Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

s/user_username/user_name/g

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2024-12-03 11:12:47 +01:00
parent b9ed0ea60d
commit d23b6f2d9b
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
34 changed files with 41 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

2
playbooks/groups/batcave.yml
View file

@ -31,7 +31,7 @@
certname: "{{wildcard_cert_name}}"
SSLCertificateChainFile: "{{wildcard_int_file}}"
- role: rabbit/user
user_username: "batcave{{ env_suffix }}"
user_name: "batcave{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(ansible|git|infragit|logger)\..*
- role: rabbit/queue
username: "mirror_pagure_ansible{{ env_suffix }}"

2
playbooks/groups/koji-hub.yml
View file

@ -120,7 +120,7 @@
- sudo
- role: rabbit/user
user_username: "koji{{ env_suffix }}"
user_name: "koji{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.buildsys\..*
tasks:

2
playbooks/groups/logserver.yml
View file

@ -34,7 +34,7 @@
when: env == "production"
# Set up for fedora-messaging
- role: rabbit/user
user_username: "logging{{ env_suffix }}"
user_name: "logging{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.logging\.stats\..*
- logging

2
playbooks/groups/mailman.yml
View file

@ -98,7 +98,7 @@
- role: mailman3
# Set up for fedora-messaging
- role: rabbit/user
user_username: "mailman{{ env_suffix }}"
user_name: "mailman{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.mailman\..*
tasks:

4
playbooks/groups/openqa.yml
View file

@ -52,7 +52,7 @@
# user and impersonate prod openqa on the message bus, which is
# not a huge deal. fixing it would be kinda tedious.
- role: rabbit/user
user_username: "{{ openqa_amqp_prod_username }}"
user_name: "{{ openqa_amqp_prod_username }}"
user_publish_only: false
user_sent_topics: ^org\.fedoraproject\.prod\.(openqa|ci)\..*
vars:
@ -61,7 +61,7 @@
tags: ['rabbit']
- role: rabbit/user
user_username: "{{ openqa_amqp_stg_username }}"
user_name: "{{ openqa_amqp_stg_username }}"
user_publish_only: false
user_sent_topics: ^org\.fedoraproject\.stg\.(openqa|ci)\..*
vars:

2
playbooks/groups/pkgs.yml
View file

@ -93,7 +93,7 @@
- {role: hosts, when: env == "staging"}
# Set up for fedora-messaging
- role: rabbit/user
user_username: "pagure{{ env_suffix }}"
user_name: "pagure{{ env_suffix }}"
user_sent_topics:
^(io\.pagure\.{{ env_short }}|org\.fedoraproject\.{{ env_short }}\.(pagure|git|logger))\..*

2
playbooks/groups/releng-compose.yml
View file

@ -146,7 +146,7 @@
when: "'releng_compose' in group_names"
- role: rabbit/user
user_username: "pungi{{ env_suffix }}"
user_name: "pungi{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(pungi|compose|logger)\..*
- {

2
playbooks/groups/sundries.yml
View file

@ -54,7 +54,7 @@
- role: fedoraloveskde/build
when: master_sundries_node|bool
- role: rabbit/user
user_username: "sundries{{ env_suffix }}"
user_name: "sundries{{ env_suffix }}"
user_sent_topics: ^$
when: master_sundries_node|bool and deployment_type == "stg"
- role: nfs/client

2
playbooks/groups/wiki.yml
View file

@ -34,7 +34,7 @@
- apache
# Set up for fedora-messaging
- role: rabbit/user
user_username: "mediawiki{{ env_suffix }}"
user_name: "mediawiki{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(wiki|logger)\..*
when: inventory_hostname.startswith('wiki01')
- { role: nfs/client, when: env == "staging", mnt_dir: '/mnt/web/attachments', nfs_src_dir: 'fedora_app_staging/app/attachments', mount_stg: true }

2
playbooks/openshift-apps/badges.yml
View file

@ -61,7 +61,7 @@
roles:
- role: rabbit/user
user_username: "tahrir{{ env_suffix }}"
user_name: "tahrir{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.badges\..*
tags:
- config

