badges: try to get the badges-web deployment working

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
2024-04-04 12:32:26 +10:00 · 2024-04-04 12:32:26 +10:00 · 6acd8c0414
commit 6acd8c0414
parent 3cedae6138
3 changed files with 154 additions and 9 deletions
--- a/roles/openshift-apps/badges/files/deploymentconfig.yml
+++ b/roles/openshift-apps/badges/files/deploymentconfig.yml
@ -29,6 +29,9 @@ spec:
    spec:
      containers:
        - name: frontend
+            image: tahrir:latest
+            command: ["gunicorn"]
+            args: ["--paste", "/etc/badges/tahrir.ini", "-b", "0.0.0.0:8080", "-w", "4", "--log-level", "DEBUG", "-k", "gthread", "--threads", "2", "--preload", "--log-file=-"]
          imagePullPolicy: Always
          ports:
            - containerPort: 8080
@ -56,15 +59,15 @@ spec:
              readOnly: true

          env:
-            - name: APP_MODULE
-              value: "deploy.wsgi"
-            - name: APP_CONFIG
-              value: "/etc/noggin/gunicorn.conf.py"
-            - name: OIDC_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: badges
-                  key: oidc-client-secret
+            # - name: APP_MODULE
+            #   value: "deploy.wsgi"
+            # - name: APP_CONFIG
+            #   value: "/etc/noggin/gunicorn.conf.py"
+            # - name: OIDC_CLIENT_SECRET
+            #   valueFrom:
+            #     secretKeyRef:
+            #       name: badges
+            #       key: oidc-client-secret
            - name: KRB5_CONFIG
              value: /etc/ipa/krb5.conf
            - name: KRB5_CLIENT_KTNAME
--- a/roles/openshift-apps/badges/templates/configmap.yml
+++ b/roles/openshift-apps/badges/templates/configmap.yml
@ -17,3 +17,5 @@ items:
      {{ load_file('fm-fedbadges.toml') | indent(6) }}
    checkout-rules-repo.sh: |-
      {{ load_file('checkout-rules-repo.sh') | indent(6) }}
+    tahrir.ini: |-
+      {{ load_file('tahrir.ini') | indent(6) }}
--- a/roles/openshift-apps/badges/templates/tahrir.ini
+++ b/roles/openshift-apps/badges/templates/tahrir.ini
@ -0,0 +1,140 @@
+[pipeline:main]
+pipeline =
+    pyramid
+
+[app:pyramid]
+
+use = egg:tahrir
+
+#pyramid.reload_templates = true
+pyramid.default_locale_name = en
+pyramid.includes =
+    pyramid_tm
+
+{% if env == 'staging' %}
+sqlalchemy.url = postgresql://{{tahrirDBUser}}:{{tahrirstgDBPassword}}@db01.stg.iad2.fedoraproject.org/tahrir
+{% else %}
+sqlalchemy.url = postgresql://{{tahrirDBUser}}:{{tahrirDBPassword}}@db-tahrir/tahrir
+{% endif %}
+
+mako.directories=tahrir:templates
+
+tahrir.admin = nb@fedoraproject.org, siddharthvipul1@fedoraproject.org, sayanchowdhury@fedoraproject.org, kevin@fedoraproject.org, jflory7@fedoraproject.org, codeblock@fedoraproject.org, churchyard@fedoraproject.org, misc@fedoraproject.org, computerkid@fedoraproject.org, dustymabe@fedoraproject.org, gui1ty@fedoraproject.org, riecatnor@fedoraproject.org, smeragoel@fedoraproject.org, sumantrom@fedoraproject.org, ekidney@fedoraproject.org, t0xic0der@fedoraproject.org
+
+tahrir.pngs.uri = /usr/share/badges/pngs
+
+# disabled, trying to see if this fix this bug
+# https://pagure.io/fedora-infrastructure/issue/8689
+dogpile.cache.backend = dogpile.cache.null
+dogpile.cache.expiration_time = 100
+dogpile.cache.arguments.url = memcached01:11211
+dogpile.cache.arguments.distributed_lock = True
+dogpile.cache.arguments.lock_timeout = 5
+
+{% if env == 'staging' %}
+tahrir.title = Fedora Badges (staging!)
+tahrir.base_url = https://badges.apps.ocp.stg.fedoraproject.org/
+tahrir.openid_identifier = http://id.stg.fedoraproject.org/
+tahrir.trusted_openid = ^http(s)?:\/\/([a-zA-Z0-9-]+\.)?id\.stg\.fedoraproject\.org\/?$
+tahrir.openid_realm = https://badges.stg.fedoraproject.org
+tahrir.websocket.topic = org.fedoraproject.stg.fedbadges.badge.award
+#fedmenu.url = https://apps.stg.fedoraproject.org/fedmenu
+#fedmenu.data_url = https://apps.stg.fedoraproject.org/js/data.js
+{% else %}
+tahrir.title = Fedora Badges
+tahrir.base_url = https://badges.fedoraproject.org
+tahrir.openid_identifier = http://id.fedoraproject.org/
+tahrir.trusted_openid = ^http(s)?:\/\/([a-zA-Z0-9-]+\.)?id\.fedoraproject\.org(/)?$
+tahrir.openid_realm = https://badges.fedoraproject.org
+tahrir.websocket.topic = org.fedoraproject.prod.fedbadges.badge.award
+#fedmenu.url = https://apps.fedoraproject.org/fedmenu
+#fedmenu.data_url = https://apps.fedoraproject.org/js/data.js
+{% endif %}
+tahrir.secure_cookies = True
+tahrir.httponly_cookies = True
+tahrir.allow_changenick = False
+
+# Only allow @fedoraproject.org emails
+tahrir.use_openid_email = False
+
+# For auto-updating the frontpage.
+tahrir.use_websockets = False
+
+# For emitting messages when users claim badge invitations.
+tahrir.use_fedmsg = False
+
+tahrir.default_issuer = fedora-project
+tahrir.sitedocs_dir = /usr/share/badges/sitedocs/
+
+tahrir.display_tags = content,development,community,quality,event,miscellaneous
+
+tahrir.social.twitter = True
+tahrir.social.twitter_user_text = Check out all these #fedorabadges :trophy:
+tahrir.social.twitter_user_hash = #fedora
+tahrir.social.gplus = True
+
+
+{% if env == 'staging' %}
+session.secret="{{tahrirstgSessionSecret}}"
+authnsecret="{{tahrirstgAuthnSecret}}"
+{% else %}
+session.secret="{{tahrirSessionSecret}}"
+authnsecret="{{tahrirAuthnSecret}}"
+{% endif %}
+
+moksha.domain = fedoraproject.org
+
+moksha.notifications = False
+moksha.socket.notify = False
+
+moksha.livesocket = True
+moksha.livesocket.backend = websocket
+moksha.livesocket.reconnect_interval = 5000
+moksha.livesocket.websocket.scheme = wss
+moksha.livesocket.websocket.port = 9939
+{% if env == 'staging' %}
+moksha.livesocket.websocket.host = stg.fedoraproject.org
+{% else %}
+moksha.livesocket.websocket.host = hub.fedoraproject.org
+{% endif %}
+
+
+
+# Begin logging configuration
+
+[loggers]
+keys = root, tahrir, sqlalchemy
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = INFO
+handlers = console
+
+[logger_tahrir]
+level = DEBUG
+handlers =
+qualname = tahrir
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+# "level = INFO" logs SQL queries.
+# "level = DEBUG" logs SQL queries and results.
+# "level = WARN" logs neither.  (Recommended for production systems.)
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s
+
+# End logging configuration