diff --git a/playbooks/openshift-apps/joystick.yml b/playbooks/openshift-apps/joystick.yml new file mode 100644 index 0000000000..4f619e7a60 --- /dev/null +++ b/playbooks/openshift-apps/joystick.yml @@ -0,0 +1,69 @@ +- name: make the app be real + hosts: os-masters-stg[0] + user: root + gather_facts: False + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + - role: rabbit/queue + username: joystick{{ env_suffix }} + queue_name: joystick{{ env_suffix }} + routing_keys: + - "org.fedoraproject.*.pungi.compose.status.change" + + - role: openshift/project + app: joystick + description: joystick + appowners: + - sayanchowdhury + + - role: openshift/secret-file + app: joystick + secret_name: joystick-fedora-messaging-ca + key: fedora-messaging-joystick-ca.crt + privatefile: "rabbitmq/{{env}}/pki/ca.crt" + + - role: openshift/secret-file + app: joystick + secret_name: joystick-fedora-messaging-key + key: fedora-messaging-joystick.key + privatefile: "rabbitmq/{{env}}/pki/private/joystick{{env_suffix}}.key" + + - role: openshift/secret-file + app: joystick + secret_name: joystick-fedora-messaging-cert + key: fedora-messaging-joystick.crt + privatefile: "rabbitmq/{{env}}/pki/issued/joystick{{env_suffix}}.crt" + + - role: openshift/object + app: joystick + file: imagestream.yml + objectname: imagestream.yml + + - role: openshift/object + app: joystick + template: buildconfig.yml + objectname: buildconfig.yml + + - role: openshift/object + app: joystick + template: configmap.yml + objectname: configmap.yml + + - role: openshift/start-build + app: joystick + buildname: joystick-build + objectname: joystick-build + + - role: openshift/object + app: joystick + file: deploymentconfig.yml + objectname: deploymentconfig.yml + + - role: openshift/rollout + app: joystick + dcname: joystick diff --git a/roles/openshift-apps/joystick/files/deploymentconfig.yml b/roles/openshift-apps/joystick/files/deploymentconfig.yml new file mode 100644 index 0000000000..553dd2ee18 --- /dev/null +++ b/roles/openshift-apps/joystick/files/deploymentconfig.yml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: DeploymentConfig +metadata: + labels: + app: joystick + service: joystick + name: joystick +spec: + replicas: 1 + selector: + app: joystick + deploymentconfig: joystick + strategy: + type: Recreate + recreateParams: + timeoutSeconds: 600 + template: + metadata: + labels: + app: joystick + deploymentconfig: joystick + spec: + containers: + - name: joystick + image: joystick/joystick:latest + command: ["fedora-messaging", "consume"] + volumeMounts: + - name: config-volume + mountPath: /etc/fedora-messaging + readOnly: true + - name: fedora-messaging-ca-volume + mountPath: /etc/pki/rabbitmq/ca + readOnly: true + - name: fedora-messaging-key-volume + mountPath: /etc/pki/rabbitmq/key + readOnly: true + - name: fedora-messaging-cert-volume + mountPath: /etc/pki/rabbitmq/cert + readOnly: true + volumes: + - name: config-volume + configMap: + name: joystick-configmap + - name: fedora-messaging-ca-volume + secret: + secretName: joystick-fedora-messaging-ca + - name: fedora-messaging-key-volume + secret: + secretName: joystick-fedora-messaging-key + - name: fedora-messaging-cert-volume + secret: + secretName: joystick-fedora-messaging-cert + triggers: + - imageChangeParams: + automatic: true + containerNames: + - joystick + from: + kind: ImageStreamTag + name: joystick:latest + namespace: joystick + type: ImageChange + - type: ConfigChange +kind: List +metadata: {} diff --git a/roles/openshift-apps/joystick/files/imagestream.yml b/roles/openshift-apps/joystick/files/imagestream.yml new file mode 100644 index 0000000000..1d9e8c633f --- /dev/null +++ b/roles/openshift-apps/joystick/files/imagestream.yml @@ -0,0 +1,10 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: ImageStream + metadata: + name: joystick + labels: + build: joystick +kind: List +metadata: {} diff --git a/roles/openshift-apps/joystick/templates/buildconfig.yml b/roles/openshift-apps/joystick/templates/buildconfig.yml new file mode 100644 index 0000000000..1de5d5d240 --- /dev/null +++ b/roles/openshift-apps/joystick/templates/buildconfig.