resultsdb: drop old vm's and adjust other apps to new openshift url

Drop resultsdb vars and playbooks. resultsdb is now in openshift and on a different url. Adjust bodhi, pagure dist git for the new url. Drop taskotron roles. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-21 14:01:28 -07:00 · 2022-06-21 14:01:28 -07:00 · 68141d381b
commit 68141d381b
parent 1a7a0b372a
23 changed files with 4 additions and 800 deletions
--- a/roles/bodhi2/base/templates/production.ini.j2
+++ b/roles/bodhi2/base/templates/production.ini.j2
@ -100,8 +100,8 @@ wiki_url = https://{{env_prefix}}fedoraproject.org/w/api.php
 test_case_base_url = https://{{env_prefix}}fedoraproject.org/wiki/

 # URL of the resultsdb for integrating checks and stuff
-# resultsdb_api_url = https://taskotron.fedoraproject.org/resultsdb_api/
-resultsdb_url = https://taskotron{{env_suffix}}.fedoraproject.org/resultsdb/
+resultsdb_api_url = https://resultdb{{env_suffix}}.fedoraproject.org/
+resultsdb_url = https://resultsdb{{env_suffix}}.fedoraproject.org/results/

 # Set this to True to enable gating based on policies enforced by Greenwave. If you set this to
 # True, be sure to have celery-beat enabled in one of the Celery workers.
--- a/roles/ci_resultsdb/files/restart-on-fail.conf
+++ b/roles/ci_resultsdb/files/restart-on-fail.conf
@ -1,2 +0,0 @@
-[Service]
-Restart=on-failure
--- a/roles/ci_resultsdb/tasks/main.yml
+++ b/roles/ci_resultsdb/tasks/main.yml
@ -1,50 +0,0 @@
---
- name: install ci_resultsdb's
-  package: name={{ item }} state=present
-  with_items:
-    - python-ci-resultsdb-listener
-    - fedora-messaging
-  tags:
-  - packages
-
- name: make systemd drop-in override dir
-  file: name=/etc/systemd/system/httpd.service.d
-        state=directory
-        recurse=yes
-        owner=root group=root
-  tags:
-  - config
-
- name: override httpd service to restart on failure
-  copy: dest=/etc/systemd/system/httpd.service.d/restart-on-fail.conf
-        src=restart-on-fail.conf
-  notify:
-    - reload systemd
-    - reload httpd
-  tags:
-  - config
-        
- name: Create /etc/ci-resultsdb-listener/
-  file: name=/etc/ci-resultsdb-listener/
-        state=directory
-        recurse=yes
-        owner=root group=root
-  tags:
-  - config
-
- name: generate ci-resultsdb config files
-  template: src={{ item.file }}
-            dest={{ item.location }}/{{ item.file }}
-            owner=root group=root mode=0644
-  with_items:
-  - { file: listener.cfg, location: /etc/ci-resultsdb-listener/}
-  - { file: config.toml, location: /etc/fedora-messaging/}
-  notify:
-    - reload httpd
-  tags:
-  - config
-
- name: Start and enable the fedora-messaging service
-  service: name={{ item }} enabled=yes state=started
-  with_items:
-  - fm-consumer@config.service
--- a/roles/ci_resultsdb/templates/config.toml
+++ b/roles/ci_resultsdb/templates/config.toml
@ -1,96 +0,0 @@
-# A sample configuration for fedora-messaging. This file is in the TOML format.
-# For complete details on all configuration options, see the documentation
-# https://fedora-messaging.readthedocs.io/en/latest/configuration.html.
-
-amqp_url = "amqps://resultsdb{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
-
-
-{% if env == "staging" %}
-topic_prefix = "org.fedoraproject.stg"
-{% else %}
-topic_prefix = "org.fedoraproject.prod"
-{% endif %}
-
-publish_exchange = "amq.topic"
-passive_declares = true
-
-callback = "resultsdb_listener.consumer:Consumer"
-
-
-[queues."resultsdb{{ env_suffix }}_ci_listener"]
-durable = true
-auto_delete = false
-exclusive = true
-arguments = {}
-
-# Note the double brackets below.
-# To add another binding, add another [[bindings]] section.
-[[bindings]]
-queue = "resultsdb{{ env_suffix }}_ci_listener"
-exchange = "amq.topic"
-routing_keys = [
-    'org.centos.prod.ci.pipeline.allpackages-build.complete',
-    'org.centos.prod.ci.pipeline.allpackages-build.image.complete',
-    'org.centos.prod.ci.pipeline.allpackages-build.package.test.functional.complete',
-    'org.centos.prod.ci.pipeline.allpackages-build.package.complete',
-    'org.centos.prod.ci.pipeline.allpackages-build.package.ignored',
-    'org.centos.prod.ci.koji-build.test.queued',
-    'org.centos.prod.ci.koji-build.test.running',
-    'org.centos.prod.ci.koji-build.test.complete',
-    'org.centos.prod.ci.koji-build.test.error',
-    {% if  env == "staging" -%}
-    'org.centos.stage.ci.pipeline.allpackages-build.complete',
-    'org.centos.stage.ci.pipeline.allpackages-build.image.complete',
-    'org.centos.stage.ci.pipeline.allpackages-build.package.test.functional.complete',
-    'org.centos.stage.ci.pipeline.allpackages-build.package.complete',
-    'org.centos.stage.ci.pipeline.allpackages-build.package.ignored',
-    'org.centos.stage.ci.koji-build.test.queued',
-    'org.centos.stage.ci.koji-build.test.running',
-    'org.centos.stage.ci.koji-build.test.complete',
-    'org.centos.stage.ci.koji-build.test.error',
-    {%- endif %}
-]
-
-[tls]
-ca_cert = "/etc/pki/rabbitmq/resultsdb.ca"
-keyfile = "/etc/pki/rabbitmq/resultsdb.key"
-certfile = "/etc/pki/rabbitmq/resultsdb.crt"
-
-[client_properties]
-app = "resultsdb_listener"
-# Some suggested extra fields:
-# URL of the project that provides this consumer
-app_url = "https://pagure.io/ci-resultsdb-listener/"
-# Contact emails for the maintainer(s) of the consumer - in case the
-# broker admin needs to contact them, for e.g.
-app_contacts_email = ["pingou@fedoraproject.org"]
-
-[qos]
-prefetch_size = 0
-prefetch_count = 25
-
-[log_config]
-version = 1
-disable_existing_loggers = true
-
-[log_config.formatters.simple]
-format = "[%(name)s %(levelname)s] %(message)s"
-
-[log_config.handlers.console]
-class = "logging.StreamHandler"
-formatter = "simple"
-stream = "ext://sys.stdout"
-
-[log_config.loggers.fedora_messaging]
-level = "INFO"
-propagate = false
-handlers = ["console"]
-
-[log_config.loggers.resultsdb_listener]
-level = "DEBUG"
-propagate = false
-handlers = ["console"]
-
-[log_config.root]
-level = "WARNING"
-handlers = ["console"]
--- a/roles/ci_resultsdb/templates/listener.cfg
+++ b/roles/ci_resultsdb/templates/listener.cfg
@ -1,6 +0,0 @@
-[general]
-datagrepper_url = https://apps.fedoraproject.org/datagrepper/raw
-
-[sender]
-sender_type = ResultsdbSender
-resultsdb_url = http://127.0.0.1/resultsdb_api/api/v2.0/
--- a/roles/distgit/pagure/templates/pagure.cfg
+++ b/roles/distgit/pagure/templates/pagure.cfg
@ -243,11 +243,11 @@ REQUIRED_GROUPS = {
 }

 {% if env == 'staging' %}
-RESULTSDB_URL = 'https://taskotron.stg.fedoraproject.org/resultsdb_api/'
+RESULTSDB_URL = 'https://resultsdb.stg.fedoraproject.org/'
 FAS_URL = 'https://accounts.stg.fedoraproject.org'
 FAS_OPENID_ENDPOINT = 'https://id.stg.fedoraproject.org/openid/'
 {% else %}
-RESULTSDB_URL = 'https://taskotron.fedoraproject.org/resultsdb_api/'
+RESULTSDB_URL = 'https://resultsdb.fedoraproject.org/'
 FAS_URL = 'https://accounts.fedoraproject.org'
 {% endif %}

--- a/roles/taskotron/resultsdb-backend/defaults/main.yml
+++ b/roles/taskotron/resultsdb-backend/defaults/main.yml
@ -1,2 +0,0 @@
---
-extra_enablerepos: ''
--- a/roles/taskotron/resultsdb-backend/tasks/main.yml
+++ b/roles/taskotron/resultsdb-backend/tasks/main.yml
@ -1,112 +0,0 @@
---
- name: start httpd (provided in the apache role)
-  service: name=httpd state=started
-