2
playbooks/openshift-apps/bugzilla2fedmsg.yml
View file

@ -12,7 +12,7 @@
roles:
- role: rabbit/user
user_username: "bugzilla2fedmsg{{ env_suffix }}"
user_name: "bugzilla2fedmsg{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.bugzilla\..*
- role: openshift/project

2
playbooks/openshift-apps/cloud-image-uploader.yml
View file

@ -11,7 +11,7 @@
roles:
- role: rabbit/user
user_username: "cloud-image-uploader{{ env_suffix }}"
user_name: "cloud-image-uploader{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fedora_image_uploader\..*
- role: rabbit/queue

2
playbooks/openshift-apps/discourse2fedmsg.yml
View file

@ -11,7 +11,7 @@
roles:
- role: rabbit/user
user_username: "discourse2fedmsg{{ env_suffix }}"
user_name: "discourse2fedmsg{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.discourse\..*
- role: openshift/project

2
playbooks/openshift-apps/elections.yml
View file

@ -33,7 +33,7 @@
roles:
- role: rabbit/user
user_username: "elections{{ env_suffix }}"
user_name: "elections{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fedora_elections\..*
- role: openshift/project

2
playbooks/openshift-apps/fedocal.yml
View file

@ -11,7 +11,7 @@
roles:
- role: rabbit/user
user_username: "fedocal{{ env_suffix }}"
user_name: "fedocal{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fedocal\..*
- role: openshift/project

2
playbooks/openshift-apps/greenwave.yml
View file

@ -29,7 +29,7 @@
- apply-appowners
- role: rabbit/user
user_username: greenwave{{ env_suffix }}
user_name: greenwave{{ env_suffix }}
user_queue_name: greenwave{{ env_suffix }}
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.greenwave\..*

2
playbooks/openshift-apps/kerneltest.yml
View file

@ -40,7 +40,7 @@
roles:
- role: rabbit/user
user_username: "kerneltest{{ env_suffix }}"
user_name: "kerneltest{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.kerneltest\..*
- role: openshift/project

2
playbooks/openshift-apps/maubot.yml
View file

@ -32,7 +32,7 @@
roles:
- role: rabbit/user
user_username: "maubot{{ env_suffix }}"
user_name: "maubot{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(meetbot|maubot)\..*
- role: openshift/project

2
playbooks/openshift-apps/mdapi.yml
View file

@ -11,7 +11,7 @@
roles:
- role: rabbit/user
user_username: "mdapi{{ env_suffix }}"
user_name: "mdapi{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.mdapi\..*
- role: openshift/project

2
playbooks/openshift-apps/mirrormanager.yml
View file

@ -38,7 +38,7 @@
roles:
- role: rabbit/user
user_username: "mirrormanager{{ env_suffix }}"
user_name: "mirrormanager{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.mirrormanager\..*
tags:
- config

2
playbooks/openshift-apps/monitor_gating.yml
View file

@ -21,7 +21,7 @@
- patrikp
- role: rabbit/user
user_username: "monitor-gating{{ env_suffix }}"
user_name: "monitor-gating{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.monitor-gating\..*
- role: openshift/keytab

2
playbooks/openshift-apps/noggin-centos.yml
View file

@ -13,7 +13,7 @@
roles:
- role: rabbit/user
user_username: "noggin{{ env_suffix }}"
user_name: "noggin{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fas\..*
- role: openshift/project

2
playbooks/openshift-apps/noggin.yml
View file

@ -13,7 +13,7 @@
roles:
- role: rabbit/user
user_username: "noggin{{ env_suffix }}"
user_name: "noggin{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fas\..*
- role: openshift/project

2
playbooks/openshift-apps/openscanhub.yml
View file

@ -135,7 +135,7 @@
# Configurations for Fedora messaging
- role: rabbit/user
user_username: "openscanhub{{ env_suffix }}"
user_name: "openscanhub{{ env_suffix }}"
user_sent_topics: "{{ openscanhub_sent_topics }}"
- role: rabbit/queue

2
playbooks/openshift-apps/planet.yml
View file

@ -101,5 +101,5 @@
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/planet{{env_suffix}}.key"
- role: rabbit/user
user_username: "planet{{ env_suffix }}"
user_name: "planet{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.planet\..*

