Add the Easyfix rewrite for testing in staging

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

playbooks/openshift-apps/easyfix.yml

@@ -0,0 +1,76 @@
+#
+# Fedora Project easyfixes
+#
+
+- name: make the app be real
+  # hosts: os_control_stg:os_control
+  hosts: os_control_stg
+  user: root
+  gather_facts: False
+
+  vars_files:
+    - /srv/web/infra/ansible/vars/global.yml
+    - /srv/private/ansible/vars.yml
+    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  vars:
+
+  roles:
+    - role: openshift/project
+      app: easyfix
+      description: "Easyfixes"
+      appowners:
+        - abompard
+      tags:
+        - apply-appowners
+
+    - role: openshift/object
+      app: easyfix
+      file: imagestream.yml
+      objectname: imagestream.yml
+
+    - role: openshift/object
+      app: easyfix
+      template: buildconfig.yml
+      objectname: buildconfig.yml
+
+    - role: openshift/object
+      app: easyfix
+      file: storage.yml
+      objectname: storage.yml
+
+    - role: openshift/object
+      app: easyfix
+      template: configmap.yml
+      objectname: configmap.yml
+
+    - role: openshift/object
+      app: easyfix
+      file: service.yml
+      objectname: service.yml
+
+    # Routes
+    - role: openshift/route
+      app: easyfix
+      routename: web
+      host: "easyfix.apps.ocp{{ env_suffix }}.fedoraproject.org"
+      servicename: web
+      serviceport: web
+      annotations:
+        haproxy.router.openshift.io/timeout: 5m
+
+    - role: openshift/object
+      app: easyfix
+      template: secret-webhook.yml
+      objectname: secret-webhook.yml
+
+    - role: openshift/object
+      app: easyfix
+      template: deploymentconfig.yml
+      objectname: deploymentconfig.yml
+
+    # Cron jobs
+    - role: openshift/object
+      app: easyfix
+      template: cron.yml
+      objectname: cron.yml

roles/openshift-apps/easyfix/files/imagestream.yml

@@ -0,0 +1,25 @@
+apiVersion: image.openshift.io/v1
+kind: List
+items:
+  # The main easyfix image
+  - apiVersion: image.openshift.io/v1
+    kind: ImageStream
+    metadata:
+      name: easyfix
+  # The Python 3.11 builder image
+  - apiVersion: image.openshift.io/v1
+    kind: ImageStream
+    metadata:
+      name: python-311
+    spec:
+      lookupPolicy:
+        local: false
+      tags:
+        - name: latest
+          from:
+            kind: DockerImage
+            name: quay.io/fedora/python-311:latest
+          importPolicy:
+            scheduled: true
+          referencePolicy:
+            type: Source

roles/openshift-apps/easyfix/files/service.yml

@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: web
+  labels:
+    app: easyfix
+spec:
+  ports:
+    - name: web
+      port: 8080
+      targetPort: 8080
+  selector:
+    app: easyfix
+    deploymentconfig: web

roles/openshift-apps/easyfix/templates/buildconfig.yml

@@ -0,0 +1,39 @@
+{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
+---
+apiVersion: build.openshift.io/v1
+kind: BuildConfig
+metadata:
+  name: easyfix
+  labels:
+    app: easyfix
+    build: easyfix
+spec:
+  runPolicy: Serial
+  source:
+    type: Git
+    git:
+      uri: https://github.com/fedora-infra/fedora-gather-easyfix.git
+      ref: {{ (env == 'production')|ternary('stable', 'develop') }}
+    contextDir: /
+  strategy:
+    type: Source
+    sourceStrategy:
+      from:
+        kind: ImageStreamTag
+        # name: python:3.11
+        # namespace: openshift
+        # OpenShift does not have Python 3.11 (yet), use our own ImageStream
+        name: python-311:latest
+  output:
+    to:
+      kind: ImageStreamTag
+      name: easyfix:latest
+  triggers:
+  - type: ConfigChange
+  - type: ImageChange
+  - type: GitHub
+    github:
+      # Not sure why secretReference does not work, but it doesn't.
+      # secretReference:
+      #   name: easyfix-github-webook
+      secret: "{{ (env == 'production')|ternary(easyfix_prod_github_secret, easyfix_stg_github_secret) }}"

