First attempt at migrating bugzilla2fedmsg to openshift
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
parent
ebddc53593
commit
b811b2dd65
6 changed files with 303 additions and 0 deletions
71
playbooks/openshift-apps/bugzilla2fedmsg.yml
Normal file
71
playbooks/openshift-apps/bugzilla2fedmsg.yml
Normal file
|
@ -0,0 +1,71 @@
|
|||
- name: make the app be real
|
||||
hosts: os_masters_stg[0]
|
||||
user: root
|
||||
gather_facts: False
|
||||
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- "/srv/private/ansible/vars.yml"
|
||||
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
||||
|
||||
roles:
|
||||
|
||||
- role: rabbit/user
|
||||
username: "bugzilla2fedmsg{{ env_suffix }}"
|
||||
|
||||
- role: openshift/project
|
||||
app: bugzilla2fedmsg
|
||||
description: bugzilla2fedmsg
|
||||
appowners:
|
||||
- abompard
|
||||
tags:
|
||||
- apply-appowners
|
||||
# Fedora Messaging secrets
|
||||
- role: openshift/secret-file
|
||||
app: bugzilla2fedmsg
|
||||
secret_name: fedora-messaging-ca
|
||||
key: cacert.pem
|
||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||
- role: openshift/secret-file
|
||||
app: bugzilla2fedmsg
|
||||
secret_name: fedora-messaging-crt
|
||||
key: bugzilla2fedmsg-cert.pem
|
||||
privatefile: "rabbitmq/{{env}}/pki/issued/bugzilla2fedmsg{{env_suffix}}.crt"
|
||||
- role: openshift/secret-file
|
||||
app: bugzilla2fedmsg
|
||||
secret_name: fedora-messaging-key
|
||||
key: bugzilla2fedmsg-key.pem
|
||||
privatefile: "rabbitmq/{{env}}/pki/private/bugzilla2fedmsg{{env_suffix}}.key"
|
||||
# STOMP secrets
|
||||
- role: openshift/secret-file
|
||||
app: bugzilla2fedmsg
|
||||
secret_name: stomp-crt
|
||||
key: msg-client-fedora-prod.crt
|
||||
privatefile: "bugzilla2fedmsg/msg-client-fedora-prod.crt"
|
||||
- role: openshift/secret-file
|
||||
app: bugzilla2fedmsg
|
||||
secret_name: stomp-key
|
||||
key: msg-client-fedora-prod.key
|
||||
privatefile: "bugzilla2fedmsg/msg-client-fedora-prod.key"
|
||||
|
||||
- role: openshift/imagestream
|
||||
app: bugzilla2fedmsg
|
||||
imagename: bugzilla2fedmsg
|
||||
- role: openshift/object
|
||||
app: bugzilla2fedmsg
|
||||
template: buildconfig.yml
|
||||
objectname: buildconfig.yml
|
||||
- role: openshift/start-build
|
||||
app: bugzilla2fedmsg
|
||||
buildname: bugzilla2fedmsg-build
|
||||
- role: openshift/object
|
||||
app: bugzilla2fedmsg
|
||||
template: configmap.yml
|
||||
objectname: configmap.yml
|
||||
- role: openshift/object
|
||||
app: bugzilla2fedmsg
|
||||
template: deploymentconfig.yml
|
||||
objectname: deploymentconfig.yml
|
||||
- role: openshift/rollout
|
||||
app: bugzilla2fedmsg
|
||||
dcname: bugzilla2fedmsg
|
10
roles/openshift-apps/bugzilla2fedmsg/files/imagestream.yml
Normal file
10
roles/openshift-apps/bugzilla2fedmsg/files/imagestream.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ImageStream
|
||||
metadata:
|
||||
name: bugzilla2fedmsg
|
||||
spec:
|
||||
lookupPolicy:
|
||||
local: false
|
||||
status:
|
||||
dockerImageRepository: ""
|
|
@ -0,0 +1,32 @@
|
|||
apiVersion: v1
|
||||
kind: BuildConfig
|
||||
metadata:
|
||||
name: bugzilla2fedmsg-build
|
||||
labels:
|
||||
environment: "bugzilla2fedmsg"
|
||||
spec:
|
||||
source:
|
||||
type: Dockerfile
|
||||
dockerfile: |-
|
||||
FROM fedora:30
|
||||
LABEL \
|
||||
name="bugzilla2fedmsg" \
|
||||
vendor="Fedora Infrastructure" \
|
||||
license="MIT"
|
||||
RUN curl -o /etc/yum.repos.d/infra-tags.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/fedora-infra-tags.repo
|
||||
{% if env == "staging" %}
|
||||
RUN curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/fedora-infra-tags-stg.repo