2
playbooks/openshift-apps/poddlers.yml
View file

@ -16,7 +16,7 @@
ansible.builtin.include_role:
name: rabbit/user
vars:
user_username: toddlers{{ env_suffix }}
user_name: toddlers{{ env_suffix }}
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.toddlers\..*
- name: Setup Rabbit Queue

2
playbooks/openshift-apps/release-monitoring.yml
View file

@ -12,7 +12,7 @@
roles:
- role: rabbit/user
user_username: "anitya{{ env_suffix }}"
user_name: "anitya{{ env_suffix }}"
user_sent_topics: ^org\.release-monitoring\.{{ env_short }}\.anitya\..*
- role: openshift/project
project_app: release-monitoring

2
playbooks/openshift-apps/resultsdb.yml
View file

@ -39,7 +39,7 @@
roles:
- role: rabbit/user
user_username: "resultsdb{{ env_suffix }}"
user_name: "resultsdb{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.resultsdb\..*
# The openshift/project role breaks if the project already exists:

2
playbooks/openshift-apps/waiverdb.yml
View file

@ -42,7 +42,7 @@
roles:
- role: rabbit/user
user_username: "waiverdb{{ env_suffix }}"
user_name: "waiverdb{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.waiverdb\..*
# The openshift/project role breaks if the project already exists:

2
playbooks/openshift-apps/webhook2fedmsg.yml
View file

@ -35,7 +35,7 @@
roles:
- role: rabbit/user
user_username: "webhook2fedmsg{{ env_suffix }}"
user_name: "webhook2fedmsg{{ env_suffix }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(github|discourse)\..*
- role: openshift/project

2
roles/messaging/base/tasks/main.yml
View file

@ -56,7 +56,7 @@
- name: "make sure the user exists on broker"
include_role: name=rabbit/user
vars:
- user_username: "{{ item.username }}{{ env_suffix }}"
- user_name: "{{ item.username }}{{ env_suffix }}"
user_sent_topics: "{{ item.sent_topics }}"
with_items: "{{ messaging.certificates }}"
tags:

2
roles/rabbit/user/defaults/main.yml
View file

@ -6,7 +6,7 @@ user_publish_only: true
# Read privileges:
# If publish_only: no reading. Otherwise, read from queues prefixed
# with their name and bind to the topic exchange
user_read_priv: "{{ user_publish_only|ternary('^$', '^(zmq\\.topic)|^(amq\\.topic)|(' + user_username + '.*)$') }}"
user_read_priv: "{{ user_publish_only|ternary('^$', '^(zmq\\.topic)|^(amq\\.topic)|(' + user_name + '.*)$') }}"
# Write privileges:
# If publish_only: only write to the exchange. Otherwise, write to

14
roles/rabbit/user/tasks/main.yml
View file

@ -17,13 +17,13 @@
# See https://www.rabbitmq.com/access-control.html#permissions for details on
# the RabbitMQ permissions configuration.
- name: Validate username {{ user_username }}
- name: Validate username {{ user_name }}
assert:
that:
- user_username is defined
- user_username != "admin"
- user_username != "guest"
- user_username != "nagios-monitoring"
- user_name is defined
- user_name != "admin"
- user_name != "guest"
- user_name != "nagios-monitoring"
fail_msg: "This user name is reserved"
tags:
- config
@ -39,10 +39,10 @@
# See https://www.rabbitmq.com/access-control.html#permissions for details on
# the RabbitMQ permissions configuration.
- name: Create the {{ user_username }} user in RabbitMQ
- name: Create the {{ user_name }} user in RabbitMQ
delegate_to: "{{ user_rabbitmq_server }}"
community.rabbitmq.rabbitmq_user:
user: "{{ user_username }}"
user: "{{ user_name }}"
vhost: "{{ user_vhost }}"
read_priv: "{{ user_read_priv }}"
write_priv: "{{ user_write_priv }}"

2
roles/supybot/tasks/main.yml
View file

@ -99,7 +99,7 @@
import_role:
name: rabbit/user
vars:
user_username: "{{ botnames[env] }}"
user_name: "{{ botnames[env] }}"
user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.meetbot\..*
when:
- inventory_hostname.startswith('value02')