diff --git a/playbooks/openshift-apps/elections.yml b/playbooks/openshift-apps/elections.yml new file mode 100644 index 0000000000..76b3878231 --- /dev/null +++ b/playbooks/openshift-apps/elections.yml @@ -0,0 +1,52 @@ +- name: make the app be real + hosts: os-masters-stg[0] + user: root + gather_facts: False + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + - role: openshift/project + app: elections + description: Fedora Elections apps + appowners: + - cverna + - pingou + - role: openshift/object + app: elections + template: imagestream.yml + objectname: imagestream.yml + - role: openshift/object + app: elections + template: buildconfig.yml + objectname: buildconfig.yml + + - role: openshift/object + app: elections + template: configmap.yml + objectname: configmap.yml + + - role: openshift/start-build + app: elections + buildname: elections-build + objectname: elections-build + + - role: openshift/object + app: elections + file: service.yml + objectname: service.yml + + - role: openshift/route + app: elections + routename: elections + host: "elections{{ env_suffix }}.fedoraproject.org" + serviceport: 8080-tcp + servicename: elections + + - role: openshift/object + app: elections + file: deploymentconfig.yml + objectname: deploymentconfig.yml diff --git a/roles/openshift-apps/elections/files/deploymentconfig.yml b/roles/openshift-apps/elections/files/deploymentconfig.yml new file mode 100644 index 0000000000..bcda9373db --- /dev/null +++ b/roles/openshift-apps/elections/files/deploymentconfig.yml @@ -0,0 +1,69 @@ +--- +apiVersion: v1 +kind: DeploymentConfig +metadata: + labels: + app: elections + service: elections + name: elections +spec: + replicas: 1 + selector: + app: elections + deploymentconfig: elections + strategy: + type: Recreate + recreateParams: +# mid: +# failurePolicy: Abort +# execNewPod: +# containerName: elections +# command: ["alembic", "upgrade", "head", "-c", "/opt/app-root/config/alembic.ini"] +# env: +# - name: PYTHONPATH +# value: /opt/app-root/src +# volumes: +# - config-volume + template: + metadata: + labels: + app: elections + deploymentconfig: elections + spec: + containers: + - name: elections + image: elections:latest + ports: + - containerPort: 8080 + resources: {} + volumeMounts: + - name: config-volume + mountPath: /opt/app-root/config/ + readOnly: true + readinessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 5 + httpGet: + path: / + port: 8080 + livenessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 30 + httpGet: + path: / + port: 8080 + volumes: + - name: config-volume + configMap: + name: elections-configmap + + triggers: + - type: ConfigChange + - type: ImageChange + imageChangeParams: + automatic: true + containerNames: + - elections + from: + kind: ImageStreamTag + name: elections:latest diff --git a/roles/openshift-apps/elections/files/service.yml b/roles/openshift-apps/elections/files/service.yml new file mode 100644 index 0000000000..2cd7584c8c --- /dev/null +++ b/roles/openshift-apps/elections/files/service.yml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: elections + name: elections +spec: + ports: + - name: 8080-tcp + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app: elections + deploymentconfig: elections diff --git a/roles/openshift-apps/elections/templates/alembic.ini b/roles/openshift-apps/elections/templates/alembic.ini new file mode 100644 index 0000000000..3450a4ef70 --- /dev/null +++ b/roles/openshift-apps/elections/templates/alembic.ini @@ -0,0 +1,50 @@ +# A generic, single database configuration. + +[alembic] +# path to migration scripts +script_location = /usr/share/fedora-elections/alembic + +# template used to generate migration files +# file_template = %%(rev)s_%%(slug)s + +# set to 'true' to run the environment during +# the 'revision' command, regardless of autogenerate +# revision_environment = false + +sqlalchemy.url = postgresql://{{ elections_db_user }}:{{ elections_db_pass }}@{{ elections_db_host }}/{{ elections_db_name }} + + +# Logging configuration +[loggers] +keys = root,sqlalchemy,alembic + +[handlers] +keys = console + +[formatters] +keys = generic + +[logger_root] +level = WARN +handlers = console +qualname = + +[logger_sqlalchemy] +level = WARN +handlers = +qualname = sqlalchemy.engine + +[logger_alembic] +level = INFO +handlers = +qualname = alembic + +[handler_console] +class = StreamHandler +args = (sys.stderr,) +level = NOTSET +formatter = generic + +[formatter_generic] +format = %(levelname)-5.5s [%(name)s] %(message)s +datefmt = %H:%M:%S diff --git a/roles/openshift-apps/elections/templates/buildconfig.yml b/roles/openshift-apps/elections/templates/buildconfig.yml new file mode 100644 index 0000000000..d64027982f --- /dev/null +++ b/roles/openshift-apps/elections/templates/buildconfig.yml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: BuildConfig +metadata: + name: elections-build + labels: + environment: "elections" +spec: + output: + to: + kind: ImageStreamTag + name: elections:latest + source: + type: Git + git: + uri: https://pagure.io/elections.git +{% if env == 'staging' %} + ref: "staging" +{% else %} + ref: "production" +{% endif %} + strategy: + type: Source + sourceStrategy: + from: + kind: ImageStreamTag + namespace: openshift + name: python:2.7 + triggers: + - type: ConfigChange + - type: ImageChange diff --git a/roles/openshift-apps/elections/templates/configmap.yml b/roles/openshift-apps/elections/templates/configmap.yml new file mode 100644 index 0000000000..75880f257e --- /dev/null +++ b/roles/openshift-apps/elections/templates/configmap.yml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: elections-configmap + labels: + app: elections +data: + alembic.ini: |- + {% include('alembic.ini') %} + fedora-elections.cfg: |- + {% include('fedora-elections.cfg') %} diff --git a/roles/openshift-apps/elections/templates/fedora-elections.cfg b/roles/openshift-apps/elections/templates/fedora-elections.cfg new file mode 100644 index 0000000000..8a65bf3a0d --- /dev/null +++ b/roles/openshift-apps/elections/templates/fedora-elections.cfg @@ -0,0 +1,56 @@ +# Beware that the quotes around the values are mandatory + +import os + +### Secret key for the Flask application +SECRET_KEY='{{ elections_secret_key }}' + +### url to the database server: +DB_URL='postgresql://{{ elections_db_user }}:{{ elections_db_pass }}@{{ elections_db_host }}/{{ elections_db_name }}' + +## One ore more FAS group that will have admin rights over the whole +## application, including all elections past, present and future +FEDORA_ELECTIONS_ADMIN_GROUP = 'elections' + + +## Fedora-elections can integrate with FAS to retrieve information about the +## candidates, the following configuration keys are required for this +## integration. +## URL of the FAS server to use +{% if env == 'staging' %} +FAS_BASE_URL = 'https://admin.stg.fedoraproject.org/accounts/' +{% else %} +FAS_BASE_URL = 'https://admin.fedoraproject.org/accounts/' +{% endif %} +FAS_USERNAME = '{{ fedorathirdpartyUser }}' +FAS_PASSWORD = '{{ fedorathirdpartyPassword }}' +## This should be ``True`` but should be changed to ``False`` if the FAS server +## used does not have a valid SSL certificate. +FAS_CHECK_CERT = True + +# This is required to fix login +PREFERRED_URL_SCHEME='https' + +# Make browsers send session cookie only via HTTPS +SESSION_COOKIE_SECURE = True +SESSION_COOKIE_NAME = 'elections' + +# Used by SESSION_COOKIE_PATH +APPLICATION_ROOT = '/voting/' + +DOGPILE_CACHE = { + 'backend': 'dogpile.cache.memcached', + 'arguments': { + 'url': ["memcached01:11211"], + 'distributed_lock': True, + }, +} + +## URLs to fedmenu resources +{% if env == 'staging' %} +FEDMENU_URL = 'https://apps.stg.fedoraproject.org/fedmenu' +FEDMENU_DATA_URL = 'https://apps.stg.fedoraproject.org/js/data.js' +{% else %} +FEDMENU_URL = 'https://apps.fedoraproject.org/fedmenu' +FEDMENU_DATA_URL = 'https://apps.fedoraproject.org/js/data.js' +{% endif %} diff --git a/roles/openshift-apps/elections/templates/imagestream.yml b/roles/openshift-apps/elections/templates/imagestream.yml new file mode 100644 index 0000000000..6939288ad4 --- /dev/null +++ b/roles/openshift-apps/elections/templates/imagestream.yml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: ImageStream +metadata: + name: elections +spec: + lookupPolicy: + local: false +status: + dockerImageRepository: ""