Prefix openshift/secret-file
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard
parent
dc65a76527
commit
cfb590c2ed
32 changed files with 405 additions and 405 deletions
|
|
@ -143,31 +143,31 @@
|
||||||
|
|
||||||
# Fedora Messaging
|
# Fedora Messaging
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: badges
|
secret_file_app: badges
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: badges
|
secret_file_app: badges
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: fedbadges-cert.pem
|
secret_file_key: fedbadges-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/fedbadges{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/fedbadges{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: badges
|
secret_file_app: badges
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: fedbadges-key.pem
|
secret_file_key: fedbadges-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/fedbadges{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/fedbadges{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: badges
|
secret_file_app: badges
|
||||||
secret_name: tahrir-fedora-messaging-crt
|
secret_file_secret_name: tahrir-fedora-messaging-crt
|
||||||
key: tahrir-cert.pem
|
secret_file_key: tahrir-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/tahrir{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/tahrir{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: badges
|
secret_file_app: badges
|
||||||
secret_name: tahrir-fedora-messaging-key
|
secret_file_secret_name: tahrir-fedora-messaging-key
|
||||||
key: tahrir-key.pem
|
secret_file_key: tahrir-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/tahrir{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/tahrir{{env_suffix}}.key"
|
||||||
|
|
||||||
# FASJSON access
|
# FASJSON access
|
||||||
- role: openshift/ipa-client
|
- role: openshift/ipa-client
|
||||||
|
|
|
||||||
|
|
@ -80,20 +80,20 @@
|
||||||
keytab_service: bodhi
|
keytab_service: bodhi
|
||||||
keytab_host: "bodhi{{ env_suffix }}.fedoraproject.org"
|
keytab_host: "bodhi{{ env_suffix }}.fedoraproject.org"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bodhi
|
secret_file_app: bodhi
|
||||||
secret_name: bodhi-fedora-messaging-ca
|
secret_file_secret_name: bodhi-fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bodhi
|
secret_file_app: bodhi
|
||||||
secret_name: bodhi-fedora-messaging-crt
|
secret_file_secret_name: bodhi-fedora-messaging-crt
|
||||||
key: bodhi-cert.pem
|
secret_file_key: bodhi-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/bodhi{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/bodhi{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bodhi
|
secret_file_app: bodhi
|
||||||
secret_name: bodhi-fedora-messaging-key
|
secret_file_secret_name: bodhi-fedora-messaging-key
|
||||||
key: bodhi-key.pem
|
secret_file_key: bodhi-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/bodhi{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/bodhi{{env_suffix}}.key"
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: bodhi
|
object_app: bodhi
|
||||||
object_template: imagestreams-tagged.yml
|
object_template: imagestreams-tagged.yml
|
||||||
|
|
|
||||||
|
|
@ -26,35 +26,35 @@
|
||||||
|
|
||||||
# Fedora Messaging secrets
|
# Fedora Messaging secrets
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bugzilla2fedmsg
|
secret_file_app: bugzilla2fedmsg
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bugzilla2fedmsg
|
secret_file_app: bugzilla2fedmsg
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: bugzilla2fedmsg-cert.pem
|
secret_file_key: bugzilla2fedmsg-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/bugzilla2fedmsg{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/bugzilla2fedmsg{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bugzilla2fedmsg
|
secret_file_app: bugzilla2fedmsg
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: bugzilla2fedmsg-key.pem
|
secret_file_key: bugzilla2fedmsg-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/bugzilla2fedmsg{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/bugzilla2fedmsg{{env_suffix}}.key"
|
||||||
|
|
||||||
# STOMP secrets
|
# STOMP secrets
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bugzilla2fedmsg
|
secret_file_app: bugzilla2fedmsg
|
||||||
secret_name: stomp-crt
|
secret_file_secret_name: stomp-crt
|
||||||
key: msg-client-fedora-prod.crt
|
secret_file_key: msg-client-fedora-prod.crt
|
||||||
privatefile: "bugzilla2fedmsg/msg-client-fedora-prod.crt"
|
secret_file_privatefile: "bugzilla2fedmsg/msg-client-fedora-prod.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: bugzilla2fedmsg
|
secret_file_app: bugzilla2fedmsg
|
||||||
secret_name: stomp-key
|
secret_file_secret_name: stomp-key
|
||||||
key: msg-client-fedora-prod.key
|
secret_file_key: msg-client-fedora-prod.key
|
||||||
privatefile: "bugzilla2fedmsg/msg-client-fedora-prod.key"
|
secret_file_privatefile: "bugzilla2fedmsg/msg-client-fedora-prod.key"
|
||||||
|
|
||||||
# FASJSON access
|
# FASJSON access
|
||||||
- role: openshift/ipa-client
|
- role: openshift/ipa-client
|
||||||
|
|
|
||||||
|
|
@ -77,34 +77,34 @@
|
||||||
- "westus3"
|
- "westus3"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: cloud-image-uploader
|
secret_file_app: cloud-image-uploader
|
||||||
secret_name: cloud-image-uploader-fedora-messaging-key
|
secret_file_secret_name: cloud-image-uploader-fedora-messaging-key
|
||||||
key: cloud-image-uploader.key
|
