diff --git a/inventory/group_vars/openqa b/inventory/group_vars/openqa index 99bad054d3..5bb89ba5e4 100644 --- a/inventory/group_vars/openqa +++ b/inventory/group_vars/openqa @@ -19,6 +19,7 @@ openqa_env_suffix: openqa_env: production wikitcms_token: "{{ private }}/files/openidc/production/wikitcms.json" +openqa_wikitcms_hostname: fedoraproject.org openqa_resultsdb_url: http://resultsdb01.qa.fedoraproject.org/resultsdb_api/api/v2.0/ # The checkcompose settings below cause system(s) in this group to diff --git a/inventory/group_vars/openqa_common b/inventory/group_vars/openqa_common index 76bb0f88dc..dab38d60bf 100644 --- a/inventory/group_vars/openqa_common +++ b/inventory/group_vars/openqa_common @@ -14,6 +14,36 @@ openqa_userid: http://adamwill.id.fedoraproject.org/ openqa_assetsize: 500 openqa_assetsize_updates: 100 +# we need this for all our fedora-messaging consumers as they are not +# allowed to create queues on the infra AMQP broker, by broker config +openqa_amqp_passive: true + +# fedora-messaging job scheduler settings: most of these are the same +# for prod and stg as they both must listen for prod messages. Only +# the queue names differs +openqa_amqp_scheduler_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub" +openqa_amqp_scheduler_cacert: /etc/fedora-messaging/cacert.pem +openqa_amqp_scheduler_key: /etc/pki/fedora-messaging/openqa-key.pem +openqa_amqp_scheduler_cert: /etc/pki/fedora-messaging/openqa-cert.pem +openqa_amqp_scheduler_queue: "openqa{{ openqa_env_suffix }}_scheduler" +openqa_amqp_scheduler_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change", + "org.fedoraproject.prod.bodhi.update.request.testing", + "org.fedoraproject.prod.bodhi.update.edit"] + +# fedora-messaging reporter settings +openqa_amqp_reporter_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub" +openqa_amqp_reporter_cacert: /etc/fedora-messaging/cacert.pem +openqa_amqp_reporter_key: /etc/pki/fedora-messaging/openqa-key.pem +openqa_amqp_reporter_cert: /etc/pki/fedora-messaging/openqa-cert.pem + +# fedora-messaging resultsdb reporter settings +openqa_amqp_resultsdb_reporter_queue: "openqa{{ openqa_env_suffix }}_resultsdb_reporter" +openqa_amqp_resultsdb_reporter_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] + +# fedora-messaging wiki reporter settings +openqa_amqp_wiki_reporter_queue: "openqa{{ openqa_env_suffix }}_wiki_reporter" +openqa_amqp_wiki_reporter_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] + # http and NFS tcp_ports: [80, 2049] diff --git a/inventory/group_vars/openqa_stg b/inventory/group_vars/openqa_stg index 0b013f2d70..013c6d7f5d 100644 --- a/inventory/group_vars/openqa_stg +++ b/inventory/group_vars/openqa_stg @@ -38,6 +38,7 @@ openqa_env: staging openqa_extraarches: true wikitcms_token: "{{ private }}/files/openidc/staging/wikitcms.json" +openqa_wikitcms_hostname: stg.fedoraproject.org openqa_resultsdb_url: http://resultsdb-stg01.qa.fedoraproject.org/resultsdb_api/api/v2.0/ openqa_fedoramessaging: true # these should really be secrets, but it's not *that* big a deal that diff --git a/roles/openqa/dispatcher/defaults/main.yml b/roles/openqa/dispatcher/defaults/main.yml index 764b84d26d..59cdb2b592 100644 --- a/roles/openqa/dispatcher/defaults/main.yml +++ b/roles/openqa/dispatcher/defaults/main.yml @@ -2,3 +2,18 @@ openqa_hostname: localhost openqa_consumer: true openqa_extraarches: false openqa_fedoramessaging: false +openqa_amqp_passive: false +openqa_amqp_scheduler_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" +openqa_amqp_scheduler_cacert: /etc/fedora-messaging/cacert.pem +openqa_amqp_scheduler_key: /etc/fedora-messaging/fedora-key.pem +openqa_amqp_scheduler_cert: /etc/fedora-messaging/fedora-cert.pem +openqa_amqp_scheduler_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change", +- "org.fedoraproject.prod.bodhi.update.request.testing", +- "org.fedoraproject.prod.bodhi.update.edit"] + +openqa_amqp_reporter_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" +openqa_amqp_reporter_cacert: /etc/fedora-messaging/cacert.pem +openqa_amqp_reporter_key: /etc/fedora-messaging/fedora-key.pem +openqa_amqp_reporter_cert: /etc/fedora-messaging/fedora-cert.pem +openqa_amqp_resultsdb_reporter_routing_keys: ["org.fedoraproject.prod.openqa.job.done"] +openqa_amqp_wiki_reporter_routing_keys: ["org.fedoraproject.prod.openqa.job.done"] diff --git a/roles/openqa/dispatcher/tasks/main.yml b/roles/openqa/dispatcher/tasks/main.yml index 4ad2feb8bc..96c6b983e9 100644 --- a/roles/openqa/dispatcher/tasks/main.yml +++ b/roles/openqa/dispatcher/tasks/main.yml @@ -27,28 +27,132 @@ # Optional vars # - wikitcms_token ## string - a token file to install for unattended reporting to -# a wiki using openidc auth. If set, wiki reporting -# will be enabled, if unset, it will not. Note you must -## also set openqa_wiki_reporter_uuid (no -## deployment_type), openqa_wiki_reporter_stg_uuid -## (staging), or openqa_wiki_reporter_prod_uuid -## (production) if both this and openqa_fedoramessaging -## are set. You should probably NOT set this unless you -## are maintaining the Fedora infrastructure deployment +## a wiki using openidc auth. If this and +## openqa_wikitcms_hostname are set, wiki reporting will +## be enabled, if unset, it will not. Note you must also +## set openqa_amqp_wiki_reporter_queue if both this and +## openqa_fedoramessaging are set. You should probably +## NOT set this unless you are maintaining the Fedora +## infrastructure deployment. +# - openqa_wikitcms_hostname +## string - Hostname of a wiki to report results to. If this and +## wikitcms_token are set, wiki reporting will be +## enabled. Note you must also set +## openqa_amqp_wiki_reporter_queue if both this and +## openqa_fedoramessaging are set. You should probably +## NOT set this unless you are maintaining the Fedora +## infrastructure deployment. # - openqa_resultsdb_url ## string - a ResultsDB API URL to report results to. If set, ## ResultsDB reporting will be enabled. Note you must -## also set openqa_resultsdb_reporter_uuid (no -## deployment_type), openqa_resultsdb_reporter_stg_uuid -## (staging), or openqa_resultsdb_reporter_prod_uuid -## (production) if both this and openqa_fedoramessaging -## are set. You should probably NOT set this unless you -## are maintaining the Fedora infrastructure deployment +## also set openqa_amqp_resultsdb_reporter_queue if both +## this and openqa_fedoramessaging are set. You should +## probably NOT set this unless you are maintaining the +## Fedora infrastructure deployment # - deployment_type ## string - Fedora Infrastructure thing; for this role, the ## fedora_openqa config file and fedora-messaging config ## will be set appropriately for infra deployments if ## this is set, so don't set it for private deployments +# - openqa_amqp_passive +## bool - If true, passive_declares will be set true in all the +## fedora-messaging consumer configuration files. This +## is needed for private authentication on the Fedora +## brokers. Role default is false. +# - openqa_amqp_scheduler_url +## string - AMQP broker URL for fedora-messaging job scheduler. +## The role default for this is the Fedora production +## broker with the shared 'fedora' username. +# - openqa_amqp_scheduler_cacert +## string - CA certificate file to use for authenticating with +## AMQP broker for fedora-messaging job scheduler. +## The role default for this is the CA cert file for the +## Fedora production broker. +# - openqa_amqp_scheduler_cert +## string - Certificate file to use for authenticating with AMQP +## broker for fedora-messaging job scheduler. The role +## default for this is the certificate file for the +## public 'fedora' account on the Fedora production +## broker. +# - openqa_amqp_scheduler_key +## string - Private key file to use for authenticating with AMQP +## broker for fedora-messaging job scheduler. The role +## default for this is the key file for the public +## 'fedora' account on the Fedora production broker. +# - openqa_amqp_scheduler_queue +## string - Message queue name for the fedora-messaging scheduler +## consumer. If this is set, the scheduler will be +## enabled. To use the fedora-messaging scheduler with +## public authentication on the Fedora production AMQP +## broker (which is what you'd typically want), you only +## need to set this and set openqa_fedoramessaging to +## true. This should be a unique and private string; the +## official recommendation is to use a random UUID +## generated by uuidgen. +# - openqa_amqp_scheduler_routing_keys +## list - List of routing key names for the fedora-messaging +## scheduler to subscribe to. The role default for this +## is the appropriate keys for the Fedora production +## broker. +# - openqa_amqp_reporter_url +## string - AMQP broker URL for fedora-messaging result reporters. +## The role default for this is the Fedora production +## broker with the shared 'fedora' username. +# - openqa_amqp_reporter_cacert +## string - CA certificate file to use for authenticating with +## AMQP broker for fedora-messaging result reporters. +## The role default for this is the CA cert file for the +## Fedora production broker. +# - openqa_amqp_reporter_cert +## string - Certificate file to use for authenticating with AMQP +## broker for fedora-messaging result reporters. The role +## default for this is the certificate file for the +## public 'fedora' account on the Fedora production +## broker. +# - openqa_amqp_reporter_key +## string - Private key file to use for authenticating with AMQP +## broker for fedora-messaging result reporters. The role +## default for this is the key file for the public +## 'fedora' account on the Fedora production broker. +# - openqa_amqp_resultsdb_reporter_queue +## string - Message queue name for the fedora-messaging ResultsDB +## reporter consumer. If this is set, the ResultsDB +## reporter will be enabled. You **SHOULD NOT** enable +## this reporter unless you have a private ResultsDB +## instance to send results to; only the official Fedora +## infra deployments should report to Fedora ResultsDB. +## To use the fedora-messaging scheduler with public +## authentication on the Fedora production AMQP broker, +## you only need to set this and set +## openqa_fedoramessaging to true; openqa_resultsdb_url +## must also be set correctly. This should be a unique +## and private string; the official recommendation is to +## use a random UUID generated by uuidgen. +# - openqa_amqp_resultsdb_reporter_routing_keys +## list - List of routing key names for the fedora-messaging +## ResultsDB reporter to subscribe to. The role default +## for this is the appropriate keys for the Fedora +## production broker. +# - openqa_amqp_wiki_reporter_queue +## string - Message queue name for the fedora-messaging Wiki +## reporter consumer. If this is set, the Wiki reporter +## will be enabled. You **SHOULD NOT** enable this +## reporter unless you have a private mediawiki instance +## to send results to; only the official Fedora infra +## deployments should report to the Fedora wikis. To use +## the fedora-messaging scheduler with public +## authentication on the