- name: ensure packages required for resultsdb are installed (yum - required for testdays)
-  package: 
-    state: present
-    name:
-    - resultsdb
-    - mod_wsgi
-    - python-psycopg2
-    - libsemanage-python
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
-
- name: ensure packages required for resultsdb are installed (dnf)
-  dnf: name={{ item }} state=present
-  with_items:
-    - resultsdb
-    - python3-mod_wsgi
-    - python3-psycopg2
-    - python3-libsemanage
-    - logrotate
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
-
- name: ensure packages required for resultsdb are installed (dnf)
-  dnf: name={{ item }} state=present
-  with_items:
-    - resultsdb
-    - python3-mod_wsgi
-    - python3-psycopg2
-    - python2-libsemanage
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
-
- name: ensure database is created
-  delegate_to: "{{ resultsdb_db_host_machine }}"
-  become_user: postgres
-  become: true
-  postgresql_db: db={{ resultsdb_db_name }}
-
- name: ensure resultsdb db user has access to database
-  delegate_to: "{{ resultsdb_db_host_machine }}"
-  become_user: postgres
-  become: true
-  postgresql_user: db={{ resultsdb_db_name }} user={{ resultsdb_db_user }} password={{ resultsdb_db_password }} role_attr_flags=NOSUPERUSER
-
- name: ensure selinux lets httpd talk to postgres
-  seboolean: name=httpd_can_network_connect_db persistent=yes state=yes
-
- name: ensure selinux lets fedora-messaging emit messages
-  seboolean: name=httpd_execmem persistent=yes state=yes
-
- name: generate resultsdb config
-  template: src=settings.py.j2 dest=/etc/resultsdb/settings.py owner=root group=root mode=0644
-  notify:
-    - reload httpd
-
- name: generate resultsdb apache config
-  template: src=resultsdb.conf.j2 dest=/etc/httpd/conf.d/resultsdb.conf owner=root group=root mode=0644
-  notify:
-    - reload httpd
-
- name: create directory for fedora-messaging
-  file:
-    path: "{{ item }}"
-    owner: root
-    group: root
-    mode: 0755
-    state: directory
-  with_items:
-    - "/etc/pki/rabbitmq/"
-    - "/etc/fedora-messaging"
-  tags:
-    - fedora-messaging
-
- name: copy fedora-messaging certificates
-  copy:
-    src: "{{ item.src }}"
-    dest: "/etc/pki/rabbitmq/{{ item.dest }}"
-    owner: "{{ item.owner }}"
-    group: "{{ item.group }}"
-    mode: "{{ item.mode }}"
-  with_items:
-    - src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/resultsdb{{ env_suffix }}.crt"
-      dest: resultsdb.crt
-      owner: root
-      group: apache
-      mode: "444"
-    - src: "{{private}}/files/rabbitmq/{{env}}/pki/private/resultsdb{{ env_suffix }}.key"
-      dest: resultsdb.key
-      owner: root
-      group: apache
-      mode: "440"
-    - src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
-      dest: resultsdb.ca
-      owner: root
-      group: apache
-      mode: "444"
-  tags:
-    - fedora-messaging
-
- name: generate fedora-messaging config
-  template: src=config.toml.j2 dest=/etc/fedora-messaging/config.toml owner=root group=root mode=0644
-  notify:
-    - reload httpd
-  tags:
-    - fedora-messaging
-
-# this command will clear the exising database and it's now being run every time, regardless of whether
-# /etc/resultsdb-is-init exists or not. We've already lost a lot of data, so commenting this command out
-# while we figure out how to handle the problem
-#- name: initialize resultsdb database
-#  shell: PROD='true' resultsdb init_db && touch /etc/resultsdb/db-is-init creates=/etc/resultsdb-is-init
--- a/roles/taskotron/resultsdb-backend/templates/config.toml.j2
+++ b/roles/taskotron/resultsdb-backend/templates/config.toml.j2
@ -1,19 +0,0 @@
-# Configuration for fedora-messaging. This file is in the TOML format.