secret_file_key: cloud-image-uploader.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/cloud-image-uploader{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/cloud-image-uploader{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: cloud-image-uploader
|
secret_file_app: cloud-image-uploader
|
||||||
secret_name: cloud-image-uploader-fedora-messaging-crt
|
secret_file_secret_name: cloud-image-uploader-fedora-messaging-crt
|
||||||
key: cloud-image-uploader.crt
|
secret_file_key: cloud-image-uploader.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/cloud-image-uploader{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/cloud-image-uploader{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: cloud-image-uploader
|
secret_file_app: cloud-image-uploader
|
||||||
secret_name: cloud-image-uploader-fedora-messaging-ca
|
secret_file_secret_name: cloud-image-uploader-fedora-messaging-ca
|
||||||
key: cloud-image-uploader.ca
|
secret_file_key: cloud-image-uploader.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: cloud-image-uploader
|
secret_file_app: cloud-image-uploader
|
||||||
secret_name: registry-fedoraproject-cert
|
secret_file_secret_name: registry-fedoraproject-cert
|
||||||
key: registry-fedoraproject.cert
|
secret_file_key: registry-fedoraproject.cert
|
||||||
privatefile: "docker-registry/{{env}}/pki/issued/containerstable.crt"
|
secret_file_privatefile: "docker-registry/{{env}}/pki/issued/containerstable.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: cloud-image-uploader
|
secret_file_app: cloud-image-uploader
|
||||||
secret_name: registry-fedoraproject-key
|
secret_file_secret_name: registry-fedoraproject-key
|
||||||
key: registry-fedoraproject.key
|
secret_file_key: registry-fedoraproject.key
|
||||||
privatefile: "docker-registry/{{env}}/pki/private/containerstable.key"
|
secret_file_privatefile: "docker-registry/{{env}}/pki/private/containerstable.key"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: cloud-image-uploader
|
object_app: cloud-image-uploader
|
||||||
|
|
|
||||||
|
|
@ -54,20 +54,20 @@
|
||||||
|
|
||||||
# Fedora Messaging secrets
|
# Fedora Messaging secrets
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: coreos-ostree-importer
|
secret_file_app: coreos-ostree-importer
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: "{{ fedora_messaging_ca_file }}"
|
secret_file_key: "{{ fedora_messaging_ca_file }}"
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: coreos-ostree-importer
|
secret_file_app: coreos-ostree-importer
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: "{{ fedora_messaging_cert_file }}"
|
secret_file_key: "{{ fedora_messaging_cert_file }}"
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/coreos-ostree-importer{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/coreos-ostree-importer{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: coreos-ostree-importer
|
secret_file_app: coreos-ostree-importer
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: "{{ fedora_messaging_key_file }}"
|
secret_file_key: "{{ fedora_messaging_key_file }}"
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/coreos-ostree-importer{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/coreos-ostree-importer{{env_suffix}}.key"
|
||||||
|
|
||||||
# Fedora Messaging config
|
# Fedora Messaging config
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
|
|
|
||||||
|
|
@ -48,20 +48,20 @@
|
||||||
when: env == "staging"
|
when: env == "staging"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: datanommer
|
secret_file_app: datanommer
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: datanommer
|
secret_file_app: datanommer
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: datanommer-cert.pem
|
secret_file_key: datanommer-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/datanommer{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/datanommer{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: datanommer
|
secret_file_app: datanommer
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: datanommer-key.pem
|
secret_file_key: datanommer-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/datanommer{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/datanommer{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: datanommer
|
object_app: datanommer
|
||||||
|
|
|
||||||
|
|
@ -25,20 +25,20 @@
|
||||||
- apply-appowners
|
- apply-appowners
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: discourse2fedmsg
|
secret_file_app: discourse2fedmsg
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: discourse2fedmsg
|
secret_file_app: discourse2fedmsg
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: discourse2fedmsg-cert.pem
|
secret_file_key: discourse2fedmsg-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/discourse2fedmsg{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/discourse2fedmsg{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: discourse2fedmsg
|
secret_file_app: discourse2fedmsg
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: discourse2fedmsg-key.pem
|
secret_file_key: discourse2fedmsg-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/discourse2fedmsg{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/discourse2fedmsg{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/imagestream
|
- role: openshift/imagestream
|
||||||
imagestream_app: discourse2fedmsg
|
imagestream_app: discourse2fedmsg
|
||||||
|
|
|
||||||
|
|
@ -65,22 +65,22 @@
|
||||||
object_objectname: buildconfig.yml
|
object_objectname: buildconfig.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: elections
|