Fedora production AMQP broker, +## you only need to set this and set +## openqa_fedoramessaging to true; +## openqa_wikitcms_hostname must also be set correctly. +## This should be a unique and private string; the +## official recommendation is to use a random UUID +## generated by uuidgen. +# - openqa_amqp_wiki_reporter_routing_keys +## list - List of routing key names for the fedora-messaging +## wiki reporter to subscribe to. The role default +## for this is the appropriate keys for the Fedora +## production broker. # # NOTE: There are still currently a couple of assumptions that the # openQA server boxes will always act as their own dispatchers, but @@ -191,24 +295,6 @@ tags: - config -- name: Install fedora-messaging anon staging CA cert (because it's not in the package) - copy: src=stg-cacert.pem dest=/etc/fedora-messaging/cacert.stg.pem owner=root group=root mode=0644 - when: "openqa_fedoramessaging|bool" - tags: - - config - -- name: Install fedora-messaging anon staging broker cert (because it's not in the package) - copy: src=fedora.stg-cert.pem dest=/etc/fedora-messaging/fedora.stg-cert.pem owner=root group=root mode=0644 - when: "openqa_fedoramessaging|bool and deployment_type is not defined" - tags: - - config - -- name: Install fedora-messaging anon staging broker key (because it's not in the package) - copy: src=fedora.stg-key.pem dest=/etc/fedora-messaging/fedora.stg-key.pem owner=root group=root mode=0644 - when: "openqa_fedoramessaging|bool and deployment_type is not defined" - tags: - - config - - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging @@ -266,33 +352,33 @@ - name: Configure fedora-messaging scheduler template: src=fedora_openqa_scheduler.toml.j2 dest=/etc/fedora-messaging/fedora_openqa_scheduler.toml owner=root group=root mode=0640 - when: "openqa_fedoramessaging|bool" + when: "openqa_amqp_scheduler_queue is defined and openqa_fedoramessaging|bool" tags: - config - name: Configure fedora-messaging wiki reporter template: src=fedora_openqa_wiki_reporter.toml.j2 dest=/etc/fedora-messaging/fedora_openqa_wiki_reporter.toml owner=root group=root mode=0640 - when: "wikitcms_token is defined and openqa_fedoramessaging|bool" + when: "openqa_amqp_wiki_reporter_queue is defined and openqa_fedoramessaging|bool" tags: - config - name: Configure fedora-messaging ResultsDB reporter template: src=fedora_openqa_resultsdb_reporter.toml.j2 dest=/etc/fedora-messaging/fedora_openqa_resultsdb_reporter.toml owner=root group=root mode=0640 - when: "openqa_resultsdb_url is defined and openqa_fedoramessaging|bool" + when: "openqa_amqp_resultsdb_reporter_queue is defined and openqa_fedoramessaging|bool" tags: - config - name: Enable and start fedora-messaging scheduler service service: name=fm-consumer@fedora_openqa_scheduler enabled=yes state=started - when: "openqa_fedoramessaging|bool" + when: "openqa_amqp_scheduler_queue is defined and openqa_fedoramessaging|bool" - name: Enable and start fedora-messaging wiki reporter service service: name=fm-consumer@fedora_openqa_wiki_reporter enabled=yes state=started - when: "wikitcms_token is defined and openqa_fedoramessaging|bool" + when: "openqa_amqp_wiki_reporter_queue is defined and openqa_fedoramessaging|bool" - name: Enable and start fedora-messaging ResultsDB reporter service service: name=fm-consumer@fedora_openqa_resultsdb_reporter enabled=yes state=started - when: "openqa_resultsdb_url is defined and openqa_fedoramessaging|bool" + when: "openqa_amqp_resultsdb_reporter_queue is defined and openqa_fedoramessaging|bool" - name: Set up cron job to schedule live-respins jobs copy: src=schedule-live-respins.cron dest=/etc/cron.hourly/schedule-live-respins owner=root group=root mode=0755 