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: BuildConfig + metadata: + labels: + build: joystick-build + name: joystick-build + spec: + runPolicy: Serial + source: + dockerfile: |- + FROM fedora:29 + LABEL maintainer "Sayan Chowdhury " + + RUN curl -o /etc/yum.repos.d/infra-tags.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/fedora-infra-tags.repo +{% if env == "staging" %} + RUN curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/fedora-infra-tags-stg.repo +{% endif %} + WORKDIR /src + RUN dnf -y install \ + git \ + python3-setuptools \ + python3-pip \ + mantle \ + fedora-messaging \ + python3-fedfind && \ + dnf autoremve -y \ + dnf clean all -y \ + type: Dockerfile + git: + uri: https://pagure.io/joystick.git +{% if env == 'staging' %} + ref: staging +{% else %} + ref: production +{% endif %} + strategy: + type: Docker + output: + to: + kind: ImageStreamTag + name: joystick:latest + triggers: + - type: ConfigChange + - type: ImageChange +kind: List +metadata: {} diff --git a/roles/openshift-apps/joystick/templates/configmap.yml b/roles/openshift-apps/joystick/templates/configmap.yml new file mode 100644 index 0000000000..8b2f6de746 --- /dev/null +++ b/roles/openshift-apps/joystick/templates/configmap.yml @@ -0,0 +1,91 @@ +---- +apiVersion: v1 +kind: List +metadata: {} +items: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: joystick-configmap + labels: + app: joystick + data: + config.toml: |- + # Example configuration for Fedora Messaging + # For complete documentation check + # https://fedora-messaging.readthedocs.io/en/latest/configuration.html. + + amqp_url = "amqps://joystick:@rabbitmq01{{ env_suffix }}.phx2.fedoraproject.org/%2Fpubsub" + +{% if env == "staging" %} + topic_prefix = "org.fedoraproject.stg" +{% else %} + topic_prefix = "org.fedoraproject.prod" +{% endif %} + passive_declares = true + publish_exchange = "amq.topic" + callback = "joystick.consumers.fedora_messaging_consumer:JoyStickController" + + [[bindings]] + queue = "joystick{{env_suffix}}" + exchange = "amq.topic" + routing_keys = ["org.fedoraproject.*.pungi.compose.status.change"] + + [tls] + ca_cert = "/etc/fedora-messaging/cacert.pem" + keyfile = "/etc/fedora-messaging/fedora-key.pem" + certfile = "/etc/fedora-messaging/fedora-cert.pem" + + [client_properties] + app = "joystick" + + [exchanges."amq.topic"] + type = "topic" + durable = true + auto_delete = false + arguments = {} + + [queues."joystick{{env_suffix}}"] + durable = true + auto_delete = false + exclusive = false + arguments = {} + + [qos] + prefetch_size = 0 + prefetch_count = 25 + + [log_config] + version = 1 + disable_existing_loggers = true + + [log_config.formatters.simple] + format = "[%(name)s %(levelname)s] %(message)s" + + [log_config.handlers.console] + class = "logging.StreamHandler" + formatter = "simple" + stream = "ext://sys.stdout" + + [log_config.loggers.fedora_messaging] + level = "INFO" + propagate = false + handlers = ["console"] + + [log_config.root] + level = "DEBUG" + handlers = ["console"] + + # joystick consumer configuration + [consumer_config] + topic_prefix = 'org.fedoraproject' +{% if env == "staging" %} + environment = 'stg' +{% else %} + environment = 'prod' +{% endif %} +{% if env == "staging" %} + regions = ["us-east-2"] +{% else %} + regions = ["us-east-2"] +{% endif %}