secret_file_app: elections
|
||||||
secret_name: elections-fedora-messaging-key
|
secret_file_secret_name: elections-fedora-messaging-key
|
||||||
key: elections.key
|
secret_file_key: elections.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/elections{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/elections{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: elections
|
secret_file_app: elections
|
||||||
secret_name: elections-fedora-messaging-crt
|
secret_file_secret_name: elections-fedora-messaging-crt
|
||||||
key: elections.crt
|
secret_file_key: elections.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/elections{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/elections{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: elections
|
secret_file_app: elections
|
||||||
secret_name: elections-fedora-messaging-ca
|
secret_file_secret_name: elections-fedora-messaging-ca
|
||||||
key: elections.ca
|
secret_file_key: elections.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: elections
|
object_app: elections
|
||||||
|
|
|
||||||
|
|
@ -64,10 +64,10 @@
|
||||||
|
|
||||||
# Session secret key
|
# Session secret key
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: fasjson
|
secret_file_app: fasjson
|
||||||
secret_name: session-key
|
secret_file_secret_name: session-key
|
||||||
key: session.key
|
secret_file_key: session.key
|
||||||
privatefile: "fasjson/session.{{env}}.key"
|
secret_file_privatefile: "fasjson/session.{{env}}.key"
|
||||||
|
|
||||||
- role: openshift/imagestream
|
- role: openshift/imagestream
|
||||||
imagestream_app: fasjson
|
imagestream_app: fasjson
|
||||||
|
|
|
||||||
|
|
@ -31,22 +31,22 @@
|
||||||
object_objectname: buildconfig.yml
|
object_objectname: buildconfig.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: fedocal
|
secret_file_app: fedocal
|
||||||
secret_name: fedocal-fedora-messaging-key
|
secret_file_secret_name: fedocal-fedora-messaging-key
|
||||||
key: fedocal.key
|
secret_file_key: fedocal.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/fedocal{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/fedocal{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: fedocal
|
secret_file_app: fedocal
|
||||||
secret_name: fedocal-fedora-messaging-crt
|
secret_file_secret_name: fedocal-fedora-messaging-crt
|
||||||
key: fedocal.crt
|
secret_file_key: fedocal.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/fedocal{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/fedocal{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: fedocal
|
secret_file_app: fedocal
|
||||||
secret_name: fedocal-fedora-messaging-ca
|
secret_file_secret_name: fedocal-fedora-messaging-ca
|
||||||
key: fedocal.ca
|
secret_file_key: fedocal.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: fedocal
|
object_app: fedocal
|
||||||
|
|
|
||||||
|
|
@ -184,20 +184,20 @@
|
||||||
|
|
||||||
# Fedora Messaging
|
# Fedora Messaging
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: fmn
|
secret_file_app: fmn
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: fmn
|
secret_file_app: fmn
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: fmn-cert.pem
|
secret_file_key: fmn-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/fmn{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/fmn{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: fmn
|
secret_file_app: fmn
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: fmn-key.pem
|
secret_file_key: fmn-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/fmn{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/fmn{{env_suffix}}.key"
|
||||||
|
|
||||||
# Deployment config
|
# Deployment config
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
|
|
|
||||||
|
|
@ -34,22 +34,22 @@
|
||||||
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.greenwave\..*
|
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.greenwave\..*
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: greenwave
|
secret_file_app: greenwave
|
||||||
secret_name: greenwave-fedora-messaging-key
|
secret_file_secret_name: greenwave-fedora-messaging-key
|
||||||
key: greenwave.key
|
secret_file_key: greenwave.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/greenwave{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/greenwave{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: greenwave
|
secret_file_app: greenwave
|
||||||
secret_name: greenwave-fedora-messaging-crt
|
secret_file_secret_name: greenwave-fedora-messaging-crt
|
||||||
key: greenwave.crt
|
secret_file_key: greenwave.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/greenwave{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/greenwave{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: greenwave
|
secret_file_app: greenwave
|
||||||
secret_name: greenwave-fedora-messaging-ca
|
secret_file_secret_name: greenwave-fedora-messaging-ca
|
||||||
key: greenwave.ca
|
secret_file_key: greenwave.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: greenwave
|
object_app: greenwave
|
||||||
|
|
|
||||||
|
|
@ -53,20 +53,20 @@
|
||||||
- apply-appowners
|
- apply-appowners
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: kerneltest
|
secret_file_app: kerneltest
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: kerneltest
|
secret_file_app: kerneltest
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: kerneltest-cert.pem
|
secret_file_key: kerneltest-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/kerneltest{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/kerneltest{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: kerneltest
|
secret_file_app: kerneltest
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: kerneltest-key.pem
|
secret_file_key: kerneltest-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/kerneltest{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/kerneltest{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: kerneltest
|
object_app: kerneltest
|
||||||
|
|
|
||||||
|
|
@ -73,22 +73,22 @@
|
||||||
object_objectname: configmap.yml
|
object_objectname: configmap.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: maubot
|
secret_file_app: maubot
|
||||||
secret_name: maubot-fedora-messaging-key
|
secret_file_secret_name: maubot-fedora-messaging-key
|
||||||
key: maubot.key
|
secret_file_key: maubot.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/maubot{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/maubot{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: maubot
|
secret_file_app: maubot
|
||||||
secret_name: maubot-fedora-messaging-crt
|
secret_file_secret_name: maubot-fedora-messaging-crt
|
||||||
key: maubot.crt
|
secret_file_key: maubot.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/maubot{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/maubot{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: maubot
|
secret_file_app: maubot
|
||||||
secret_name: maubot-fedora-messaging-ca
|
secret_file_secret_name: maubot-fedora-messaging-ca
|
||||||
key: maubot.ca
|
secret_file_key: maubot.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/start-build
|
- role: openshift/start-build
|
||||||
app: maubot
|
app: maubot
|
||||||
|
|
|
||||||
|
|
@ -42,22 +42,22 @@
|
||||||
object_objectname: configmap.yml
|
object_objectname: configmap.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: mdapi
|
secret_file_app: mdapi
|
||||||
secret_name: mdapi-fedora-messaging-key
|
secret_file_secret_name: mdapi-fedora-messaging-key
|
||||||
key: mdapi.key
|
secret_file_key: mdapi.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/mdapi{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/mdapi{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: mdapi
|
secret_file_app: mdapi
|
||||||
secret_name: mdapi-fedora-messaging-crt
|
secret_file_secret_name: mdapi-fedora-messaging-crt
|
||||||
key: mdapi.crt
|
secret_file_key: mdapi.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/mdapi{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/mdapi{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: mdapi
|
secret_file_app: mdapi
|
||||||
secret_name: mdapi-fedora-messaging-ca
|
secret_file_secret_name: mdapi-fedora-messaging-ca
|
||||||
key: mdapi.ca
|
secret_file_key: mdapi.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: mdapi
|
object_app: mdapi
|
||||||
|
|
|
||||||
|
|
@ -96,31 +96,31 @@
|
||||||
- appowners
|
- appowners
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: messaging-bridges
|
secret_file_app: messaging-bridges
|
||||||
secret_name: fedmsg-key
|
secret_file_secret_name: fedmsg-key
|
||||||
key: fedmsg-fedmsg-migration-tools.key
|
secret_file_key: fedmsg-fedmsg-migration-tools.key
|
||||||
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.key"
|
secret_file_privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.key"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: messaging-bridges
|
secret_file_app: messaging-bridges
|
||||||
secret_name: fedmsg-cert
|
secret_file_secret_name: fedmsg-cert
|
||||||
key: fedmsg-fedmsg-migration-tools.crt
|
secret_file_key: fedmsg-fedmsg-migration-tools.crt
|
||||||
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt"
|
secret_file_privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: messaging-bridges
|
secret_file_app: messaging-bridges
|
||||||
secret_name: rabbitmq-ca
|
secret_file_secret_name: rabbitmq-ca
|
||||||
key: rabbitmq-ca.crt
|
secret_file_key: rabbitmq-ca.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: messaging-bridges
|
secret_file_app: messaging-bridges
|
||||||
secret_name: rabbitmq-key
|
secret_file_secret_name: rabbitmq-key
|
||||||
key: rabbitmq-fedmsg-migration-tools.key
|
secret_file_key: rabbitmq-fedmsg-migration-tools.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/messaging-bridge{{env_suffix}}.fedoraproject.org.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/messaging-bridge{{env_suffix}}.fedoraproject.org.key"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: messaging-bridges
|
secret_file_app: messaging-bridges
|
||||||
secret_name: rabbitmq-cert
|
secret_file_secret_name: rabbitmq-cert
|
||||||
key: rabbitmq-fedmsg-migration-tools.crt
|
secret_file_key: rabbitmq-fedmsg-migration-tools.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/messaging-bridge{{env_suffix}}.fedoraproject.org.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/messaging-bridge{{env_suffix}}.fedoraproject.org.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: messaging-bridges
|
object_app: messaging-bridges
|
||||||
|
|
|
||||||
|
|
@ -108,27 +108,27 @@
|
||||||
|
|
||||||
# SSH key to get the access logs
|
# SSH key to get the access logs
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: mirrormanager
|
secret_file_app: mirrormanager
|
||||||
secret_name: ssh-mirrorlist-proxies-key
|
secret_file_secret_name: ssh-mirrorlist-proxies-key
|
||||||
key: ssh_mirrorlist_proxies.key
|
secret_file_key: ssh_mirrorlist_proxies.key
|
||||||
privatefile: "mirrormanager/id_rsa"
|
secret_file_privatefile: "mirrormanager/id_rsa"
|
||||||
|
|
||||||
# Fedora Messaging
|
# Fedora Messaging
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: mirrormanager
|
secret_file_app: mirrormanager
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: mirrormanager
|
secret_file_app: mirrormanager
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: cert.pem
|
secret_file_key: cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/mirrormanager{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/mirrormanager{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: mirrormanager
|
secret_file_app: mirrormanager
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: key.pem
|
secret_file_key: key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/mirrormanager{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/mirrormanager{{env_suffix}}.key"
|
||||||
|
|
||||||
# Deployment config
|
# Deployment config
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
|
|
|
||||||
|
|
@ -31,22 +31,22 @@
|
||||||
keytab_service: packagerbot
|
keytab_service: packagerbot
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: monitor-gating
|
secret_file_app: monitor-gating
|
||||||
secret_name: monitor-gating-fedora-messaging-key
|
secret_file_secret_name: monitor-gating-fedora-messaging-key
|
||||||
key: monitor-gating.key
|
secret_file_key: monitor-gating.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/monitor-gating{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/monitor-gating{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: monitor-gating
|
secret_file_app: monitor-gating
|
||||||
secret_name: monitor-gating-fedora-messaging-crt
|
secret_file_secret_name: monitor-gating-fedora-messaging-crt
|
||||||
key: monitor-gating.crt
|
secret_file_key: monitor-gating.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/monitor-gating{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/monitor-gating{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: monitor-gating
|
secret_file_app: monitor-gating
|
||||||
secret_name: monitor-gating-fedora-messaging-ca
|
secret_file_secret_name: monitor-gating-fedora-messaging-ca
|
||||||
key: monitor-gating.ca
|
secret_file_key: monitor-gating.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: monitor-gating
|
object_app: monitor-gating
|
||||||
|
|
@ -69,10 +69,10 @@
|
||||||
object_objectname: configmap.yml
|
object_objectname: configmap.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: monitor-gating
|
secret_file_app: monitor-gating
|
||||||
secret_name: monitor-gating-ssh
|
secret_file_secret_name: monitor-gating-ssh
|
||||||
key: id_rsa
|
secret_file_key: id_rsa
|
||||||
privatefile: "git-ssh/monitor_gating"
|
secret_file_privatefile: "git-ssh/monitor_gating"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: monitor-gating
|
object_app: monitor-gating
|
||||||
|
|
|
||||||
|
|
@ -38,20 +38,20 @@
|
||||||
when: env == "staging"
|
when: env == "staging"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: noggin-centos
|
secret_file_app: noggin-centos
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: noggin-centos
|
secret_file_app: noggin-centos
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: noggin-cert.pem
|
secret_file_key: noggin-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/noggin{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/noggin{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: noggin-centos
|
secret_file_app: noggin-centos
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: noggin-key.pem
|
secret_file_key: noggin-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/noggin{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/noggin{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/imagestream
|
- role: openshift/imagestream
|
||||||
imagestream_app: noggin-centos
|
imagestream_app: noggin-centos
|
||||||
|
|
|
||||||
|
|
@ -38,20 +38,20 @@
|
||||||
when: env == "staging"
|
when: env == "staging"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: noggin
|
secret_file_app: noggin
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: noggin
|
secret_file_app: noggin
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: noggin-cert.pem
|
secret_file_key: noggin-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/noggin{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/noggin{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: noggin
|
secret_file_app: noggin
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: noggin-key.pem
|
secret_file_key: noggin-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/noggin{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/noggin{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/imagestream
|
- role: openshift/imagestream
|
||||||
imagestream_app: noggin
|
imagestream_app: noggin
|
||||||
|
|
|
||||||
|
|
@ -148,20 +148,20 @@
|
||||||
sent_topics: "{{ openscanhub_sent_topics }}"
|
sent_topics: "{{ openscanhub_sent_topics }}"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: openscanhub
|
secret_file_app: openscanhub
|
||||||
secret_name: openscanhub-fedora-messaging-ca
|
secret_file_secret_name: openscanhub-fedora-messaging-ca
|
||||||
key: fedora-messaging-openscanhub-ca.crt
|
secret_file_key: fedora-messaging-openscanhub-ca.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: openscanhub
|
secret_file_app: openscanhub
|
||||||
secret_name: openscanhub-fedora-messaging-key
|
secret_file_secret_name: openscanhub-fedora-messaging-key
|
||||||
key: fedora-messaging-openscanhub.key
|