diff --git a/roles/openqa/dispatcher/templates/fedora_openqa_resultsdb_reporter.toml.j2 b/roles/openqa/dispatcher/templates/fedora_openqa_resultsdb_reporter.toml.j2 index 5b50173fcc..8638ba70c0 100644 --- a/roles/openqa/dispatcher/templates/fedora_openqa_resultsdb_reporter.toml.j2 +++ b/roles/openqa/dispatcher/templates/fedora_openqa_resultsdb_reporter.toml.j2 @@ -3,27 +3,20 @@ # something unique before using this. # # This file is in the TOML format. -{% if deployment_type is defined %} -amqp_url = "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub" + +amqp_url = "amqps://{{ openqa_amqp_reporter_url }}" +{% if openqa_amqp_passive|bool %} passive_declares = true -{% else %} -amqp_url = "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" {% endif %} callback = "fedora_openqa.consumer:OpenQAResultsDBReporter" [tls] -{% if deployment_type is defined %} -ca_cert = "/etc/fedora-messaging/cacert{{ openqa_env_suffix }}.pem" -keyfile = "/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem" -certfile = "/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem" -{% else %} -ca_cert = "/etc/fedora-messaging/cacert.pem" -keyfile = "/etc/fedora-messaging/fedora-key.pem" -certfile = "/etc/fedora-messaging/fedora-cert.pem" -{% endif %} +ca_cert = "{{ openqa_amqp_reporter_cacert }}" +keyfile = "{{ openqa_amqp_reporter_key }}" +certfile = "{{ openqa_amqp_reporter_cert }}" [client_properties] -app = "Fedora openQA" +app = "Fedora openQA ResultsDB reporter" [exchanges."amq.topic"] type = "topic" @@ -31,50 +24,21 @@ durable = true auto_delete = false arguments = {} -{% if deployment_type is defined %} -# Private queue name. -[queues."openqa{{ openqa_env_suffix }}_resultsdb_reporter"] -{% else %} -# Queue names *must* be in the normal UUID format: run "uuidgen" and use the -# output as your queue name. If your queue is not exclusive, anyone can connect -# and consume from it, causing you to miss messages, so do not share your queue -# name. Any queues that are not auto-deleted on disconnect are garbage-collected -# after approximately one hour. -# -# If you require a stronger guarantee about delivery, please talk to Fedora's -# Infrastructure team. -[queues.{{ openqa_resultsdb_reporter_uuid }}] -{% endif %} +[queues."{{ openqa_amqp_resultsdb_reporter_queue }}"] durable = false auto_delete = true exclusive = true arguments = {} [[bindings]] -{% if deployment_type is defined %} -queue = "openqa{{ openqa_env_suffix }}_resultsdb_reporter" -{% else %} -queue = "{{ openqa_resultsdb_reporter_uuid }}" -{% endif %} +queue = "{{ openqa_amqp_resultsdb_reporter_queue }}" exchange = "amq.topic" -{% if deployment_type is defined %} -routing_keys = ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] -{% else %} -routing_keys = ["org.fedoraproject.prod.openqa.job.done"] -{% endif %} +routing_keys = [{% for key in openqa_amqp_resultsdb_reporter_routing_keys %}"{{ key }}",{% endfor %}] # need this to receive messages from ZMQ->AMQP bridge [[bindings]] -{% if deployment_type is defined %} -queue = "openqa{{ openqa_env_suffix }}_resultsdb_reporter" -{% else %} -queue = "{{ openqa_resultsdb_reporter_uuid }}" -{% endif %} +queue = "{{ openqa_amqp_resultsdb_reporter_queue }}" exchange = "zmq.topic" -{% if deployment_type is defined %} -routing_keys = ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] -{% else %} -routing_keys = ["org.fedoraproject.prod.openqa.job.done"] -{% endif %} +routing_keys = [{% for key in openqa_amqp_resultsdb_reporter_routing_keys %}"{{ key }}",{% endfor %}] [consumer_config] openqa_hostname = "{{ openqa_hostname }}" diff --git a/roles/openqa/dispatcher/templates/fedora_openqa_scheduler.toml.j2 b/roles/openqa/dispatcher/templates/fedora_openqa_scheduler.toml.j2 