Port koji to fedora-messaging

This commit: - creates the rabbitmq user on the cluster - installs the new dependencies, configuration and certificates - installs the new fedmsg/fedora-messaging plugin by pulling it from pagure.io Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
2019-03-04 12:06:49 +01:00 · 2019-03-04 12:06:49 +01:00 · aeaadd525e
commit aeaadd525e
parent fd585f6f3f
3 changed files with 120 additions and 0 deletions
--- a/playbooks/groups/koji-hub.yml
+++ b/playbooks/groups/koji-hub.yml
@ -110,3 +110,30 @@

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
+
+
+# Setup the rabbitmq user so fedora-messaging can send messages
+- name: setup RabbitMQ
+  hosts: rabbitmq-stg[0]
+  #hosts: rabbitmq[0]:rabbitmq-stg[0]
+  user: root
+  gather_facts: False
+
+  vars_files:
+    - /srv/web/infra/ansible/vars/global.yml
+    - "/srv/private/ansible/vars.yml"
+    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  tasks:
+    - name: Create the RabbitMQ user
+      when: env == 'staging'
+      rabbitmq_user:
+        user: "koji{{ env_suffix }}"
+        vhost: /pubsub
+        read_priv: "^$"
+        write_priv: "amq\\.topic"
+        configure_priv: "^$"
+        state: present
+      tags:
+        - config
+        - fedora-messaging
--- a/roles/koji_hub/tasks/main.yml
+++ b/roles/koji_hub/tasks/main.yml
@ -81,12 +81,85 @@

 - name: koji fedmsg plugin
  template: src=fedmsg-koji-plugin.py dest=/usr/lib/koji-hub-plugins/fedmsg-koji-plugin.py
+  when: env != 'staging'
  notify:
  - reload httpd
  tags:
  - config
  - koji_hub

+- name: install fedora-messaging as a dependency for the plugin
+  package: name={{ item }} state=present
+  when: env == 'staging'
+  with_items:
+  - python2-fedora-messaging
+  tags:
+  - packages
+  - koji_hub
+  - fedora-messaging
+
+- name: create the config folder for fedora-messaging
+  when: env == 'staging'
+  file: path=/etc/fedora-messaging/ owner=root group=root mode=0755 state=directory
+  tags:
+  - koji_hub
+  - fedora-messaging
+
+- name: install the configuration file for fedora-messaging
+  template:
+      src=fedora-messaging.toml
+      dest=/etc/fedora-messaging/config.toml
+  when: env == 'staging'
+  tags:
+  - config
+  - koji_hub
+  - fedora-messaging
+
+- name: create folder where we'll place the certs
+  when: env == 'staging'
+  file: path=/etc/pki/rabbitmq/kojicert/ owner=root group=root mode=0755 state=directory
+  tags:
+  - config
+  - koji_hub
+  - fedora-messaging
+
+- name: deploy koji/rabbitmq certificate
+  copy: src={{ item.src }}
+        dest=/etc/pki/rabbitmq/kojicert/{{ item.dest }}
+        owner={{ item.owner }} group=root mode={{ item.mode }}
+  when: env == 'staging'
+  with_items:
+    - src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/koji{{ env_suffix }}.crt"
+      dest: koji.crt
+      owner: root
+      mode: 0644
+    - src: "{{private}}/files/rabbitmq/{{env}}/pki/private/koji{{ env_suffix }}.key"
+      dest: koji.key
+      owner: root
+      mode: "600"
+    - src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
+      dest: koji.ca
+      owner: root
+      mode: 0644
+  tags:
+  - config
+  - koji_hub
+  - fedora-messaging
+
+- name: koji fedora-messaging plugin - installed as fedmsg-koji-plugin
+  get_url:
+      url: https://pagure.io/koji-fedmsg-plugin/raw/master/f/fedmsg-koji-plugin.py
+      dest: /usr/lib/koji-hub-plugins/fedmsg-koji-plugin.py
+      mode: 0644
+      checksum: sha256:48cd361366544d435fc529197bb4dc4e72d01263c8f4066dccef9404ce0a70a6
+  when: env == 'staging'
+  notify:
+  - reload httpd
+  tags:
+  - config
+  - koji_hub
+  - fedora-messaging
+
 #
 # install keytabs
 #
--- a/roles/koji_hub/templates/fedora-messaging.toml
+++ b/roles/koji_hub/templates/fedora-messaging.toml
@ -0,0 +1,20 @@
+# A sample configuration for fedora-messaging. This file is in the TOML format.
+# For complete details on all configuration options, see the documentation.
+
+amqp_url = "amqps://koji{{ env_suffix }}:@rabbitmq01{{ env_suffix }}.phx2.fedoraproject.org/%2Fpubsub"
+
+# The topic_prefix configuration value will add a prefix to the topics of every sent message.
+# This is used for migrating from fedmsg, and should not be used afterwards.
+{% if env == "staging" %}
+topic_prefix = "org.fedoraproject.stg"
+{% else %}
+topic_prefix = "org.fedoraproject.prod"
+{% endif %}
+
+[tls]
+ca_cert = "/etc/pki/rabbitmq/kojicert/koji.ca"
+keyfile = "/etc/pki/rabbitmq/kojicert/koji.key"
+certfile = "/etc/pki/rabbitmq/kojicert/koji.crt"
+
+[client_properties]
+app = "Koji"