|
||||
{% endif %}
|
||||
RUN dnf install -y python3-bugzilla2fedmsg
|
||||
ENV USER=openshift
|
||||
ENTRYPOINT /usr/bin/bugzilla2fedmsg
|
||||
strategy:
|
||||
type: Docker
|
||||
dockerStrategy:
|
||||
noCache: false
|
||||
triggers:
|
||||
- type: ImageChange
|
||||
output:
|
||||
to:
|
||||
kind: ImageStreamTag
|
||||
name: bugzilla2fedmsg:latest
|
12
roles/openshift-apps/bugzilla2fedmsg/templates/configmap.yml
Normal file
12
roles/openshift-apps/bugzilla2fedmsg/templates/configmap.yml
Normal file
|
@ -0,0 +1,12 @@
|
|||
{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: fedora-messaging-configmap
|
||||
labels:
|
||||
app: bugzilla2fedmsg
|
||||
data:
|
||||
fedora-messaging.toml: |-
|
||||
{{ load_file('fedora-messaging.toml') | indent }}
|
||||
|
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: DeploymentConfig
|
||||
metadata:
|
||||
labels:
|
||||
app: bugzilla2fedmsg
|
||||
service: bugzilla2fedmsg
|
||||
name: bugzilla2fedmsg
|
||||
spec:
|
||||
replicas: 2
|
||||
selector:
|
||||
app: bugzilla2fedmsg
|
||||
deploymentconfig: bugzilla2fedmsg
|
||||
strategy:
|
||||
resources: {}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: bugzilla2fedmsg
|
||||
deploymentconfig: bugzilla2fedmsg
|
||||
spec:
|
||||
containers:
|
||||
- image: bugzilla2fedmsg:latest
|
||||
name: bugzilla2fedmsg
|
||||
env:
|
||||
- name: APP_MODULE
|
||||
value: "bugzilla2fedmsg:app"
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- name: fedora-messaging-config-volume
|
||||
mountPath: /etc/fedora-messaging
|
||||
readOnly: true
|
||||
- name: fedora-messaging-ca-volume
|
||||
mountPath: /etc/pki/fedora-messaging/cacert.pem
|
||||
subPath: cacert.pem
|
||||
readOnly: true
|
||||
- name: fedora-messaging-crt-volume
|
||||
mountPath: /etc/pki/fedora-messaging/bugzilla2fedmsg-cert.pem
|
||||
subPath: bugzilla2fedmsg-cert.pem
|
||||
readOnly: true
|
||||
- name: fedora-messaging-key-volume
|
||||
mountPath: /etc/pki/fedora-messaging/bugzilla2fedmsg-key.pem
|
||||
subPath: bugzilla2fedmsg-key.pem
|
||||
readOnly: true
|
||||
- name: stomp-crt-volume
|
||||
mountPath: /etc/pki/stomp/msg-client-fedora-prod.crt
|
||||
subPath: msg-client-fedora-prod.crt
|
||||
readOnly: true
|
||||
- name: stomp-key-volume
|
||||
mountPath: /etc/pki/stomp/msg-client-fedora-prod.key
|
||||
subPath: msg-client-fedora-prod.key
|
||||
readOnly: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
initialDelaySeconds: 5
|
||||
httpGet:
|
||||
path: /
|
||||
port: 8080
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
initialDelaySeconds: 30
|
||||
httpGet:
|
||||
path: /
|
||||
port: 8080
|
||||
volumes:
|
||||
- name: fedora-messaging-config-volume
|
||||
configMap:
|
||||
name: fedora-messaging-configmap
|
||||
- name: fedora-messaging-ca-volume
|
||||
secret:
|
||||
secretName: fedora-messaging-ca
|
||||
- name: fedora-messaging-crt-volume
|
||||
secret:
|
||||
secretName: fedora-messaging-crt
|
||||
- name: fedora-messaging-key-volume
|
||||
secret:
|
||||
secretName: fedora-messaging-key
|
||||
- name: stomp-crt-volume
|
||||
secret:
|
||||
secretName: stomp-crt
|
||||
- name: stomp-key-volume
|
||||
secret:
|
||||
secretName: stomp-key
|
||||
|
||||
triggers:
|
||||
- type: ConfigChange
|
||||
- type: ImageChange
|
||||
imageChangeParams:
|
||||
automatic: true
|
||||
containerNames:
|
||||
- bugzilla2fedmsg
|
||||
from:
|
||||
kind: ImageStreamTag
|
||||
name: bugzilla2fedmsg:latest
|
|
@ -0,0 +1,82 @@
|
|||
# Configuraton for Fedora Messaging
|
||||
|
||||
# Broker address
|
||||
amqp_url = "amqps://bugzilla2fedmsg{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