roles/openshift-apps/easyfix/templates/config.toml

@@ -0,0 +1,7 @@
+output = "/srv"
+template = "fedora_gather_easyfix/template.html"
+repo_source = "wiki"
+wiki_url = "https://fedoraproject.org/w/"
+
+[cache]
+backend = "dogpile.cache.null"

roles/openshift-apps/easyfix/templates/configmap.yml

@@ -0,0 +1,15 @@
+{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
+---
+apiVersion: v1
+kind: List
+metadata: {}
+items:
+- apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: config
+    labels:
+      app: easyfix
+  data:
+    config.toml: |-
+      {{ load_file('config.toml') | indent(6) }}

roles/openshift-apps/easyfix/templates/cron.yml

@@ -0,0 +1,36 @@
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: build
+spec:
+  successfulJobsHistoryLimit: 3
+  failedJobsHistoryLimit: 3
+  concurrencyPolicy: Forbid
+  schedule: "51 * * * *"
+  startingDeadlineSeconds: 500
+  jobTemplate:
+    spec:
+      template:
+        metadata:
+          labels:
+            parent: "cleanup"
+        spec:
+          restartPolicy: Never
+          containers:
+          - name: easyfix
+            image: image-registry.openshift-image-registry.svc:5000/easyfix/easyfix:latest
+            command: ["/opt/app-root/bin/fedora-gather-easyfix", "-c", "/etc/easyfix/config.toml"]
+            volumeMounts:
+              - name: config
+                mountPath: "/etc/easyfix"
+                readOnly: true
+              - name: data
+                mountPath: "/srv"
+          volumes:
+            - name: config
+              configMap:
+                name: config
+            - name: data
+              persistentVolumeClaim:
+                  claimName: data

roles/openshift-apps/easyfix/templates/deploymentconfig.yml

@@ -0,0 +1,69 @@
+---
+apiVersion: apps.openshift.io/v1
+kind: DeploymentConfig
+metadata:
+  name: web
+  labels:
+    app: easyfix
+spec:
+  replicas: 1
+  selector:
+    app: easyfix
+    deploymentconfig: web
+  strategy:
+    type: Rolling
+    activeDeadlineSeconds: 21600
+    rollingParams:
+      intervalSeconds: 1
+      maxSurge: 25%
+      maxUnavailable: 25%
+      timeoutSeconds: 600
+      updatePeriodSeconds: 1
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: easyfix
+        deploymentconfig: web
+    spec:
+      containers:
+        - name: easyfix
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8080
+          volumeMounts:
+            - name: httpdir-volume
+              mountPath: /httpdir
+            - name: data
+              mountPath: /srv
+          env:
+            - name: APP_SCRIPT
+              value: ".s2i/run-httpd.sh"
+          readinessProbe:
+            timeoutSeconds: 1
+            initialDelaySeconds: 5
+            httpGet:
+              path: /
+              port: 8080
+          livenessProbe:
+            timeoutSeconds: 1
+            initialDelaySeconds: 20
+            httpGet:
+              path: /
+              port: 8080
+      volumes:
+        - name: httpdir-volume
+          emptyDir: {}
+        - name: data-volume
+          persistentVolumeClaim:
+            claimName: data
+  triggers:
+    - type: ConfigChange
+    - type: ImageChange
+      imageChangeParams:
+        automatic: true
+        containerNames:
+          - easyfix
+        from:
+          kind: ImageStreamTag
+          name: easyfix:latest

roles/openshift-apps/easyfix/templates/storage.yml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: data
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 10Gi
+  storageClassName: ""