diff --git a/master.yml b/master.yml index 0727dd9033..3c677809fe 100644 --- a/master.yml +++ b/master.yml @@ -121,6 +121,7 @@ #- import_playbook: /srv/web/infra/ansible/playbooks/openshift-apps/modernpaste.yml #- import_playbook: /srv/web/infra/ansible/playbooks/openshift-apps/rats.yml #- import_playbook: /srv/web/infra/ansible/playbooks/openshift-apps/transtats.yml +#- import_playbook: /srv/web/infra/ansible/playbooks/openshift-apps/the-new-hotness.yml # # host playbooks diff --git a/playbooks/openshift-apps/the-new-hotness.yml b/playbooks/openshift-apps/the-new-hotness.yml new file mode 100644 index 0000000000..fa82b4f757 --- /dev/null +++ b/playbooks/openshift-apps/the-new-hotness.yml @@ -0,0 +1,69 @@ +- name: make the app be real + hosts: os-masters-stg[0] + user: root + gather_facts: False + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + - role: openshift/project + app: the-new-hotness + description: Fedora-messaging consumer that listens to release-monitoring.org and files bugzilla bugs in response. + appowners: + - zlopez + +# - role: openshift/secret-file +# app: release-monitoring +# secret_name: release-monitoring-fedmsg-key +# key: fedmsg-release-monitoring.key +# privatefile: fedmsg-certs/keys/release-monitoring-stg.release-monitoring.org.key +# when: env == "staging" +# - role: openshift/secret-file +# app: release-monitoring +# secret_name: release-monitoring-fedmsg-cert +# key: fedmsg-release-monitoring.crt +# privatefile: fedmsg-certs/keys/release-monitoring-stg.release-monitoring.org.crt +# when: env == "staging" +# - role: openshift/secret-file +# app: release-monitoring +# secret_name: release-monitoring-fedmsg-key +# key: fedmsg-release-monitoring.key +# privatefile: fedmsg-certs/keys/release-monitoring-release-monitoring.org.key +# when: env != "staging" +# - role: openshift/secret-file +# app: release-monitoring +# secret_name: release-monitoring-fedmsg-cert +# key: fedmsg-release-monitoring.crt +# privatefile: fedmsg-certs/keys/release-monitoring-release-monitoring.org.crt + + - role: openshift/object + app: the-new-hotness + template: imagestream.yml + objectname: imagestream.yml + + - role: openshift/object + app: the-new-hotness + template: buildconfig.yml + objectname: buildconfig.yml + + - role: openshift/object + app: the-new-hotness + template: configmap.yml + objectname: configmap.yml + + - role: openshift/start-build + app: the-new-hotness + buildname: the-new-hotness-build + objectname: the-new-hotness-build + + - role: openshift/object + app: the-new-hotness + file: deploymentconfig.yml + objectname: deploymentconfig.yml + + - role: openshift/rollout + app: the-new-hotness + dcname: the-new-hotness \ No newline at end of file diff --git a/roles/openshift-apps/the-new-hotness/files/deploymentconfig.yml b/roles/openshift-apps/the-new-hotness/files/deploymentconfig.yml new file mode 100644 index 0000000000..55aa8fbacc --- /dev/null +++ b/roles/openshift-apps/the-new-hotness/files/deploymentconfig.yml @@ -0,0 +1,60 @@ +- apiVersion: v1 + kind: DeploymentConfig + metadata: + labels: + app: the-new-hotness + service: the-new-hotness + name: the-new-hotness + spec: + replicas: 1 + selector: + deploymentconfig: the-new-hotness + strategy: + activeDeadlineSeconds: 21600 + recreateParams: + timeoutSeconds: 600 + type: Recreate + template: + metadata: + creationTimestamp: null + labels: + app: the-new-hotness + deploymentconfig: the-new-hotness + spec: + containers: + - name: the-new-hotness + image: the-new-hotness/the-new-hotness:latest + command: ["fedora-messaging", "consume"] + volumeMounts: + - name: config-volume + mountPath: /etc/fedora-messaging + readOnly: true +# - name: fedmsg-key-volume +# mountPath: /etc/pki/fedmsg/key +# readOnly: true +# - name: fedmsg-crt-volume +# mountPath: /etc/pki/fedmsg/crt +# readOnly: true + volumes: + - name: config-volume + configMap: + name: the-new-hotness-configmap +# - name: fedmsg-key-volume +# secret: +# secretName: release-monitoring-fedmsg-key +# - name: fedmsg-crt-volume +# secret: +# secretName: release-monitoring-fedmsg-cert + triggers: + - imageChangeParams: + automatic: true + containerNames: + - the-new-hotness + from: + kind: ImageStreamTag + name: the-new-hotness:latest + namespace: the-new-hotness + type: ImageChange + - type: ConfigChange +kind: List +metadata: {} diff --git a/roles/openshift-apps/the-new-hotness/files/imagestream.yml b/roles/openshift-apps/the-new-hotness/files/imagestream.yml new file mode 100644 index 0000000000..aa89c3752a --- /dev/null +++ b/roles/openshift-apps/the-new-hotness/files/imagestream.yml @@ -0,0 +1,10 @@ +apiVersion: v1 +items: + - apiVersion: v1 + kind: ImageStream + metadata: + name: the-new-hotness + labels: + build: the-new-hotness +kind: List +metadata: {} diff --git a/roles/openshift-apps/the-new-hotness/templates/buildconfig.yml b/roles/openshift-apps/the-new-hotness/templates/buildconfig.yml new file mode 100644 index 0000000000..72198c20e4 --- /dev/null +++ b/roles/openshift-apps/the-new-hotness/templates/buildconfig.yml @@ -0,0 +1,72 @@ + apiVersion: v1 +items: + - apiVersion: v1 + kind: BuildConfig + metadata: + labels: + build: the-new-hotness-build + name: the-new-hotness-build + spec: + runPolicy: Serial + source: + dockerfile: |- + FROM fedora:29 + LABEL \ + name="the-new-hotness" \ + vendor="Fedora Infrastructure" \ + license="GPLv2+" + RUN dnf install -y \ + git \ + koji \ + rpm-python \ + python3-bugzilla \ + python3-dogpile-cache \ + python3-requests \ + fedora-messaging \ + python3-fedora-messaging \ + python3-pip \ + python3-setuptools && \ + dnf autoremove -y && \ + dnf clean all -y + RUN git clone https://github.com/fedora-infra/the-new-hotness.git && \ + pushd the-new-hotness && \ + {% if env == 'staging' %} + git checkout staging && \ + {% else %} + git checkout production && \ + {% endif %} + python3 setup.py install && \ + pip-3 install . && \ + pushd hotness_schema && \ + python3 setup.py install && \ + pip-3 install . && \ + rm -rf the-new-hotness + EXPOSE 9940 +type: Dockerfile +git: + uri: https://github.com/fedora-infra/the-new-hotness.git + {% if env == 'staging' %} + ref: staging + {% else %} + ref: production + {% endif %} +strategy: + type: Docker +output: + to: + kind: ImageStreamTag + name: the-new-hotness:latest +triggers: + {% if stg_anitya_github_secret is defined and env == 'staging' %} +- type: GitHub + github: + secret: "{{ stg_hotness_github_secret }}" + {% elif anitya_github_secret is defined and env == 'production' %} +- type: GitHub + github: + secret: "{{ hotness_github_secret }}" + {% endif %} +- type: ConfigChange +- type: ImageChange +kind: List +metadata: {} diff --git a/roles/openshift-apps/the-new-hotness/templates/configmap.yml b/roles/openshift-apps/the-new-hotness/templates/configmap.yml new file mode 100644 index 0000000000..6ed65bc48b --- /dev/null +++ b/roles/openshift-apps/the-new-hotness/templates/configmap.yml @@ -0,0 +1,160 @@ +--- +apiVersion: v1 +kind: List +metadata: {} +items: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: the-new-hotness-configmap + labels: + app: the-new-hotness + data: + anitya.toml: |- + # This file is in the TOML format. + # For complete details on all configuration options, see the documentation + # https://fedora-messaging.readthedocs.io/en/latest/configuration.html. + + amqp_url = "amqps://messaging-bridge{{ env_suffix }}.fedoraproject.org:@rabbitmq01{{ env_suffix }}.phx2.fedoraproject.org/%2Fpubsub" + + publish_exchange = "amq.topic" + + callback = "hotness.consumers:BugzillaTicketFiler" + + # Note the double brackets below. + # To add another binding, add another [[bindings]] section. + [[bindings]] + queue = "the-new-hotness" + exchange = "amq.topic" + routing_keys = [ + "org.release-monitoring.prod.anitya.project.version.update", + "org.release-monitoring.prod.anitya.project.map.new", + "org.fedoraproject.prod.buildsys.task.state.change", + ] + + [tls] + ca_cert = "" + keyfile = "" + certfile = "" + + [client_properties] + app = "the-new-hotness" + + [queues.the-new-hotness] + durable = true + auto_delete = false + exclusive = false + arguments = {} + + [qos] + prefetch_size = 0 + prefetch_count = 25 + + [log_config] + version = 1 + disable_existing_loggers = true + + [log_config.formatters.simple] + format = "[%(name)s %(levelname)s] %(message)s" + + [log_config.handlers.console] + class = "logging.StreamHandler" + formatter = "simple" + stream = "ext://sys.stdout" + + [log_config.loggers.fedora_messaging] + level = "INFO" + propagate = false + handlers = ["console"] + + [log_config.root] + level = "WARNING" + handlers = ["console"] + + # the-new-hotness consumer configuration + [consumer_config] + repo_url = "https://pagure.io/releng/fedora-scm-requests" +{% if env == "staging" %} + mdapi_url = "https://apps.stg.fedoraproject.org/mdapi" + pdc_url = "https://pdc.stg.fedoraproject.org" + dist_git_url = "https://src.stg.fedoraproject.org" +{% else %} + mdapi_url = "https://apps.fedoraproject.org/mdapi" + pdc_url = "https://pdc.fedoraproject.org" + dist_git_url = "https://src.fedoraproject.org" +{% endif %} + # The time in seconds the-new-hotness should wait for a socket to connect + # before giving up. + connect_timeout = 15 + # The time in seconds the-new-hotness should wait for a read from a socket + # before giving up. + read_timeout = 15 + # The number of times the-new-hotness should retry a network request that + # that failed for any reason (e.g. read timeout, DNS error, etc) + requests_retries = 3 + yum_config = "/etc/hotness-yum.conf" + # If true, publish fedmsg messages instead of fedora-messaging messages + legacy_messaging = false + + [consumer_config.bugzilla] + enabled = true + #user = None + #password = None + api_key = "{{ upstream_release_bugzilla_api_token }}" +{% if env == "staging" %} + url = "https://partner-bugzilla.redhat.com" + explanation_url = "https://stg.fedoraproject.org/wiki/Upstream_release_monitoring" +{% else %} + url = "https://bugzilla.redhat.com" + explanation_url = "https://fedoraproject.org/wiki/Upstream_release_monitoring" +{% endif %} + product = "Fedora" + version = "rawhide" + keywords = "FutureFeature,Triaged" + bug_status = "NEW" + short_desc_template = "%(name)s-%(latest_upstream)s is available" + description_template = """ +Latest upstream release: %(latest_upstream)s +Current version/release in %(repo_name)s: %(repo_version)s-%(repo_release)s +URL: %(url)s + +Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy + +More information about the service that created this bug can be found at: %(explanation_url)s + +Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. + +Based on the information from anitya: https://release-monitoring.org/project/%(projectid)s/ +""" + + [consumer_config.koji] +{% if env == "staging" %} + server = "https://koji.stg.fedoraproject.org/kojihub" + weburl = "https://koji.stg.fedoraproject.org/koji" +{% else %} + server = "https://koji.fedoraproject.org/kojihub" + weburl = "https://koji.fedoraproject.org/koji" +{% endif %} + krb_principal = "hotness/hotness01{{env_suffix}}.phx2.fedoraproject.org@{{ipa_realm}}" + krb_keytab = "/etc/krb5.hotness_hotness01{{env_suffix}}.phx2.fedoraproject.org.keytab" + krb_ccache = "" + krb_proxyuser = "" + krb_sessionopts = {timeout = 3600, krb_rdns = false} + git_url = "https://src.fedoraproject.org/cgit/rpms/{package}.git" + user_email = [ + "Fedora Release Monitoring", + "", + ] + opts = {scratch = true} + priority = 30 + target_tag = "rawhide" + + [consumer_config.anitya] + url = "https://release-monitoring.org" + username = "{{ fedoraDummyUser }}" + password = "{{ fedoraDummyPassword }}" + + [consumer_config.cache] + backend = "dogpile.cache.dbm" + expiration_time = 300 + arguments = {filename = "/var/tmp/the-new-hotness-