-# For complete details on all configuration options, see the documentation.
-
-{% if ansible_hostname == "resultsdb01.iad2.fedoraproject.org" %}
-amqp_url = "amqps://resultsdb{{ env_suffix }}:@rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org/%2Fpubsub"
-{% else %}
-amqp_url = "amqps://resultsdb{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
-{% endif %}
-
-{% if env == "staging" %}
-    topic_prefix = "org.fedoraproject.stg"
-{% else %}
-    topic_prefix = "org.fedoraproject.prod"
-{% endif %}
-
-[tls]
-ca_cert = "/etc/pki/rabbitmq/resultsdb.ca"
-keyfile = "/etc/pki/rabbitmq/resultsdb.key"
-certfile = "/etc/pki/rabbitmq/resultsdb.crt"
--- a/roles/taskotron/resultsdb-backend/templates/resultsdb.conf.j2
+++ b/roles/taskotron/resultsdb-backend/templates/resultsdb.conf.j2
@ -1,38 +0,0 @@
-{% if deployment_type in ['stg', 'prod'] %}
-WSGIDaemonProcess resultsdb user=apache group=apache threads=20 processes=4
-{% else %}
-WSGIDaemonProcess resultsdb user=apache group=apache threads=5
-{% endif %}
-WSGIScriptAlias /{{ resultsdb_endpoint }} /usr/share/resultsdb/resultsdb.wsgi
-WSGISocketPrefix run/wsgi
-
-# this isn't the best way to force SSL but it works for now
-#RewriteEngine On
-#RewriteCond %{HTTPS} !=on
-#RewriteRule ^/resultsdb/admin/?(.*) https://%{SERVER_NAME}/$1 [R,L]
-
-<Directory /usr/share/resultsdb>
-    WSGIProcessGroup resultsdb
-    WSGIApplicationGroup %{GLOBAL}
-    WSGIScriptReloading On
-    <IfModule mod_authz_core.c>
-        # Apache 2.4
-        <RequireAny>
-            Require method GET
-            Require ip 127.0.0.1 ::1{% for host in allowed_hosts %} {{ host }}{% endfor %}
-
-        </RequireAny>
-    </IfModule>
-    <IfModule !mod_auth_core.c>
-        Order allow,deny
-        Allow from all
-    </IfModule>
-
-</Directory>
-
-#Alias /resultsdb/static /var/www/resultsdb/resultsdb/static
-
-#<Directory /var/www/resultsdb/resultsdb/static>
-#Order allow,deny
-#Allow from all
-#</Directory>
--- a/roles/taskotron/resultsdb-backend/templates/settings.py.j2
+++ b/roles/taskotron/resultsdb-backend/templates/settings.py.j2
@ -1,26 +0,0 @@
-SECRET_KEY = '{{ resultsdb_secret_key }}'
-SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://{{ resultsdb_db_user }}:{{ resultsdb_db_password }}@{{ resultsdb_db_host }}:{{ resultsdb_db_port }}/{{ resultsdb_db_name }}'
-FILE_LOGGING = False
-LOGFILE = '/var/log/resultsdb/resultsdb.log'
-SYSLOG_LOGGING = False
-STREAM_LOGGING = True
-
-{% if deployment_type in ['local', 'dev']%}
-MESSAGE_BUS_PUBLISH = False
-MESSAGE_BUS_PUBLISH_TASKOTRON = False
-{% else %}
-MESSAGE_BUS_PUBLISH = True
-MESSAGE_BUS_PUBLISH_TASKOTRON = True
-{% endif %}
-
-MESSAGE_BUS_PLUGIN = 'fedmsg'
-MESSAGE_BUS_KWARGS = {'modname': 'resultsdb'}
-{% if deployment_type in ['local'] %}
-# This is for the Testdays deployment
-MESSAGE_BUS_PLUGIN = 'dummy'
-{% endif %}
-
-
-# Extend the list of allowed outcomes
-# See: https://pagure.io/task-abicheck/issue/19
-ADDITIONAL_RESULT_OUTCOMES = ('CRASHED', )
--- a/roles/taskotron/resultsdb-fedmsg/tasks/main.yml
+++ b/roles/taskotron/resultsdb-fedmsg/tasks/main.yml
@ -1,2 +0,0 @@
- name: ensure selinux lets httpd talk to the fedmsg-relay
-  seboolean: name=httpd_can_network_connect persistent=yes state=yes
--- a/roles/taskotron/resultsdb-frontend/defaults/main.yml
+++ b/roles/taskotron/resultsdb-frontend/defaults/main.yml
@ -1,2 +0,0 @@
---
-extra_enablerepos: ''
--- a/roles/taskotron/resultsdb-frontend/tasks/main.yml
+++ b/roles/taskotron/resultsdb-frontend/tasks/main.yml
@ -1,38 +0,0 @@
---
- name: start httpd (provided in the apache role)
-  service: name=httpd state=started
-
- name: ensure packages required for resultsdb_frontend are installed (yum - required for testdays)
-  package: 
-    state: present
-    name:
-    - resultsdb_frontend
-    - mod_wsgi
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
-
- name: ensure packages required for resultsdb_frontend are installed (dnf)
-  dnf: name={{ item }} state=present
-  with_items:
-    - resultsdb_frontend
-    - python3-mod_wsgi
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
-
- name: ensure packages required for resultsdb_frontend are installed (dnf)
-  dnf: name={{ item }} state=present
-  with_items:
-    - resultsdb_frontend
-    - python3-mod_wsgi
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
-
- name: ensure selinux lets httpd talk to the network
-  seboolean: name=httpd_can_network_connect persistent=yes state=yes
-
- name: generate resultsdb_frontend config
-  template: src=settings.py.j2 dest=/etc/resultsdb_frontend/settings.py owner=root group=root mode=0644
-  notify:
-    - reload httpd
-
- name: generate resultsdb_frontend apache config
-  template: src=resultsdb_frontend.conf.j2 dest=/etc/httpd/conf.d/resultsdb_frontend.conf owner=root group=root mode=0644
-  notify:
-    - reload httpd
--- a/roles/taskotron/resultsdb-frontend/templates/resultsdb_frontend.conf.j2
+++ b/roles/taskotron/resultsdb-frontend/templates/resultsdb_frontend.conf.j2
@ -1,35 +0,0 @@
-{% if deployment_type in ['stg', 'prod'] %}
-WSGIDaemonProcess resultsdb_frontend user=apache group=apache threads=20 processes=4
-{% else %}
-WSGIDaemonProcess resultsdb_frontend user=apache group=apache threads=5
-{% endif %}
-WSGIScriptAlias /{{ resultsdb_fe_endpoint }} /usr/share/resultsdb_frontend/resultsdb_frontend.wsgi
-WSGISocketPrefix run/wsgi
-
-# this isn't the best way to force SSL but it works for now
-#RewriteEngine On
-#RewriteCond %{HTTPS} !=on
-#RewriteRule ^/resultsdb_frontend/admin/?(.*) https://%{SERVER_NAME}/$1 [R,L]
-
-<Directory /usr/share/resultsdb_frontend>
-    WSGIProcessGroup resultsdb_frontend
-    WSGIApplicationGroup %{GLOBAL}
-    WSGIScriptReloading On
-    <IfModule mod_authz_core.c>
-        # Apache 2.4
-        Require all granted
-    </IfModule>
-    <IfModule !mod_auth_core.c>
-        Order allow,deny
-        Allow from all
-    </IfModule>
-
-</Directory>
-
-#Alias /resultsdb_frontend/static /var/www/resultsdb_frontend/resultsdb_frontend/static
-
-#<Directory /var/www/resultsdb_frontend/resultsdb_frontend/static>
-#Order allow,deny
-#Allow from all
-#</Directory>
-
--- a/roles/taskotron/resultsdb-frontend/templates/settings.py.j2
+++ b/roles/taskotron/resultsdb-frontend/templates/settings.py.j2
@ -1,9 +0,0 @@
-# while you can use this as a template, we recommend that you use the blockerbugs
-# cli to generate a config file
-RDB_URL = 'http://127.0.0.1/{{ resultsdb_endpoint }}/api/v2.0'
-SECRET_KEY = '{{ resultsdb_frontend_secret_key }}'
-
-FILE_LOGGING = False
-LOGFILE = '/var/log/resultsdb_frontend/resultsdb_frontend.log'
-SYSLOG_LOGGING = False
-STREAM_LOGGING = True