secret_file_key: fedora-messaging-openscanhub.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/openscanhub{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/openscanhub{{env_suffix}}.key"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: openscanhub
|
secret_file_app: openscanhub
|
||||||
secret_name: openscanhub-fedora-messaging-cert
|
secret_file_secret_name: openscanhub-fedora-messaging-cert
|
||||||
key: fedora-messaging-openscanhub.crt
|
secret_file_key: fedora-messaging-openscanhub.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/openscanhub{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/openscanhub{{env_suffix}}.crt"
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: openscanhub
|
object_app: openscanhub
|
||||||
object_template: fedora-messaging-configmap.yml
|
object_template: fedora-messaging-configmap.yml
|
||||||
|
|
|
||||||
|
|
@ -83,22 +83,22 @@
|
||||||
object_objectname: cronjob.yml
|
object_objectname: cronjob.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: planet
|
secret_file_app: planet
|
||||||
secret_name: planet-fedora-messaging-ca
|
secret_file_secret_name: planet-fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: planet
|
secret_file_app: planet
|
||||||
secret_name: planet-fedora-messaging-crt
|
secret_file_secret_name: planet-fedora-messaging-crt
|
||||||
key: planet-cert.pem
|
secret_file_key: planet-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/planet{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/planet{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: planet
|
secret_file_app: planet
|
||||||
secret_name: planet-fedora-messaging-key
|
secret_file_secret_name: planet-fedora-messaging-key
|
||||||
key: planet-key.pem
|
secret_file_key: planet-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/planet{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/planet{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: rabbit/user
|
- role: rabbit/user
|
||||||
user_username: "planet{{ env_suffix }}"
|
user_username: "planet{{ env_suffix }}"
|
||||||
|
|
|
||||||
|
|
@ -61,22 +61,22 @@
|
||||||
object_objectname: buildconfig.yml
|
object_objectname: buildconfig.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: poddlers
|
secret_file_app: poddlers
|
||||||
secret_name: toddlers-fedora-messaging-key
|
secret_file_secret_name: toddlers-fedora-messaging-key
|
||||||
key: toddlers.key
|
secret_file_key: toddlers.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/toddlers{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/toddlers{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: poddlers
|
secret_file_app: poddlers
|
||||||
secret_name: toddlers-fedora-messaging-crt
|
secret_file_secret_name: toddlers-fedora-messaging-crt
|
||||||
key: toddlers.crt
|
secret_file_key: toddlers.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/toddlers{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/toddlers{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: poddlers
|
secret_file_app: poddlers
|
||||||
secret_name: toddlers-fedora-messaging-ca
|
secret_file_secret_name: toddlers-fedora-messaging-ca
|
||||||
key: toddlers.ca
|
secret_file_key: toddlers.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: poddlers
|
object_app: poddlers
|
||||||
|
|
|
||||||
|
|
@ -20,20 +20,20 @@
|
||||||
project_appowners:
|
project_appowners:
|
||||||
- zlopez
|
- zlopez
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: release-monitoring
|
secret_file_app: release-monitoring
|
||||||
secret_name: release-monitoring-fedora-messaging-ca
|
secret_file_secret_name: release-monitoring-fedora-messaging-ca
|
||||||
key: fedora-messaging-release-monitoring-ca.crt
|
secret_file_key: fedora-messaging-release-monitoring-ca.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: release-monitoring
|
secret_file_app: release-monitoring
|
||||||
secret_name: release-monitoring-fedora-messaging-key
|
secret_file_secret_name: release-monitoring-fedora-messaging-key
|
||||||
key: fedora-messaging-release-monitoring.key
|
secret_file_key: fedora-messaging-release-monitoring.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/anitya{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/anitya{{env_suffix}}.key"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: release-monitoring
|
secret_file_app: release-monitoring
|
||||||
secret_name: release-monitoring-fedora-messaging-cert
|
secret_file_secret_name: release-monitoring-fedora-messaging-cert
|
||||||
key: fedora-messaging-release-monitoring.crt
|
secret_file_key: fedora-messaging-release-monitoring.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/anitya{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/anitya{{env_suffix}}.crt"
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: release-monitoring
|
object_app: release-monitoring
|
||||||
object_file: imagestream.yml
|
object_file: imagestream.yml
|
||||||
|
|
|
||||||
|
|
@ -39,22 +39,22 @@
|
||||||
- apply-appowners
|
- apply-appowners
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: resultsdb-ci-listener
|
secret_file_app: resultsdb-ci-listener
|
||||||
secret_name: resultsdb-ci-listener-fedora-messaging-key
|
secret_file_secret_name: resultsdb-ci-listener-fedora-messaging-key
|
||||||
key: resultsdb-ci-listener.key
|
secret_file_key: resultsdb-ci-listener.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/resultsdb{{env_suffix}}_ci_listener.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/resultsdb{{env_suffix}}_ci_listener.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: resultsdb-ci-listener
|