|
||||
|
||||
# The topic_prefix configuration value will add a prefix to the topics of every sent message.
|
||||
# This is used for migrating from fedmsg, and should not be used afterwards.
|
||||
{% if env == "staging" %}
|
||||
topic_prefix = "org.fedoraproject.stg"
|
||||
{% else %}
|
||||
topic_prefix = "org.fedoraproject.prod"
|
||||
{% endif %}
|
||||
|
||||
[tls]
|
||||
ca_cert = "/etc/pki/fedora-messaging/cacert.pem"
|
||||
keyfile = "/etc/pki/fedora-messaging/bugzilla2fedmsg-key.pem"
|
||||
certfile = "/etc/pki/fedora-messaging/bugzilla2fedmsg-cert.pem"
|
||||
|
||||
|
||||
[consumer_config]
|
||||
[consumer_config.stomp]
|
||||
# Broker URI
|
||||
# http://nikipore.github.io/stompest/protocol.html#stompest.protocol.failover.StompFailoverUri
|
||||
# Example: failover:(tcp://remote1:61615,tcp://localhost:61616)?randomize=false,startupMaxReconnectAttempts=3,initialReconnectDelay=7,maxReconnectDelay=8,maxReconnectAttempts=0
|
||||
uri = "ssl://localhost:61612"
|
||||
{% if env == 'staging' %}
|
||||
uri = "failover:(ssl://messaging-devops-broker01.dist.stage.ext.phx2.redhat.com:61612,ssl://messaging-devops-broker02.dist.stage.ext.phx2.redhat.com:61612)"
|
||||
user = "{{ redhat_dmz_dev_broker_username }}"
|
||||
pass = "{{ redhat_dmz_dev_broker_password }}"
|
||||
{% else %}
|
||||
uri = "failover:(ssl://messaging-devops-broker01.dist.prod.ext.phx2.redhat.com:61612,ssl://messaging-devops-broker02.dist.prod.ext.phx2.redhat.com:61612)"
|
||||
user = "{{ redhat_dmz_prod_broker_username }}"
|
||||
pass = "{{ redhat_dmz_prod_broker_password }}"
|
||||
{% endif %}
|
||||
ssl_crt = "/etc/pki/stomp/msg-client-fedora-prod.crt"
|
||||
ssl_key = "/etc/pki/stomp/msg-client-fedora-prod.key"
|
||||
|
||||
# Queue to subscribe to
|
||||
queue = "/queue/Consumer.fedora.DO-NOT-COPY.VirtualTopic.eng.bugzilla.>"
|
||||
|
||||
# Heartbeat to keep the connection open
|
||||
heartbeat = 1000
|
||||
|
||||
# How many messages to prefetch
|
||||
prefetch_size = 100
|
||||
|
||||
[consumer_config.bugzilla]
|
||||
# Products to relay messages for - messages for bugs files against
|
||||
# other products will be ignored
|
||||
products = ["Fedora", "Fedora EPEL"]
|
||||
# Whether to modify messages to look more like Bugzilla 4 ones did
|
||||
bz4compat = true
|
||||
|
||||
|
||||
[client_properties]
|
||||
app = "bugzilla2fedmsg"
|
||||
|
||||
[log_config]
|
||||
version = 1
|
||||
disable_existing_loggers = true
|
||||
|
||||
[log_config.formatters.simple]
|
||||
format = "[%(name)s %(levelname)s] %(message)s"
|
||||
|
||||
[log_config.handlers.console]
|
||||
class = "logging.StreamHandler"
|
||||
formatter = "simple"
|
||||
stream = "ext://sys.stdout"
|
||||
|
||||
[log_config.loggers.fedora_messaging]
|
||||
level = "INFO"
|
||||
propagate = false
|
||||
handlers = ["console"]
|
||||
|
||||
[log_config.loggers.bugzilla2fedmsg]
|
||||
level = "INFO"
|
||||
propagate = false
|
||||
handlers = ["console"]
|
||||
|
||||
[log_config.root]
|
||||
level = "WARNING"
|
||||
handlers = ["console"]
|
Loading…
Add table
Add a link
Reference in a new issue