index 80187e40e0..399d7cae7a 100644 --- a/roles/openqa/dispatcher/templates/fedora_openqa_scheduler.toml.j2 +++ b/roles/openqa/dispatcher/templates/fedora_openqa_scheduler.toml.j2 @@ -1,29 +1,19 @@ -# fedora-messaging consumer configuration file for the production -# openQA scheduler. Note you must change the UUID here to something -# unique before using this. +# fedora-messaging consumer configuration file for the openQA job +# scheduler. See the openqa/dispatcher main.yml comments for details +# on the variables that must be set here. # # This file is in the TOML format. -# we listen to the prod broker here even for staging as we need to use -# prod messages to schedule jobs in openQA staging, composes and -# updates just don't show up on the staging broker. -{% if deployment_type is defined %} -amqp_url = "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub" +amqp_url = "amqps://{{ openqa_amqp_scheduler_url }}" +{% if openqa_amqp_passive|bool %} passive_declares = true -{% else %} -amqp_url = "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" {% endif %} callback = "fedora_openqa.consumer:OpenQAScheduler" [tls] -ca_cert = "/etc/fedora-messaging/cacert.pem" -{% if deployment_type is defined %} -keyfile = "/etc/pki/fedora-messaging/openqa-key.pem" -certfile = "/etc/pki/fedora-messaging/openqa-cert.pem" -{% else %} -keyfile = "/etc/fedora-messaging/fedora-key.pem" -certfile = "/etc/fedora-messaging/fedora-cert.pem" -{% endif %} +ca_cert = "{{ openqa_amqp_scheduler_cacert }}" +keyfile = "{{ openqa_amqp_scheduler_key }}" +certfile = "{{ openqa_amqp_scheduler_cert }}" [client_properties] app = "Fedora openQA scheduler" @@ -34,47 +24,21 @@ durable = true auto_delete = false arguments = {} -{% if deployment_type is defined %} -# Private queue name. -[queues."openqa{{ openqa_env_suffix }}_scheduler"] -{% else %} -# Queue names *must* be in the normal UUID format: run "uuidgen" and use the -# output as your queue name. If your queue is not exclusive, anyone can connect -# and consume from it, causing you to miss messages, so do not share your queue -# name. Any queues that are not auto-deleted on disconnect are garbage-collected -# after approximately one hour. -# -# If you require a stronger guarantee about delivery, please talk to Fedora's -# Infrastructure team. -[queues.{{ openqa_scheduler_uuid }}] -{% endif %} +[queues."{{ openqa_amqp_scheduler_queue }}"] durable = false auto_delete = true exclusive = true arguments = {} [[bindings]] -{% if deployment_type is defined %} -queue = "openqa{{ openqa_env_suffix }}_scheduler" -{% else %} -queue = "{{ openqa_scheduler_uuid }}" -{% endif %} +queue = "{{ openqa_amqp_scheduler_queue }}" exchange = "amq.topic" -routing_keys = ["org.fedoraproject.prod.pungi.compose.status.change", - "org.fedoraproject.prod.bodhi.update.request.testing", - "org.fedoraproject.prod.bodhi.update.edit"] +routing_keys = [{% for key in openqa_amqp_scheduler_routing_keys %}"{{ key }}",{% endfor %}] # need this to receive messages from ZMQ->AMQP bridge [[bindings]] -{% if deployment_type is defined %} -queue = "openqa{{ openqa_env_suffix }}_scheduler" -{% else %} -queue = "{{ openqa_scheduler_uuid }}" -{% endif %} +queue = "{{ openqa_amqp_scheduler_queue }}" exchange = "zmq.topic" -routing_keys = ["org.fedoraproject.prod.pungi.compose.status.change", - "org.fedoraproject.prod.bodhi.update.request.testing", - "org.fedoraproject.prod.bodhi.update.edit"] - +routing_keys = [{% for key in openqa_amqp_scheduler_routing_keys %}"{{ key }}",{% endfor %}] [consumer_config] openqa_hostname = "{{ openqa_hostname }}" diff --git a/roles/openqa/dispatcher/templates/fedora_openqa_wiki_reporter.toml.j2 