diff --git a/inventory/group_vars/openqa b/inventory/group_vars/openqa index fc554e4c24..9fbd74bc3c 100644 --- a/inventory/group_vars/openqa +++ b/inventory/group_vars/openqa @@ -11,6 +11,8 @@ openqa_dbpassword: "{{ prod_openqa_dbpassword }}" openqa_key: "{{ prod_openqa_apikey }}" openqa_secret: "{{ prod_openqa_apisecret }}" +openqa_webapi_plugins: Fedmsg FedoraUpdateRestart + # this is because openqa staging isn't really a staging host # we don't want to set env_suffix to stg on it because that may # break some other plays, but we do need the env suffix for the diff --git a/inventory/group_vars/openqa_common b/inventory/group_vars/openqa_common index 7de554a709..774e0e77f3 100644 --- a/inventory/group_vars/openqa_common +++ b/inventory/group_vars/openqa_common @@ -21,6 +21,12 @@ openqa_assetsize_updates: 100 # allowed to create queues on the infra AMQP broker, by broker config openqa_amqp_passive: true +# fedora-messaging publisher settings +openqa_amqp_publisher_url: "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub" +# openQA isn't very ssl-aware here, so we're abusing its URL construction +# to stuff the cert and key values in here +openqa_amqp_publisher_exchange: "amq.topic&cacertfile=/etc/fedora-messaging/cacert{{ openqa_env_suffix }}.pem&certfile=/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem&keyfile=/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem" + # fedora-messaging job scheduler settings: most of these are the same # for prod and stg as they both must listen for prod messages. Only # the queue names differs diff --git a/inventory/group_vars/openqa_stg b/inventory/group_vars/openqa_stg index 15d8f18f27..a33dd5d221 100644 --- a/inventory/group_vars/openqa_stg +++ b/inventory/group_vars/openqa_stg @@ -24,6 +24,8 @@ openqa_assetsize_aarch64: 150 openqa_key: "{{ stg_openqa_apikey }}" openqa_secret: "{{ stg_openqa_apisecret }}" +openqa_webapi_plugins: FedoraMessaging FedoraUpdateRestart + # this is because openqa staging isn't really a staging host # we don't want to set env_suffix to stg on it because that may # break some other plays, but we do need the env suffix for the diff --git a/roles/openqa/server/defaults/main.yml b/roles/openqa/server/defaults/main.yml new file mode 100644 index 0000000000..88dca41563 --- /dev/null +++ b/roles/openqa/server/defaults/main.yml @@ -0,0 +1 @@ +openqa_webapi_plugins: FedoraUpdateRestart diff --git a/roles/openqa/server/tasks/main.yml b/roles/openqa/server/tasks/main.yml index e9e9870ea7..fa8e42da0c 100644 --- a/roles/openqa/server/tasks/main.yml +++ b/roles/openqa/server/tasks/main.yml @@ -16,6 +16,9 @@ # - external_hostname ## string - The public hostname for the server (will be used as ServerName) ## default - ansible_nodename +# - openqa_webapi_plugins +## string - Space-separated list of openQA WebAPI plugins to enable +## default - FedoraUpdateRestart # Optional vars # - openqa_static_uid @@ -39,9 +42,8 @@ ## Fedora testing, 50GB is good ## FIXME: this only works for pgsql ATM # - deployment_type -## string - Fedora Infrastructure thing; for this role, decides -## whether to enable some openQA plugins that should be -## enabled only in Fedora infra. Don't set it outside +## string - Fedora Infrastructure thing; for this role, applies an +## infra-specific tweak to httpd config. Don't set it outside ## Fedora infra. # # If openqa_dbhost is set, the others must be too, and the server will be diff --git a/roles/openqa/server/templates/openqa.ini.j2 b/roles/openqa/server/templates/openqa.ini.j2 index 57bdc3b29d..2bba2888d5 100644 --- a/roles/openqa/server/templates/openqa.ini.j2 +++ b/roles/openqa/server/templates/openqa.ini.j2 @@ -2,12 +2,17 @@ branding = plain base_url = https://{{ external_hostname }} download_domains = fedoraproject.org -{% if deployment_type is defined %} -plugins = Fedmsg FedoraUpdateRestart +{% if openqa_webapi_plugins is defined and openqa_webapi_plugins %} +plugins = {{ openqa_webapi_plugins }} {% endif %} hide_asset_types = repo iso hdd parallel_cancel_whole_cluster = 0 +[amqp] +topic_prefix = fedora +url = {{ openqa_amqp_publisher_url }} +exchange = {{ openqa_amqp_publisher_exchange }} + [auth] method=OpenID