diff --git a/playbooks/openshift-apps/nuancier.yml b/playbooks/openshift-apps/nuancier.yml new file mode 100644 index 0000000000..08ea238c40 --- /dev/null +++ b/playbooks/openshift-apps/nuancier.yml @@ -0,0 +1,52 @@ +- name: make the app be real + hosts: os-masters-stg[0] + user: root + gather_facts: False + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + - role: openshift/project + app: nuancier + description: Fedora nuancier apps + appowners: + - cverna + - pingou + - role: openshift/object + app: nuancier + template: imagestream.yml + objectname: imagestream.yml + - role: openshift/object + app: nuancier + template: buildconfig.yml + objectname: buildconfig.yml + + - role: openshift/object + app: nuancier + template: configmap.yml + objectname: configmap.yml + + - role: openshift/start-build + app: nuancier + buildname: nuancier-build + objectname: nuancier-build + + - role: openshift/object + app: nuancier + file: service.yml + objectname: service.yml + + - role: openshift/route + app: nuancier + routename: nuancier + host: "wallpapers{{ env_suffix }}.fedoraproject.org" + serviceport: 8080-tcp + servicename: nuancier + + - role: openshift/object + app: nuancier + file: deploymentconfig.yml + objectname: deploymentconfig.yml diff --git a/roles/openshift-apps/nuancier/files/deploymentconfig.yml b/roles/openshift-apps/nuancier/files/deploymentconfig.yml new file mode 100644 index 0000000000..cc3f64819b --- /dev/null +++ b/roles/openshift-apps/nuancier/files/deploymentconfig.yml @@ -0,0 +1,69 @@ +--- +apiVersion: v1 +kind: DeploymentConfig +metadata: + labels: + app: nuancier + service: nuancier + name: nuancier +spec: + replicas: 1 + selector: + app: nuancier + deploymentconfig: nuancier + strategy: + type: Recreate + recreateParams: +# mid: +# failurePolicy: Abort +# execNewPod: +# containerName: nuancier +# command: ["alembic", "upgrade", "head", "-c", "/opt/app-root/config/alembic.ini"] +# env: +# - name: PYTHONPATH +# value: /opt/app-root/src +# volumes: +# - config-volume + template: + metadata: + labels: + app: nuancier + deploymentconfig: nuancier + spec: + containers: + - name: nuancier + image: nuancier:latest + ports: + - containerPort: 8080 + resources: {} + volumeMounts: + - name: config-volume + mountPath: /opt/app-root/config/ + readOnly: true + readinessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 5 + httpGet: + path: / + port: 8080 + livenessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 30 + httpGet: + path: / + port: 8080 + volumes: + - name: config-volume + configMap: + name: nuancier-configmap + + triggers: + - type: ConfigChange + - type: ImageChange + imageChangeParams: + automatic: true + containerNames: + - nuancier + from: + kind: ImageStreamTag + name: nuancier:latest diff --git a/roles/openshift-apps/nuancier/files/service.yml b/roles/openshift-apps/nuancier/files/service.yml new file mode 100644 index 0000000000..837ad76756 --- /dev/null +++ b/roles/openshift-apps/nuancier/files/service.yml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: nuancier + name: nuancier +spec: + ports: + - name: 8080-tcp + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app: nuancier + deploymentconfig: nuancier diff --git a/roles/openshift-apps/nuancier/templates/alembic.ini b/roles/openshift-apps/nuancier/templates/alembic.ini new file mode 100644 index 0000000000..ba54b9feeb --- /dev/null +++ b/roles/openshift-apps/nuancier/templates/alembic.ini @@ -0,0 +1,54 @@ +# A generic, single database configuration. + +[alembic] +# path to migration scripts +script_location = /opt/app-root/src/nuancier/alembic + +# template used to generate migration files +# file_template = %%(rev)s_%%(slug)s + +# set to 'true' to run the environment during +# the 'revision' command, regardless of autogenerate +# revision_environment = false + +{% if env == 'staging' %} +sqlalchemy.url = postgresql://{{ nuancier_db_admin_user }}:{{ nuancier_db_admin_pass }}@db01.stg.phx2.fedoraproject.org/{{ nuancier_db_name }} +{% else %} +sqlalchemy.url = postgresql://{{ nuancier_db_admin_user }}:{{ nuancier_db_admin_pass }}@db01.phx2.fedoraproject.org/{{ nuancier_db_name }} +{% endif %} + + +# Logging configuration +[loggers] +keys = root,sqlalchemy,alembic + +[handlers] +keys = console + +[formatters] +keys = generic + +[logger_root] +level = WARN +handlers = console +qualname = + +[logger_sqlalchemy] +level = WARN +handlers = +qualname = sqlalchemy.engine + +[logger_alembic] +level = INFO +handlers = +qualname = alembic + +[handler_console] +class = StreamHandler +args = (sys.stderr,) +level = NOTSET +formatter = generic + +[formatter_generic] +format = %(levelname)-5.5s [%(name)s] %(message)s +datefmt = %H:%M:%S diff --git a/roles/openshift-apps/nuancier/templates/buildconfig.yml b/roles/openshift-apps/nuancier/templates/buildconfig.yml new file mode 100644 index 0000000000..f5fbd6885b --- /dev/null +++ b/roles/openshift-apps/nuancier/templates/buildconfig.yml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: BuildConfig +metadata: + name: nuancier-build + labels: + environment: "nuancier" +spec: + output: + to: + kind: ImageStreamTag + name: nuancier:latest + source: + type: Git + git: + uri: https://pagure.io/nuancier.git +{% if env == 'staging' %} + ref: "staging" +{% else %} + ref: "production" +{% endif %} + strategy: + type: Source + sourceStrategy: + from: + kind: ImageStreamTag + namespace: openshift + name: python:3.6 + triggers: + - type: ConfigChange + - type: ImageChange diff --git a/roles/openshift-apps/nuancier/templates/configmap.yml b/roles/openshift-apps/nuancier/templates/configmap.yml new file mode 100644 index 0000000000..9e3cb67d1d --- /dev/null +++ b/roles/openshift-apps/nuancier/templates/configmap.yml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: nuancier-configmap + labels: + app: nuancier +{% macro load_file(filename) %}{% include filename %}{%- endmacro -%} +data: + alembic.ini: |- + {{ load_file('alembic.ini') | indent }} + nuancier.cfg: |- + {{ load_file('nuancier.cfg') | indent }} diff --git a/roles/openshift-apps/nuancier/templates/imagestream.yml b/roles/openshift-apps/nuancier/templates/imagestream.yml new file mode 100644 index 0000000000..c1ddbfacab --- /dev/null +++ b/roles/openshift-apps/nuancier/templates/imagestream.yml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: ImageStream +metadata: + name: nuancier +spec: + lookupPolicy: + local: false +status: + dockerImageRepository: "" diff --git a/roles/openshift-apps/nuancier/templates/nuancier.cfg b/roles/openshift-apps/nuancier/templates/nuancier.cfg new file mode 100644 index 0000000000..bcbe311652 --- /dev/null +++ b/roles/openshift-apps/nuancier/templates/nuancier.cfg @@ -0,0 +1,70 @@ +# Beware that the quotes around the values are mandatory + +import os + +### Secret key for the Flask application +SECRET_KEY='{{ nuancier_secret_key }}' + +### url to the database server: +{% if env == 'staging' %} +DB_URL='postgresql://{{ nuancier_db_user }}:{{ nuancier_db_pass }}@db01.stg.phx2.fedoraproject.org/{{ nuancier_db_name }}' +{% else %} +DB_URL='postgresql://{{ nuancier_db_user }}:{{ nuancier_db_pass }}@db01.phx2.fedoraproject.org/{{ nuancier_db_name }}' +{% endif %} + +### The FAS groups in which the admin of nuancier are +### This can either be a single group or multiple, defined between +### parenthesis. +ADMIN_GROUP=('sysadmin-nuancier', 'sysadmin-main') +# FAS group for the nuancier reviewers +REVIEW_GROUP = ('nuancier-mentors') +# FAS group of users having a higher vote +WEIGHTED_GROUP = ('sysadmin-nuancier', 'designteam') + +### Static folder +### The folder containing the css, javascript as well as the pictures +### candidates and the cache of those pictures. +### This directory should be somewhere where apache can access, it's +### proposed in '/var/www/nuancier' +STATIC_FOLDER = '/var/cache/nuancier' + +### Pictures folder +### The folder in which are located the pictures of the different elections. +### This folder does not have to be writable by the application but should be +### readable. +### /!\ It should be the full path to this folder +PICTURE_FOLDER = os.path.join(STATIC_FOLDER, 'pictures') + +### Cache folder +### The folder in which the application will generate thumbnails of the pictures +### selected for an election. +### This folder *must* be *writable* by the application. +### /!\ It should be the full path to this folder +CACHE_FOLDER = os.path.join(STATIC_FOLDER, 'cache') + +### Size of the thumbnails (keeping the ratio) +### In order to reduce the loading page of the election page that might contains +### more than hundreds pictures, the application generates thumbnails of each +### pictures. +### The application will keep the ratio intact and just make sure that either +### length or width of the picture fit the length and width specified below. +THUMB_SIZE = (256, 256) + +# This is required to fix login in stg +PREFERRED_URL_SCHEME='https' + +# Make browsers send session cookie only via HTTPS +SESSION_COOKIE_SECURE = True + +# Used by SESSION_COOKIE_PATH +APPLICATION_ROOT = '/nuancier/' +SESSION_COOKIE_NAME = 'nuancier' + +# dogpile.cache configuration to work with memcached +NUANCIER_CACHE_BACKEND = 'dogpile.cache.memcached' +NUANCIER_CACHE_KWARGS = {'arguments' : { + 'url': "127.0.0.1:11211", + } +} + +NUANCIER_EMAIL_NOTIFICATIONS = True