b/roles/openqa/dispatcher/templates/fedora_openqa_wiki_reporter.toml.j2 index e784120c0c..14c2a64522 100644 --- a/roles/openqa/dispatcher/templates/fedora_openqa_wiki_reporter.toml.j2 +++ b/roles/openqa/dispatcher/templates/fedora_openqa_wiki_reporter.toml.j2 @@ -3,27 +3,20 @@ # something unique before using this. # # This file is in the TOML format. -{% if deployment_type is defined %} -amqp_url = "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub" + +amqp_url = "amqps://{{ openqa_amqp_reporter_url }}" +{% if openqa_amqp_passive|bool %} passive_declares = true -{% else %} -amqp_url = "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" {% endif %} callback = "fedora_openqa.consumer:OpenQAWikiReporter" [tls] -{% if deployment_type is defined %} -ca_cert = "/etc/fedora-messaging/cacert{{ openqa_env_suffix }}.pem" -keyfile = "/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem" -certfile = "/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem" -{% else %} -ca_cert = "/etc/fedora-messaging/cacert.pem" -keyfile = "/etc/fedora-messaging/fedora-key.pem" -certfile = "/etc/fedora-messaging/fedora-cert.pem" -{% endif %} +ca_cert = "{{ openqa_amqp_reporter_cacert }}" +keyfile = "{{ openqa_amqp_reporter_key }}" +certfile = "{{ openqa_amqp_reporter_cert }}" [client_properties] -app = "Fedora openQA" +app = "Fedora openQA Wiki reporter" [exchanges."amq.topic"] type = "topic" @@ -31,59 +24,26 @@ durable = true auto_delete = false arguments = {} -{% if deployment_type is defined %} -# Private queue name. -[queues."openqa{{ openqa_env_suffix }}_wiki_reporter"] -{% else %} -# Queue names *must* be in the normal UUID format: run "uuidgen" and use the -# output as your queue name. If your queue is not exclusive, anyone can connect -# and consume from it, causing you to miss messages, so do not share your queue -# name. Any queues that are not auto-deleted on disconnect are garbage-collected -# after approximately one hour. -# -# If you require a stronger guarantee about delivery, please talk to Fedora's -# Infrastructure team. -[queues.{{ openqa_wiki_reporter_uuid }}] -{% endif %} +[queues."{{ openqa_amqp_wiki_reporter_queue }}"] durable = false auto_delete = true exclusive = true arguments = {} [[bindings]] -{% if deployment_type is defined %} -queue = "openqa{{ openqa_env_suffix }}_wiki_reporter" -{% else %} -queue = "{{ openqa_wiki_reporter_uuid }}" -{% endif %} +queue = "{{ openqa_amqp_wiki_reporter_queue }}" exchange = "amq.topic" -{% if deployment_type is defined %} -routing_keys = ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] -{% else %} -routing_keys = ["org.fedoraproject.prod.openqa.job.done"] -{% endif %} +routing_keys = [{% for key in openqa_amqp_wiki_reporter_routing_keys %}"{{ key }}",{% endfor %}] # need this to receive messages from ZMQ->AMQP bridge [[bindings]] -{% if deployment_type is defined %} -queue = "openqa{{ openqa_env_suffix }}_wiki_reporter" -{% else %} -queue = "{{ openqa_wiki_reporter_uuid }}" -{% endif %} +queue = "{{ openqa_amqp_wiki_reporter_queue }}" exchange = "zmq.topic" -{% if deployment_type is defined %} -routing_keys = ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] -{% else %} -routing_keys = ["org.fedoraproject.prod.openqa.job.done"] -{% endif %} +routing_keys = [{% for key in openqa_amqp_wiki_reporter_routing_keys %}"{{ key }}",{% endfor %}] [consumer_config] openqa_hostname = "{{ openqa_hostname }}" openqa_baseurl = "https://{{ external_hostname|default(ansible_nodename) }}" -{% if deployment_type is defined and deployment_type == 'stg' %} -wiki_hostname = "stg.fedoraproject.org" -{% else %} -wiki_hostname = "fedoraproject.org" -{% endif %} +wiki_hostname = "{{ openqa_wikitcms_hostname }}" do_report = true [qos]