Add fedmsg config to release-monitoring.org OpenShift

Signed-off-by: Jeremy Cline <jcline@redhat.com>

playbooks/openshift-apps/release-monitoring.yml

@@ -15,6 +15,30 @@
     appowners:
     - jcline
     - zlopez
+  - role: openshift/secret-file
+    app: release-monitoring
+    secret_name: release-monitoring-fedmsg-key
+    key: fedmsg-release-monitoring.key
+    privatefile: fedmsg-certs/keys/release-monitoring.stg.release-monitoring.org.key
+    when: env == "staging"
+  - role: openshift/secret-file
+    app: release-monitoring
+    secret_name: release-monitoring-fedmsg-cert
+    key: fedmsg-release-monitoring.crt
+    privatefile: fedmsg-certs/keys/release-monitoring.stg.release-monitoring.org.crt
+    when: env == "staging"
+  - role: openshift/secret-file
+    app: release-monitoring
+    secret_name: release-monitoring-fedmsg-key
+    key: fedmsg-release-monitoring.key
+    privatefile: fedmsg-certs/keys/release-monitoring.release-monitoring.org.key
+    when: env != "staging"
+  - role: openshift/secret-file
+    app: release-monitoring
+    secret_name: release-monitoring-fedmsg-cert
+    key: fedmsg-release-monitoring.crt
+    privatefile: fedmsg-certs/keys/release-monitoring.release-monitoring.org.crt
+    when: env != "staging"
   - role: openshift/object
     app: release-monitoring
     file: imagestream.yml

roles/openshift-apps/release-monitoring/files/deploymentconfig.yml

@@ -47,6 +47,15 @@ items:
           - name: config-volume
             mountPath: /etc/anitya
             readOnly: true
+          - name: fedmsg-config-volume
+            mountPath: /etc/fedmsg.d/
+            readOnly: true
+          - name: fedmsg-key-volume
+            mountPath: /etc/pki/fedmsg/key
+            readOnly: true
+          - name: fedmsg-crt-volume
+            mountPath: /etc/pki/fedmsg/crt
+            readOnly: true
           readinessProbe:
             timeoutSeconds: 1
             initialDelaySeconds: 5
@@ -63,6 +72,15 @@ items:
         - name: config-volume
           configMap:
             name: release-monitoring-configmap
+        - name: fedmsg-config-volume
+          configMap:
+            name: fedmsg-configmap
+        - name: fedmsg-key-volume
+          secret:
+            secretName: release-monitoring-fedmsg-key
+        - name: fedmsg-crt-volume
+          secret:
+            secretName: release-monitoring-fedmsg-crt
     triggers:
     - imageChangeParams:
         automatic: true

roles/openshift-apps/release-monitoring/templates/configmap.yml

@@ -1,5 +1,9 @@
 ---
 apiVersion: v1
+kind: List
+metadata: {}
+items:
+- apiVersion: v1
   kind: ConfigMap
   metadata:
     name: release-monitoring-configmap
@@ -126,3 +130,30 @@ data:
       [formatter_generic]
       format = %(levelname)-5.5s [%(name)s] %(message)s
       datefmt = %H:%M:%S
+- apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: fedmsg-configmap
+    labels:
+      app: release-monitoring
+  data:
+    anitya.py: |-
+      import socket
+      config = {
+          "active": True,
+          "sign_messages": True,
+          "validate_signatures": True,
+          "crypto_backend": "x509",
+          "ssldir": "/etc/pki/fedmsg/"
+          "certnames": {
+              "release-monitoring." + socket.gethostname(): "release-monitoring",
+          },
+          "topic_prefix": "org.release-monitoring",
+{% if env == 'staging' %}
+          "environment": "stg",
+          "relay_inbound": ["tcp://busgateway01.stg.phx2.fedoraproject.org:9941"],
+{% else %}
+          "environment": "prod",
+          "relay_inbound": ["tcp://busgateway01.phx2.fedoraproject.org:9941"],
+{% endif %}
+      }