secret_file_app: resultsdb-ci-listener
|
||||||
secret_name: resultsdb-ci-listener-fedora-messaging-crt
|
secret_file_secret_name: resultsdb-ci-listener-fedora-messaging-crt
|
||||||
key: resultsdb-ci-listener.crt
|
secret_file_key: resultsdb-ci-listener.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/resultsdb{{env_suffix}}_ci_listener.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/resultsdb{{env_suffix}}_ci_listener.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: resultsdb-ci-listener
|
secret_file_app: resultsdb-ci-listener
|
||||||
secret_name: resultsdb-ci-listener-fedora-messaging-ca
|
secret_file_secret_name: resultsdb-ci-listener-fedora-messaging-ca
|
||||||
key: resultsdb-ci-listener.ca
|
secret_file_key: resultsdb-ci-listener.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: resultsdb-ci-listener
|
object_app: resultsdb-ci-listener
|
||||||
|
|
|
||||||
|
|
@ -56,22 +56,22 @@
|
||||||
- apply-appowners
|
- apply-appowners
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: resultsdb
|
secret_file_app: resultsdb
|
||||||
secret_name: resultsdb-fedora-messaging-key
|
secret_file_secret_name: resultsdb-fedora-messaging-key
|
||||||
key: resultsdb.key
|
secret_file_key: resultsdb.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/resultsdb{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/resultsdb{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: resultsdb
|
secret_file_app: resultsdb
|
||||||
secret_name: resultsdb-fedora-messaging-crt
|
secret_file_secret_name: resultsdb-fedora-messaging-crt
|
||||||
key: resultsdb.crt
|
secret_file_key: resultsdb.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/resultsdb{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/resultsdb{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: resultsdb
|
secret_file_app: resultsdb
|
||||||
secret_name: resultsdb-fedora-messaging-ca
|
secret_file_secret_name: resultsdb-fedora-messaging-ca
|
||||||
key: resultsdb.ca
|
secret_file_key: resultsdb.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
# backend objects
|
# backend objects
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
|
|
|
||||||
|
|
@ -46,22 +46,22 @@
|
||||||
when: env == "staging"
|
when: env == "staging"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: the-new-hotness
|
secret_file_app: the-new-hotness
|
||||||
secret_name: the-new-hotness-fedora-messaging-ca
|
secret_file_secret_name: the-new-hotness-fedora-messaging-ca
|
||||||
key: fedora-messaging-the-new-hotness-ca.crt
|
secret_file_key: fedora-messaging-the-new-hotness-ca.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: the-new-hotness
|
secret_file_app: the-new-hotness
|
||||||
secret_name: the-new-hotness-fedora-messaging-key
|
secret_file_secret_name: the-new-hotness-fedora-messaging-key
|
||||||
key: fedora-messaging-the-new-hotness.key
|
secret_file_key: fedora-messaging-the-new-hotness.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/the-new-hotness{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/the-new-hotness{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: the-new-hotness
|
secret_file_app: the-new-hotness
|
||||||
secret_name: the-new-hotness-fedora-messaging-cert
|
secret_file_secret_name: the-new-hotness-fedora-messaging-cert
|
||||||
key: fedora-messaging-the-new-hotness.crt
|
secret_file_key: fedora-messaging-the-new-hotness.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/the-new-hotness{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/the-new-hotness{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: the-new-hotness
|
object_app: the-new-hotness
|
||||||
|
|
|
||||||
|
|
@ -75,22 +75,22 @@
|
||||||
object_objectname: buildconfig.yml
|
object_objectname: buildconfig.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: toddlers
|
secret_file_app: toddlers
|
||||||
secret_name: toddlers-fedora-messaging-key
|
secret_file_secret_name: toddlers-fedora-messaging-key
|
||||||
key: toddlers.key
|
secret_file_key: toddlers.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/toddlers{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/toddlers{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: toddlers
|
secret_file_app: toddlers
|
||||||
secret_name: toddlers-fedora-messaging-crt
|
secret_file_secret_name: toddlers-fedora-messaging-crt
|
||||||
key: toddlers.crt
|
secret_file_key: toddlers.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/toddlers{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/toddlers{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: toddlers
|
secret_file_app: toddlers
|
||||||
secret_name: toddlers-fedora-messaging-ca
|
secret_file_secret_name: toddlers-fedora-messaging-ca
|
||||||
key: toddlers.ca
|
secret_file_key: toddlers.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: toddlers
|
object_app: toddlers
|
||||||
|
|
|
||||||
|
|
@ -63,22 +63,22 @@
|
||||||
object_objectname: secret.yml
|
object_objectname: secret.yml
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: waiverdb
|
secret_file_app: waiverdb
|
||||||
secret_name: waiverdb-fedora-messaging-key
|
secret_file_secret_name: waiverdb-fedora-messaging-key
|
||||||
key: waiverdb.key
|
secret_file_key: waiverdb.key
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/waiverdb{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/waiverdb{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: waiverdb
|
secret_file_app: waiverdb
|
||||||
secret_name: waiverdb-fedora-messaging-crt
|
secret_file_secret_name: waiverdb-fedora-messaging-crt
|
||||||
