From c58d0339f0c6e80d18026b8a5b27a28a69d79efb Mon Sep 17 00:00:00 2001
From: Clement Verna <cverna@tutanota.com>
Date: Thu, 16 May 2019 14:51:41 +0200
Subject: [PATCH] waiverdb: use fedora-messaging in prod.

New version of waiverdb has dropped support for fedmsg

Signed-off-by: Clement Verna <cverna@tutanota.com>
---
 playbooks/openshift-apps/waiverdb.yml         | 17 -------------
 .../waiverdb/templates/buildconfig.yml        | 25 -------------------
 .../waiverdb/templates/deploymentconfig.yml   | 24 ------------------
 3 files changed, 66 deletions(-)

diff --git a/playbooks/openshift-apps/waiverdb.yml b/playbooks/openshift-apps/waiverdb.yml
index ce9dc076a7..01ee68ea43 100644
--- a/playbooks/openshift-apps/waiverdb.yml
+++ b/playbooks/openshift-apps/waiverdb.yml
@@ -41,35 +41,18 @@
       secret_name: waiverdb-fedora-messaging-key
       key: waiverdb.key
       privatefile: "rabbitmq/{{env}}/pki/private/waiverdb{{env_suffix}}.key"
-      when: env == "staging"
 
     - role: openshift/secret-file
       app: waiverdb
       secret_name: waiverdb-fedora-messaging-crt
       key: waiverdb.crt
       privatefile: "rabbitmq/{{env}}/pki/issued/waiverdb{{env_suffix}}.crt"
-      when: env == "staging"
 
     - role: openshift/secret-file
       app: waiverdb
       secret_name: waiverdb-fedora-messaging-ca
       key: waiverdb.ca
       privatefile: "rabbitmq/{{env}}/pki/ca.crt"
-      when: env == "staging"
-
-    - role: openshift/secret-file
-      app: waiverdb
-      secret_name: waiverdb-fedmsg-key
-      key: fedmsg-waiverdb.key
-      privatefile: fedmsg-certs/keys/waiverdb-waiverdb-web-waiverdb.app.os.fedoraproject.org.key
-      when: env != "staging"
-
-    - role: openshift/secret-file
-      app: waiverdb
-      secret_name: waiverdb-fedmsg-crt
-      key: fedmsg-waiverdb.crt
-      privatefile: fedmsg-certs/keys/waiverdb-waiverdb-web-waiverdb.app.os.fedoraproject.org.crt
-      when: env != "staging"
 
     - role: openshift/object
       app: waiverdb
diff --git a/roles/openshift-apps/waiverdb/templates/buildconfig.yml b/roles/openshift-apps/waiverdb/templates/buildconfig.yml
index d59f365dcd..a1318154d0 100644
--- a/roles/openshift-apps/waiverdb/templates/buildconfig.yml
+++ b/roles/openshift-apps/waiverdb/templates/buildconfig.yml
@@ -8,33 +8,8 @@ spec:
   runPolicy: Serial
   source:
     dockerfile: |-
-{% if env == 'staging' %}
       # See imagestream.yml for the definition
       FROM waiverdb-upstream:latest
-{% else %}
-      # See imagestream.yml for the definition
-      FROM waiverdb-upstream:latest
-
-      # fedmsg needs a username.
-      ENV USER=waiverdb
-
-      # Become root during build to chmod
-      USER 0
-
-      # create a symlink for configuring fedmsg.
-      RUN ln -sfn /etc/fedmsg-waiverdb.d/waiverdb.py /etc/fedmsg.d/zz_waiverdb.py
-
-      # And another two for putting the certs in place.
-      RUN mkdir -p /etc/pki/fedmsg/
-      RUN ln -sf /etc/pki/fedmsg/key/fedmsg-waiverdb.key /etc/pki/fedmsg/waiverdb.key
-      RUN ln -sf /etc/pki/fedmsg/crt/fedmsg-waiverdb.crt /etc/pki/fedmsg/waiverdb.crt
-
-      # Make sure fedmsg can write its CRL.
-      RUN chmod 777 /var/run/fedmsg/
-
-      # Become non-root again
-      USER 1001
-{% endif %}
   strategy:
     type: Docker
     dockerStrategy:
diff --git a/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml b/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml
index 06fd1d3ad3..a129851f7c 100644
--- a/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml
+++ b/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml
@@ -40,7 +40,6 @@ spec:
         - name: secret-volume
           mountPath: /etc/secret
           readOnly: true
-{% if env == 'staging' %}
         - name: fedora-messaging-ca-volume
           mountPath: /etc/pki/rabbitmq/ca
           readOnly: true
@@ -53,17 +52,6 @@ spec:
         - name: fedora-messaging-config-volume
           mountPath: /etc/fedora-messaging
           readOnly: true
-{% else %}
-        - name: fedmsg-key-volume
-          mountPath: /etc/pki/fedmsg/key
-          readOnly: true
-        - name: fedmsg-crt-volume
-          mountPath: /etc/pki/fedmsg/crt
-          readOnly: true
-        - name: fedmsg-config-volume
-          mountPath: /etc/fedmsg-waiverdb.d
-          readOnly: true
-{% endif %}
         env:
         - name: DATABASE_PASSWORD
           valueFrom:
@@ -97,7 +85,6 @@ spec:
       - name: secret-volume
         secret:
           secretName: waiverdb-secret
-{% if env == 'staging' %}
       - name: fedora-messaging-config-volume
         configMap:
           name: fedora-messaging-configmap
@@ -110,17 +97,6 @@ spec:
       - name: fedora-messaging-key-volume
         secret:
           secretName: waiverdb-fedora-messaging-key
-{% else %}
-      - name: fedmsg-config-volume
-        configMap:
-          name: waiverdb-fedmsg-configmap
-      - name: fedmsg-key-volume
-        secret:
-          secretName: waiverdb-fedmsg-key
-      - name: fedmsg-crt-volume
-        secret:
-          secretName: waiverdb-fedmsg-crt
-{% endif %}
   triggers:
   - type: ImageChange
     imageChangeParams: