diff --git a/playbooks/groups/batcave.yml b/playbooks/groups/batcave.yml index c82eda9b29..b750dae0a4 100644 --- a/playbooks/groups/batcave.yml +++ b/playbooks/groups/batcave.yml @@ -31,7 +31,7 @@ certname: "{{wildcard_cert_name}}" SSLCertificateChainFile: "{{wildcard_int_file}}" - role: rabbit/user - user_username: "batcave{{ env_suffix }}" + user_name: "batcave{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(ansible|git|infragit|logger)\..* - role: rabbit/queue username: "mirror_pagure_ansible{{ env_suffix }}" diff --git a/playbooks/groups/koji-hub.yml b/playbooks/groups/koji-hub.yml index ea9813f397..d7e83a5bef 100644 --- a/playbooks/groups/koji-hub.yml +++ b/playbooks/groups/koji-hub.yml @@ -120,7 +120,7 @@ - sudo - role: rabbit/user - user_username: "koji{{ env_suffix }}" + user_name: "koji{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.buildsys\..* tasks: diff --git a/playbooks/groups/logserver.yml b/playbooks/groups/logserver.yml index f7f0ddf306..217833eb0f 100644 --- a/playbooks/groups/logserver.yml +++ b/playbooks/groups/logserver.yml @@ -34,7 +34,7 @@ when: env == "production" # Set up for fedora-messaging - role: rabbit/user - user_username: "logging{{ env_suffix }}" + user_name: "logging{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.logging\.stats\..* - logging diff --git a/playbooks/groups/mailman.yml b/playbooks/groups/mailman.yml index f1dc443784..314eda2af9 100644 --- a/playbooks/groups/mailman.yml +++ b/playbooks/groups/mailman.yml @@ -98,7 +98,7 @@ - role: mailman3 # Set up for fedora-messaging - role: rabbit/user - user_username: "mailman{{ env_suffix }}" + user_name: "mailman{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.mailman\..* tasks: diff --git a/playbooks/groups/openqa.yml b/playbooks/groups/openqa.yml index 6d2884bab3..2a1a729a38 100644 --- a/playbooks/groups/openqa.yml +++ b/playbooks/groups/openqa.yml @@ -52,7 +52,7 @@ # user and impersonate prod openqa on the message bus, which is # not a huge deal. fixing it would be kinda tedious. - role: rabbit/user - user_username: "{{ openqa_amqp_prod_username }}" + user_name: "{{ openqa_amqp_prod_username }}" user_publish_only: false user_sent_topics: ^org\.fedoraproject\.prod\.(openqa|ci)\..* vars: @@ -61,7 +61,7 @@ tags: ['rabbit'] - role: rabbit/user - user_username: "{{ openqa_amqp_stg_username }}" + user_name: "{{ openqa_amqp_stg_username }}" user_publish_only: false user_sent_topics: ^org\.fedoraproject\.stg\.(openqa|ci)\..* vars: diff --git a/playbooks/groups/pkgs.yml b/playbooks/groups/pkgs.yml index 21cc16e6b5..a0c6b03746 100644 --- a/playbooks/groups/pkgs.yml +++ b/playbooks/groups/pkgs.yml @@ -93,7 +93,7 @@ - {role: hosts, when: env == "staging"} # Set up for fedora-messaging - role: rabbit/user - user_username: "pagure{{ env_suffix }}" + user_name: "pagure{{ env_suffix }}" user_sent_topics: ^(io\.pagure\.{{ env_short }}|org\.fedoraproject\.{{ env_short }}\.(pagure|git|logger))\..* diff --git a/playbooks/groups/releng-compose.yml b/playbooks/groups/releng-compose.yml index 717e412e33..cb46eb098e 100644 --- a/playbooks/groups/releng-compose.yml +++ b/playbooks/groups/releng-compose.yml @@ -146,7 +146,7 @@ when: "'releng_compose' in group_names" - role: rabbit/user - user_username: "pungi{{ env_suffix }}" + user_name: "pungi{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(pungi|compose|logger)\..* - { diff --git a/playbooks/groups/sundries.yml b/playbooks/groups/sundries.yml index e559231309..6a7c06e492 100644 --- a/playbooks/groups/sundries.yml +++ b/playbooks/groups/sundries.yml @@ -54,7 +54,7 @@ - role: fedoraloveskde/build when: master_sundries_node|bool - role: rabbit/user - user_username: "sundries{{ env_suffix }}" + user_name: "sundries{{ env_suffix }}" user_sent_topics: ^$ when: master_sundries_node|bool and deployment_type == "stg" - role: nfs/client diff --git a/playbooks/groups/wiki.yml b/playbooks/groups/wiki.yml index f926dc0ab9..c7a4d5bebe 100644 --- a/playbooks/groups/wiki.yml +++ b/playbooks/groups/wiki.yml @@ -34,7 +34,7 @@ - apache # Set up for fedora-messaging - role: rabbit/user - user_username: "mediawiki{{ env_suffix }}" + user_name: "mediawiki{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(wiki|logger)\..* when: inventory_hostname.startswith('wiki01') - { role: nfs/client, when: env == "staging", mnt_dir: '/mnt/web/attachments', nfs_src_dir: 'fedora_app_staging/app/attachments', mount_stg: true } diff --git a/playbooks/openshift-apps/badges.yml b/playbooks/openshift-apps/badges.yml index 1b840236a3..66a0de5272 100644 --- a/playbooks/openshift-apps/badges.yml +++ b/playbooks/openshift-apps/badges.yml @@ -61,7 +61,7 @@ roles: - role: rabbit/user - user_username: "tahrir{{ env_suffix }}" + user_name: "tahrir{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.badges\..* tags: - config diff --git a/playbooks/openshift-apps/bugzilla2fedmsg.yml b/playbooks/openshift-apps/bugzilla2fedmsg.yml index a03028c081..101767f079 100644 --- a/playbooks/openshift-apps/bugzilla2fedmsg.yml +++ b/playbooks/openshift-apps/bugzilla2fedmsg.yml @@ -12,7 +12,7 @@ roles: - role: rabbit/user - user_username: "bugzilla2fedmsg{{ env_suffix }}" + user_name: "bugzilla2fedmsg{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.bugzilla\..* - role: openshift/project diff --git a/playbooks/openshift-apps/cloud-image-uploader.yml b/playbooks/openshift-apps/cloud-image-uploader.yml index f29b0b13e3..f579ee7a3c 100644 --- a/playbooks/openshift-apps/cloud-image-uploader.yml +++ b/playbooks/openshift-apps/cloud-image-uploader.yml @@ -11,7 +11,7 @@ roles: - role: rabbit/user - user_username: "cloud-image-uploader{{ env_suffix }}" + user_name: "cloud-image-uploader{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fedora_image_uploader\..* - role: rabbit/queue diff --git a/playbooks/openshift-apps/discourse2fedmsg.yml b/playbooks/openshift-apps/discourse2fedmsg.yml index 02c80241a0..d20d04b0e1 100644 --- a/playbooks/openshift-apps/discourse2fedmsg.yml +++ b/playbooks/openshift-apps/discourse2fedmsg.yml @@ -11,7 +11,7 @@ roles: - role: rabbit/user - user_username: "discourse2fedmsg{{ env_suffix }}" + user_name: "discourse2fedmsg{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.discourse\..* - role: openshift/project diff --git a/playbooks/openshift-apps/elections.yml b/playbooks/openshift-apps/elections.yml index 284f6a8bb2..fa05d8cbf1 100644 --- a/playbooks/openshift-apps/elections.yml +++ b/playbooks/openshift-apps/elections.yml @@ -33,7 +33,7 @@ roles: - role: rabbit/user - user_username: "elections{{ env_suffix }}" + user_name: "elections{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fedora_elections\..* - role: openshift/project diff --git a/playbooks/openshift-apps/fedocal.yml b/playbooks/openshift-apps/fedocal.yml index 28a3a47b9c..09c80dc3af 100644 --- a/playbooks/openshift-apps/fedocal.yml +++ b/playbooks/openshift-apps/fedocal.yml @@ -11,7 +11,7 @@ roles: - role: rabbit/user - user_username: "fedocal{{ env_suffix }}" + user_name: "fedocal{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fedocal\..* - role: openshift/project diff --git a/playbooks/openshift-apps/greenwave.yml b/playbooks/openshift-apps/greenwave.yml index fe454367fc..c89945956e 100644 --- a/playbooks/openshift-apps/greenwave.yml +++ b/playbooks/openshift-apps/greenwave.yml @@ -29,7 +29,7 @@ - apply-appowners - role: rabbit/user - user_username: greenwave{{ env_suffix }} + user_name: greenwave{{ env_suffix }} user_queue_name: greenwave{{ env_suffix }} user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.greenwave\..* diff --git a/playbooks/openshift-apps/kerneltest.yml b/playbooks/openshift-apps/kerneltest.yml index 8efc44804b..1aafb917f4 100644 --- a/playbooks/openshift-apps/kerneltest.yml +++ b/playbooks/openshift-apps/kerneltest.yml @@ -40,7 +40,7 @@ roles: - role: rabbit/user - user_username: "kerneltest{{ env_suffix }}" + user_name: "kerneltest{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.kerneltest\..* - role: openshift/project diff --git a/playbooks/openshift-apps/maubot.yml b/playbooks/openshift-apps/maubot.yml index 9b8d039cfe..647b883cda 100644 --- a/playbooks/openshift-apps/maubot.yml +++ b/playbooks/openshift-apps/maubot.yml @@ -32,7 +32,7 @@ roles: - role: rabbit/user - user_username: "maubot{{ env_suffix }}" + user_name: "maubot{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(meetbot|maubot)\..* - role: openshift/project diff --git a/playbooks/openshift-apps/mdapi.yml b/playbooks/openshift-apps/mdapi.yml index 01248d565d..36c23e6457 100644 --- a/playbooks/openshift-apps/mdapi.yml +++ b/playbooks/openshift-apps/mdapi.yml @@ -11,7 +11,7 @@ roles: - role: rabbit/user - user_username: "mdapi{{ env_suffix }}" + user_name: "mdapi{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.mdapi\..* - role: openshift/project diff --git a/playbooks/openshift-apps/mirrormanager.yml b/playbooks/openshift-apps/mirrormanager.yml index 71f37be690..d624d7f941 100644 --- a/playbooks/openshift-apps/mirrormanager.yml +++ b/playbooks/openshift-apps/mirrormanager.yml @@ -38,7 +38,7 @@ roles: - role: rabbit/user - user_username: "mirrormanager{{ env_suffix }}" + user_name: "mirrormanager{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.mirrormanager\..* tags: - config diff --git a/playbooks/openshift-apps/monitor_gating.yml b/playbooks/openshift-apps/monitor_gating.yml index 009cd0d423..089971d80d 100644 --- a/playbooks/openshift-apps/monitor_gating.yml +++ b/playbooks/openshift-apps/monitor_gating.yml @@ -21,7 +21,7 @@ - patrikp - role: rabbit/user - user_username: "monitor-gating{{ env_suffix }}" + user_name: "monitor-gating{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.monitor-gating\..* - role: openshift/keytab diff --git a/playbooks/openshift-apps/noggin-centos.yml b/playbooks/openshift-apps/noggin-centos.yml index ee239fd444..d4d47eb021 100644 --- a/playbooks/openshift-apps/noggin-centos.yml +++ b/playbooks/openshift-apps/noggin-centos.yml @@ -13,7 +13,7 @@ roles: - role: rabbit/user - user_username: "noggin{{ env_suffix }}" + user_name: "noggin{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fas\..* - role: openshift/project diff --git a/playbooks/openshift-apps/noggin.yml b/playbooks/openshift-apps/noggin.yml index 8c394e0b3d..a5502c4fc4 100644 --- a/playbooks/openshift-apps/noggin.yml +++ b/playbooks/openshift-apps/noggin.yml @@ -13,7 +13,7 @@ roles: - role: rabbit/user - user_username: "noggin{{ env_suffix }}" + user_name: "noggin{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fas\..* - role: openshift/project diff --git a/playbooks/openshift-apps/openscanhub.yml b/playbooks/openshift-apps/openscanhub.yml index f9bae8d801..3e30c9da09 100644 --- a/playbooks/openshift-apps/openscanhub.yml +++ b/playbooks/openshift-apps/openscanhub.yml @@ -135,7 +135,7 @@ # Configurations for Fedora messaging - role: rabbit/user - user_username: "openscanhub{{ env_suffix }}" + user_name: "openscanhub{{ env_suffix }}" user_sent_topics: "{{ openscanhub_sent_topics }}" - role: rabbit/queue diff --git a/playbooks/openshift-apps/planet.yml b/playbooks/openshift-apps/planet.yml index 2d0d37c635..b6e96ee329 100644 --- a/playbooks/openshift-apps/planet.yml +++ b/playbooks/openshift-apps/planet.yml @@ -101,5 +101,5 @@ secret_file_privatefile: "rabbitmq/{{env}}/pki/private/planet{{env_suffix}}.key" - role: rabbit/user - user_username: "planet{{ env_suffix }}" + user_name: "planet{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.planet\..* diff --git a/playbooks/openshift-apps/poddlers.yml b/playbooks/openshift-apps/poddlers.yml index 06a77ad3de..197519026b 100644 --- a/playbooks/openshift-apps/poddlers.yml +++ b/playbooks/openshift-apps/poddlers.yml @@ -16,7 +16,7 @@ ansible.builtin.include_role: name: rabbit/user vars: - user_username: toddlers{{ env_suffix }} + user_name: toddlers{{ env_suffix }} user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.toddlers\..* - name: Setup Rabbit Queue diff --git a/playbooks/openshift-apps/release-monitoring.yml b/playbooks/openshift-apps/release-monitoring.yml index 45c393bc0e..7bb59b146d 100644 --- a/playbooks/openshift-apps/release-monitoring.yml +++ b/playbooks/openshift-apps/release-monitoring.yml @@ -12,7 +12,7 @@ roles: - role: rabbit/user - user_username: "anitya{{ env_suffix }}" + user_name: "anitya{{ env_suffix }}" user_sent_topics: ^org\.release-monitoring\.{{ env_short }}\.anitya\..* - role: openshift/project project_app: release-monitoring diff --git a/playbooks/openshift-apps/resultsdb.yml b/playbooks/openshift-apps/resultsdb.yml index f87f2992b8..acafa8ea68 100644 --- a/playbooks/openshift-apps/resultsdb.yml +++ b/playbooks/openshift-apps/resultsdb.yml @@ -39,7 +39,7 @@ roles: - role: rabbit/user - user_username: "resultsdb{{ env_suffix }}" + user_name: "resultsdb{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.resultsdb\..* # The openshift/project role breaks if the project already exists: diff --git a/playbooks/openshift-apps/waiverdb.yml b/playbooks/openshift-apps/waiverdb.yml index f1e555dc2b..861d158c65 100644 --- a/playbooks/openshift-apps/waiverdb.yml +++ b/playbooks/openshift-apps/waiverdb.yml @@ -42,7 +42,7 @@ roles: - role: rabbit/user - user_username: "waiverdb{{ env_suffix }}" + user_name: "waiverdb{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.waiverdb\..* # The openshift/project role breaks if the project already exists: diff --git a/playbooks/openshift-apps/webhook2fedmsg.yml b/playbooks/openshift-apps/webhook2fedmsg.yml index 233078f746..740896d610 100644 --- a/playbooks/openshift-apps/webhook2fedmsg.yml +++ b/playbooks/openshift-apps/webhook2fedmsg.yml @@ -35,7 +35,7 @@ roles: - role: rabbit/user - user_username: "webhook2fedmsg{{ env_suffix }}" + user_name: "webhook2fedmsg{{ env_suffix }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(github|discourse)\..* - role: openshift/project diff --git a/roles/messaging/base/tasks/main.yml b/roles/messaging/base/tasks/main.yml index f5b0cc267a..817b7f04e6 100644 --- a/roles/messaging/base/tasks/main.yml +++ b/roles/messaging/base/tasks/main.yml @@ -56,7 +56,7 @@ - name: "make sure the user exists on broker" include_role: name=rabbit/user vars: - - user_username: "{{ item.username }}{{ env_suffix }}" + - user_name: "{{ item.username }}{{ env_suffix }}" user_sent_topics: "{{ item.sent_topics }}" with_items: "{{ messaging.certificates }}" tags: diff --git a/roles/rabbit/user/defaults/main.yml b/roles/rabbit/user/defaults/main.yml index 879ad66478..46d69563d9 100644 --- a/roles/rabbit/user/defaults/main.yml +++ b/roles/rabbit/user/defaults/main.yml @@ -6,7 +6,7 @@ user_publish_only: true # Read privileges: # If publish_only: no reading. Otherwise, read from queues prefixed # with their name and bind to the topic exchange -user_read_priv: "{{ user_publish_only|ternary('^$', '^(zmq\\.topic)|^(amq\\.topic)|(' + user_username + '.*)$') }}" +user_read_priv: "{{ user_publish_only|ternary('^$', '^(zmq\\.topic)|^(amq\\.topic)|(' + user_name + '.*)$') }}" # Write privileges: # If publish_only: only write to the exchange. Otherwise, write to diff --git a/roles/rabbit/user/tasks/main.yml b/roles/rabbit/user/tasks/main.yml index a23eca17c7..8bc9319547 100644 --- a/roles/rabbit/user/tasks/main.yml +++ b/roles/rabbit/user/tasks/main.yml @@ -17,13 +17,13 @@ # See https://www.rabbitmq.com/access-control.html#permissions for details on # the RabbitMQ permissions configuration. -- name: Validate username {{ user_username }} +- name: Validate username {{ user_name }} assert: that: - - user_username is defined - - user_username != "admin" - - user_username != "guest" - - user_username != "nagios-monitoring" + - user_name is defined + - user_name != "admin" + - user_name != "guest" + - user_name != "nagios-monitoring" fail_msg: "This user name is reserved" tags: - config @@ -39,10 +39,10 @@ # See https://www.rabbitmq.com/access-control.html#permissions for details on # the RabbitMQ permissions configuration. -- name: Create the {{ user_username }} user in RabbitMQ +- name: Create the {{ user_name }} user in RabbitMQ delegate_to: "{{ user_rabbitmq_server }}" community.rabbitmq.rabbitmq_user: - user: "{{ user_username }}" + user: "{{ user_name }}" vhost: "{{ user_vhost }}" read_priv: "{{ user_read_priv }}" write_priv: "{{ user_write_priv }}" diff --git a/roles/supybot/tasks/main.yml b/roles/supybot/tasks/main.yml index 48da000cf2..b55ab67a94 100644 --- a/roles/supybot/tasks/main.yml +++ b/roles/supybot/tasks/main.yml @@ -99,7 +99,7 @@ import_role: name: rabbit/user vars: - user_username: "{{ botnames[env] }}" + user_name: "{{ botnames[env] }}" user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.meetbot\..* when: - inventory_hostname.startswith('value02')