.ci.koji-build.test.running', - 'org.centos.prod.ci.koji-build.test.complete', - 'org.centos.prod.ci.koji-build.test.error', - {% if env == "staging" -%} - 'org.centos.stage.ci.pipeline.allpackages-build.complete', - 'org.centos.stage.ci.pipeline.allpackages-build.image.complete', - 'org.centos.stage.ci.pipeline.allpackages-build.package.test.functional.complete', - 'org.centos.stage.ci.pipeline.allpackages-build.package.complete', - 'org.centos.stage.ci.pipeline.allpackages-build.package.ignored', - 'org.centos.stage.ci.koji-build.test.queued', - 'org.centos.stage.ci.koji-build.test.running', - 'org.centos.stage.ci.koji-build.test.complete', - 'org.centos.stage.ci.koji-build.test.error', - {%- endif %} -] - -[tls] -ca_cert = "/etc/pki/rabbitmq/resultsdb.ca" -keyfile = "/etc/pki/rabbitmq/resultsdb.key" -certfile = "/etc/pki/rabbitmq/resultsdb.crt" - -[client_properties] -app = "resultsdb_listener" -# Some suggested extra fields: -# URL of the project that provides this consumer -app_url = "https://pagure.io/ci-resultsdb-listener/" -# Contact emails for the maintainer(s) of the consumer - in case the -# broker admin needs to contact them, for e.g. -app_contacts_email = ["pingou@fedoraproject.org"] - -[qos] -prefetch_size = 0 -prefetch_count = 25 - -[log_config] -version = 1 -disable_existing_loggers = true - -[log_config.formatters.simple] -format = "[%(name)s %(levelname)s] %(message)s" - -[log_config.handlers.console] -class = "logging.StreamHandler" -formatter = "simple" -stream = "ext://sys.stdout" - -[log_config.loggers.fedora_messaging] -level = "INFO" -propagate = false -handlers = ["console"] - -[log_config.loggers.resultsdb_listener] -level = "DEBUG" -propagate = false -handlers = ["console"] - -[log_config.root] -level = "WARNING" -handlers = ["console"] diff --git a/roles/ci_resultsdb/templates/listener.cfg b/roles/ci_resultsdb/templates/listener.cfg deleted file mode 100644 index 0c96024a26..0000000000 --- a/roles/ci_resultsdb/templates/listener.cfg +++ /dev/null @@ -1,6 +0,0 @@ -[general] -datagrepper_url = https://apps.fedoraproject.org/datagrepper/raw - -[sender] -sender_type = ResultsdbSender -resultsdb_url = http://127.0.0.1/resultsdb_api/api/v2.0/ diff --git a/roles/distgit/pagure/templates/pagure.cfg b/roles/distgit/pagure/templates/pagure.cfg index 5049bb68d6..6889fe6071 100644 --- a/roles/distgit/pagure/templates/pagure.cfg +++ b/roles/distgit/pagure/templates/pagure.cfg @@ -243,11 +243,11 @@ REQUIRED_GROUPS = { } {% if env == 'staging' %} -RESULTSDB_URL = 'https://taskotron.stg.fedoraproject.org/resultsdb_api/' +RESULTSDB_URL = 'https://resultsdb.stg.fedoraproject.org/' FAS_URL = 'https://accounts.stg.fedoraproject.org' FAS_OPENID_ENDPOINT = 'https://id.stg.fedoraproject.org/openid/' {% else %} -RESULTSDB_URL = 'https://taskotron.fedoraproject.org/resultsdb_api/' +RESULTSDB_URL = 'https://resultsdb.fedoraproject.org/' FAS_URL = 'https://accounts.fedoraproject.org' {% endif %} diff --git a/roles/taskotron/resultsdb-backend/defaults/main.yml b/roles/taskotron/resultsdb-backend/defaults/main.yml deleted file mode 100644 index 25264b73d1..0000000000 --- a/roles/taskotron/resultsdb-backend/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -extra_enablerepos: '' diff --git a/roles/taskotron/resultsdb-backend/tasks/main.yml b/roles/taskotron/resultsdb-backend/tasks/main.yml deleted file mode 100644 index c1ca05965f..0000000000 --- a/roles/taskotron/resultsdb-backend/tasks/main.yml +++ /dev/null @@ -1,112 +0,0 @@ ---- -- name: start httpd (provided in the apache role) - service: name=httpd state=started - -- name: ensure packages required for resultsdb are installed (yum - required for testdays) - package: - state: present - name: - - resultsdb - - mod_wsgi - - python-psycopg2 - - libsemanage-python - when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat' - -- name: ensure packages required for resultsdb are installed (dnf) - dnf: name={{ item }} state=present - with_items: - - resultsdb - - python3-mod_wsgi - - python3-psycopg2 - - python3-libsemanage - - logrotate - when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined - -- name: ensure packages required for resultsdb are installed (dnf) - dnf: name={{ item }} state=present - with_items: - - resultsdb - - python3-mod_wsgi - - python3-psycopg2 - - python2-libsemanage - when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined - -- name: ensure database is created - delegate_to: "{{ resultsdb_db_host_machine }}" - become_user: postgres - become: true - postgresql_db: db={{ resultsdb_db_name }} - -- name: ensure resultsdb db user has access to database - delegate_to: "{{ resultsdb_db_host_machine }}" - become_user: postgres - become: true - postgresql_user: db={{ resultsdb_db_name }} user={{ resultsdb_db_user }} password={{ resultsdb_db_password }} role_attr_flags=NOSUPERUSER - -- name: ensure selinux lets httpd talk to postgres - seboolean: name=httpd_can_network_connect_db persistent=yes state=yes - -- name: ensure selinux lets fedora-messaging emit messages - seboolean: name=httpd_execmem persistent=yes state=yes - -- name: generate resultsdb config - template: src=settings.py.j2 dest=/etc/resultsdb/settings.py owner=root group=root mode=0644 - notify: - - reload httpd - -- name: generate resultsdb apache config - template: src=resultsdb.conf.j2 dest=/etc/httpd/conf.d/resultsdb.conf owner=root group=root mode=0644 - notify: - - reload httpd - -- name: create directory for fedora-messaging - file: - path: "{{ item }}" - owner: root - group: root - mode: 0755 - state: directory - with_items: - - "/etc/pki/rabbitmq/" - - "/etc/fedora-messaging" - tags: - - fedora-messaging - -- name: copy fedora-messaging certificates - copy: - src: "{{ item.src }}" - dest: "/etc/pki/rabbitmq/{{ item.dest }}" - owner: "{{ item.owner }}" - group: "{{ item.group }}" - mode: "{{ item.mode }}" - with_items: - - src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/resultsdb{{ env_suffix }}.crt" - dest: resultsdb.crt - owner: root - group: apache - mode: "444" - - src: "{{private}}/files/rabbitmq/{{env}}/pki/private/resultsdb{{ env_suffix }}.key" - dest: resultsdb.key - owner: root - group: apache - mode: "440" - - src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt" - dest: resultsdb.ca - owner: root - group: apache - mode: "444" - tags: - - fedora-messaging - -- name: generate fedora-messaging config - template: src=config.toml.j2 dest=/etc/fedora-messaging/config.toml owner=root group=root mode=0644 - notify: - - reload httpd - tags: - - fedora-messaging - -# this command will clear the exising database and it's now being run every time, regardless of whether -# /etc/resultsdb-is-init exists or not. We've already lost a lot of data, so commenting this command out -# while we figure out how to handle the problem -#- name: initialize resultsdb database -# shell: PROD='true' resultsdb init_db && touch /etc/resultsdb/db-is-init creates=/etc/resultsdb-is-init diff --git a/roles/taskotron/resultsdb-backend/templates/config.toml.j2 b/roles/taskotron/resultsdb-backend/templates/config.toml.j2 deleted file mode 100644 index c540c914ae..0000000000 --- a/roles/taskotron/resultsdb-backend/templates/config.toml.j2 +++ /dev/null @@ -1,19 +0,0 @@ -# Configuration for fedora-messaging. This file is in the TOML format. -# For complete details on all configuration options, see the documentation. - -{% if ansible_hostname == "resultsdb01.iad2.fedoraproject.org" %} -amqp_url = "amqps://resultsdb{{ env_suffix }}:@rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org/%2Fpubsub" -{% else %} -amqp_url = "amqps://resultsdb{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -{% endif %} - -{% if env == "staging" %} - topic_prefix = "org.fedoraproject.stg" -{% else %} - topic_prefix = "org.fedoraproject.prod" -{% endif %} - -[tls] -ca_cert = "/etc/pki/rabbitmq/resultsdb.ca" -keyfile = "/etc/pki/rabbitmq/resultsdb.key" -certfile = "/etc/pki/rabbitmq/resultsdb.crt" diff --git a/roles/taskotron/resultsdb-backend/templates/resultsdb.conf.j2 b/roles/taskotron/resultsdb-backend/templates/resultsdb.conf.j2 deleted file mode 100644 index dcec9402a2..0000000000 --- a/roles/taskotron/resultsdb-backend/templates/resultsdb.conf.j2 +++ /dev/null @@ -1,38 +0,0 @@ -{% if deployment_type in ['stg', 'prod'] %} -WSGIDaemonProcess resultsdb user=apache group=apache threads=20 processes=4 -{% else %} -WSGIDaemonProcess resultsdb user=apache group=apache threads=5 -{% endif %} -WSGIScriptAlias /{{ resultsdb_endpoint }} /usr/share/resultsdb/resultsdb.wsgi -WSGISocketPrefix run/wsgi - -# this isn't the best way to force SSL but it works for now -#RewriteEngine On -#RewriteCond %{HTTPS} !=on -#RewriteRule ^/resultsdb/admin/?(.*) https://%{SERVER_NAME}/$1 [R,L] - - - WSGIProcessGroup resultsdb - WSGIApplicationGroup %{GLOBAL} - WSGIScriptReloading On - - # Apache 2.4 - - Require method GET - Require ip 127.0.0.1 ::1{% for host in allowed_hosts %} {{ host }}{% endfor %} - - - - - Order allow,deny - Allow from all - - - - -#Alias /resultsdb/static /var/www/resultsdb/resultsdb/static - -# -#Order allow,deny -#Allow from all -# diff --git a/roles/taskotron/resultsdb-backend/templates/settings.py.j2 b/roles/taskotron/resultsdb-backend/templates/settings.py.j2 deleted file mode 100644 index 3cca1d1bcb..0000000000 --- a/roles/taskotron/resultsdb-backend/templates/settings.py.j2 +++ /dev/null @@ -1,26 +0,0 @@ -SECRET_KEY = '{{ resultsdb_secret_key }}' -SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://{{ resultsdb_db_user }}:{{ resultsdb_db_password }}@{{ resultsdb_db_host }}:{{ resultsdb_db_port }}/{{ resultsdb_db_name }}' -FILE_LOGGING = False -LOGFILE = '/var/log/resultsdb/resultsdb.log' -SYSLOG_LOGGING = False -STREAM_LOGGING = True - -{% if deployment_type in ['local', 'dev']%} -MESSAGE_BUS_PUBLISH = False -MESSAGE_BUS_PUBLISH_TASKOTRON = False -{% else %} -MESSAGE_BUS_PUBLISH = True -MESSAGE_BUS_PUBLISH_TASKOTRON = True -{% endif %} - -MESSAGE_BUS_PLUGIN = 'fedmsg' -MESSAGE_BUS_KWARGS = {'modname': 'resultsdb'} -{% if deployment_type in ['local'] %} -# This is for the Testdays deployment -MESSAGE_BUS_PLUGIN = 'dummy' -{% endif %} - - -# Extend the list of allowed outcomes -# See: https://pagure.io/task-abicheck/issue/19 -ADDITIONAL_RESULT_OUTCOMES = ('CRASHED', ) diff --git a/roles/taskotron/resultsdb-fedmsg/tasks/main.yml b/roles/taskotron/resultsdb-fedmsg/tasks/main.yml deleted file mode 100644 index 981d918a1f..0000000000 --- a/roles/taskotron/resultsdb-fedmsg/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -- name: ensure selinux lets httpd talk to the fedmsg-relay - seboolean: name=httpd_can_network_connect persistent=yes state=yes diff --git a/roles/taskotron/resultsdb-frontend/defaults/main.yml b/roles/taskotron/resultsdb-frontend/defaults/main.yml deleted file mode 100644 index 25264b73d1..0000000000 --- a/roles/taskotron/resultsdb-frontend/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -extra_enablerepos: '' diff --git a/roles/taskotron/resultsdb-frontend/tasks/main.yml b/roles/taskotron/resultsdb-frontend/tasks/main.yml deleted file mode 100644 index 4a121fefaf..0000000000 --- a/roles/taskotron/resultsdb-frontend/tasks/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: start httpd (provided in the apache role) - service: name=httpd state=started - -- name: ensure packages required for resultsdb_frontend are installed (yum - required for testdays) - package: - state: present - name: - - resultsdb_frontend - - mod_wsgi - when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat' - -- name: ensure packages required for resultsdb_frontend are installed (dnf) - dnf: name={{ item }} state=present - with_items: - - resultsdb_frontend - - python3-mod_wsgi - when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined - -- name: ensure packages required for resultsdb_frontend are installed (dnf) - dnf: name={{ item }} state=present - with_items: - - resultsdb_frontend - - python3-mod_wsgi - when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined - -- name: ensure selinux lets httpd talk to the network - seboolean: name=httpd_can_network_connect persistent=yes state=yes - -- name: generate resultsdb_frontend config - template: src=settings.py.j2 dest=/etc/resultsdb_frontend/settings.py owner=root group=root mode=0644 - notify: - - reload httpd - -- name: generate resultsdb_frontend apache config - template: src=resultsdb_frontend.conf.j2 dest=/etc/httpd/conf.d/resultsdb_frontend.conf owner=root group=root mode=0644 - notify: - - reload httpd diff --git a/roles/taskotron/resultsdb-frontend/templates/resultsdb_frontend.conf.j2 b/roles/taskotron/resultsdb-frontend/templates/resultsdb_frontend.conf.j2 deleted file mode 100644 index a6b3596c3f..0000000000 --- a/roles/taskotron/resultsdb-frontend/templates/resultsdb_frontend.conf.j2 +++ /dev/null @@ -1,35 +0,0 @@ -{% if deployment_type in ['stg', 'prod'] %} -WSGIDaemonProcess resultsdb_frontend user=apache group=apache threads=20 processes=4 -{% else %} -WSGIDaemonProcess resultsdb_frontend user=apache group=apache threads=5 -{% endif %} -WSGIScriptAlias /{{ resultsdb_fe_endpoint }} /usr/share/resultsdb_frontend/resultsdb_frontend.wsgi -WSGISocketPrefix run/wsgi - -# this isn't the best way to force SSL but it works for now -#RewriteEngine On -#RewriteCond %{HTTPS} !=on -#RewriteRule ^/resultsdb_frontend/admin/?(.*) https://%{SERVER_NAME}/$1 [R,L] - - - WSGIProcessGroup resultsdb_frontend - WSGIApplicationGroup %{GLOBAL} - WSGIScriptReloading On - - # Apache 2.4 - Require all granted - - - Order allow,deny - Allow from all - - - - -#Alias /resultsdb_frontend/static /var/www/resultsdb_frontend/resultsdb_frontend/static - -# -#Order allow,deny -#Allow from all -# - diff --git a/roles/taskotron/resultsdb-frontend/templates/settings.py.j2 b/roles/taskotron/resultsdb-frontend/templates/settings.py.j2 deleted file mode 100644 index 29b6df89cc..0000000000 --- a/roles/taskotron/resultsdb-frontend/templates/settings.py.j2 +++ /dev/null @@ -1,9 +0,0 @@ -# while you can use this as a template, we recommend that you use the blockerbugs -# cli to generate a config file -RDB_URL = 'http://127.0.0.1/{{ resultsdb_endpoint }}/api/v2.0' -SECRET_KEY = '{{ resultsdb_frontend_secret_key }}' - -FILE_LOGGING = False -LOGFILE = '/var/log/resultsdb_frontend/resultsdb_frontend.log' -SYSLOG_LOGGING = False -STREAM_LOGGING = True