key: waiverdb.crt
|
secret_file_key: waiverdb.crt
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/waiverdb{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/waiverdb{{env_suffix}}.crt"
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: waiverdb
|
secret_file_app: waiverdb
|
||||||
secret_name: waiverdb-fedora-messaging-ca
|
secret_file_secret_name: waiverdb-fedora-messaging-ca
|
||||||
key: waiverdb.ca
|
secret_file_key: waiverdb.ca
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
object_app: waiverdb
|
object_app: waiverdb
|
||||||
|
|
|
||||||
|
|
@ -50,20 +50,20 @@
|
||||||
- apply-appowners
|
- apply-appowners
|
||||||
|
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: webhook2fedmsg
|
secret_file_app: webhook2fedmsg
|
||||||
secret_name: fedora-messaging-ca
|
secret_file_secret_name: fedora-messaging-ca
|
||||||
key: cacert.pem
|
secret_file_key: cacert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: webhook2fedmsg
|
secret_file_app: webhook2fedmsg
|
||||||
secret_name: fedora-messaging-crt
|
secret_file_secret_name: fedora-messaging-crt
|
||||||
key: webhook2fedmsg-cert.pem
|
secret_file_key: webhook2fedmsg-cert.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/issued/webhook2fedmsg{{env_suffix}}.crt"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/webhook2fedmsg{{env_suffix}}.crt"
|
||||||
- role: openshift/secret-file
|
- role: openshift/secret-file
|
||||||
app: webhook2fedmsg
|
secret_file_app: webhook2fedmsg
|
||||||
secret_name: fedora-messaging-key
|
secret_file_secret_name: fedora-messaging-key
|
||||||
key: webhook2fedmsg-key.pem
|
secret_file_key: webhook2fedmsg-key.pem
|
||||||
privatefile: "rabbitmq/{{env}}/pki/private/webhook2fedmsg{{env_suffix}}.key"
|
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/webhook2fedmsg{{env_suffix}}.key"
|
||||||
|
|
||||||
- role: openshift/imagestream
|
- role: openshift/imagestream
|
||||||
imagestream_app: webhook2fedmsg
|
imagestream_app: webhook2fedmsg
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
os_app: "{{app}}"
|
os_app: "{{secret_file_app}}"
|
||||||
ocp4: false
|
ocp4: false
|
||||||
|
|
|
||||||
|
|
@ -1,32 +1,32 @@
|
||||||
---
|
---
|
||||||
- name: Copy template {{template}}
|
- name: Copy template {{secret_file_template}}
|
||||||
template: src={{roles_path}}/openshift-apps/{{app}}/templates/{{template}} dest=/etc/openshift_apps/{{os_app}}/{{key}}
|
template: src={{roles_path}}/openshift-apps/{{secret_file_app}}/templates/{{secret_file_template}} dest=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
|
||||||
when: template is defined
|
when: secret_file_template is defined
|
||||||
register: secret_template
|
register: secret_template
|
||||||
|
|
||||||
- name: Copy file {{file}}
|
- name: Copy file {{secret_file_file}}
|
||||||
copy: src={{roles_path}}/openshift-apps/{{app}}/files/{{file}} dest=/etc/openshift_apps/{{os_app}}/{{key}}
|
copy: src={{roles_path}}/openshift-apps/{{secret_file_app}}/files/{{secret_file_file}} dest=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
|
||||||
when: file is defined
|
when: secret_file_file is defined
|
||||||
register: secret_file
|
register: secret_file
|
||||||
|
|
||||||
- name: Copy private file {{privatefile}}
|
- name: Copy private file {{secret_file_privatefile}}
|
||||||
copy: src={{private}}/files/{{privatefile}} dest=/etc/openshift_apps/{{os_app}}/{{key}}
|
copy: src={{private}}/files/{{secret_file_privatefile}} dest=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
|
||||||
when: privatefile is defined
|
when: secret_file_privatefile is defined
|
||||||
register: secret_privatefile
|
register: secret_privatefile
|
||||||
|
|
||||||
- name: Delete existing secrets
|
- name: Delete existing secrets
|
||||||
shell: oc -n {{os_app}} delete secret/{{secret_name}}
|
shell: oc -n {{os_app}} delete secret/{{secret_file_secret_name}}
|
||||||
register: delete_out
|
register: delete_out
|
||||||
changed_when: "'NotFound' in delete_out.stderr"
|
changed_when: "'NotFound' in delete_out.stderr"
|
||||||
failed_when: "('NotFound' not in delete_out.stderr) and (delete_out.rc != 0)"
|
failed_when: "('NotFound' not in delete_out.stderr) and (delete_out.rc != 0)"
|
||||||
when: secret_template.changed or secret_file.changed or secret_privatefile.changed
|
when: secret_template.changed or secret_file.changed or secret_privatefile.changed
|
||||||
|
|
||||||
- name: Call `oc secrets new` on the copied file
|
- name: Call `oc secrets new` on the copied file
|
||||||
shell: oc -n {{os_app}} secrets new {{secret_name}} {{key}}=/etc/openshift_apps/{{os_app}}/{{key}}
|
shell: oc -n {{os_app}} secrets new {{secret_file_secret_name}} {{secret_file_key}}=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
|
||||||
register: create_out
|
register: create_out
|
||||||
when: not ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)
|
when: not ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)
|
||||||
|
|
||||||
- name: Call `oc create secret generic` on the copied file
|
- name: Call `oc create secret generic` on the copied file
|
||||||
shell: oc -n {{os_app}} create secret generic {{secret_name}} --from-file={{key}}=/etc/openshift_apps/{{os_app}}/{{key}}
|
shell: oc -n {{os_app}} create secret generic {{secret_file_secret_name}} --from-file={{secret_file_key}}=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
|
||||||
register: create_out
|
register: create_out
|
||||||
when: ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)
|
when: ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue