From ddaf3a1d303f4794dedab17a2ed6f253eef1d222 Mon Sep 17 00:00:00 2001
From: Chenxiong Qi <cqi@redhat.com>
Date: Wed, 5 Jun 2019 23:44:02 +0800
Subject: [PATCH] Update MTS role with specific configs

This patch also contains a rule file for running MTS in prod Openshift
instance. For staging, the rule file is pointed out to an "external" rule file
stored in my personal repository created in Pagure.

Signed-off-by: Chenxiong Qi <cqi@redhat.com>
---
 .../files/mts-rules.yml                       |  3 +
 .../templates/configmap.yml                   | 97 +++++++++++++++++++
 .../templates/deployment.yml                  | 25 +++--
 .../templates/imagestream.yml                 | 18 ++++
 .../message-tagging-service/vars/main.yml     |  2 +-
 5 files changed, 136 insertions(+), 9 deletions(-)
 create mode 100644 roles/openshift-apps/message-tagging-service/files/mts-rules.yml
 create mode 100644 roles/openshift-apps/message-tagging-service/templates/configmap.yml
 create mode 100644 roles/openshift-apps/message-tagging-service/templates/imagestream.yml

diff --git a/roles/openshift-apps/message-tagging-service/files/mts-rules.yml b/roles/openshift-apps/message-tagging-service/files/mts-rules.yml
new file mode 100644
index 0000000000..b438e68292
--- /dev/null
+++ b/roles/openshift-apps/message-tagging-service/files/mts-rules.yml
@@ -0,0 +1,3 @@
+---
+# Please add rules to tag module build.
+# Refer to https://pagure.io/modularity/blob/master/f/drafts/module-tagging-service/format.md
diff --git a/roles/openshift-apps/message-tagging-service/templates/configmap.yml b/roles/openshift-apps/message-tagging-service/templates/configmap.yml
new file mode 100644
index 0000000000..5c0adb3252
--- /dev/null
+++ b/roles/openshift-apps/message-tagging-service/templates/configmap.yml
@@ -0,0 +1,97 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: "{{ app_name }}-config"
+  labels:
+    app: "{{ app_name }}"
+data:
+  app_config.py: |-
+    class BaseConfiguration:
+        # Set this to False when MTS is ready to work on either stg or prod
+        dry_run = True
+
+        keytab = '/etc/krb5.keytab'
+        principal = '{{ app_name }}/{{ app_name }}{{ env_suffix }}.fedoraproject.org@{{ ipa_realm }}'
+
+        log_level = 'INFO'
+        messaging_backend = 'fedmsg'
+        messaging_backends = {
+            'fedmsg': {'service': 'mts'},
+        }
+        build_state = 'ready'
+
+{% if env == 'staging' %}
+        # Running in staging, a rule file inside my perosnal repo is used in order to test conveniently.
+        rules_file_url = 'https://pagure.io/mts-rules/raw/master/f/rules.yaml'
+        mbs_api_url = 'https://mbs.stg.fedoraproject.org/module-build-service/1/'
+        koji_profile = 'stg'
+        consumer_topics = [
+            'org.fedoraproject.stg.mbs.module.state.change',
+        ]
+{% else %}
+        rules_file_url = ('https://infrastructure.fedoraproject.org/cgit/ansible.git/tree/'
+                          'roles/openshift-apps/message-tagging-service/files/mts-rules.yml')
+        mbs_api_url = 'https://mbs.fedoraproject.org/module-build-service/1/'
+        koji_profile = 'koji'
+        consumer_topics = [
+            'org.fedoraproject.prod.mbs.module.state.change',
+        ]
+{% endif %}
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: "{{ app_name }}-fedmsg"
+data:
+  mts.py: |-
+    config = {
+        'mts-consumer': True,
+        'validate_signatures': False,
+        'active': True,
+
+{% if env == 'staging' %}
+        'environment': 'stg',
+        'endpoints': {
+          'fedora-infrastructure': [
+            'tcp://stg.fedoraproject.org:9940',
+          ],
+        },
+{% else %}
+        'environment': 'prod',
+        'endpoints': {
+          'fedora-infrastructure': [
+            'tcp://hub.fedoraproject.org:9940',
+          ],
+        },
+{% endif %}
+    }
+  logging.py: |-
+    config = dict(logging={
+        "version": 1,
+        "formatters": {
+            "bare": {
+                "datefmt": "%Y-%m-%d %H:%M:%S",
+                "format": "[%(asctime)s][%(name)10s %(levelname)7s] %(message)s"
+            }
+        },
+        "loggers": {
+            "message_tagging_service": {
+                "handlers": ["console"], "propagate": False, "level": "DEBUG"},
+            "fedmsg": {
+                "handlers": ["console"], "propagate": False, "level": "DEBUG"},
+            "moksha": {
+                "handlers": ["console"], "propagate": False, "level": "DEBUG"},
+            "koji": {
+                "handlers": ["console"], "propagate": False, "level": "DEBUG"},
+        },
+        "handlers": {
+            "console": {
+                "formatter": "bare",
+                "class": "logging.StreamHandler",
+                "stream": "ext://sys.stdout",
+                "level": "DEBUG"
+            }
+        },
+    })
diff --git a/roles/openshift-apps/message-tagging-service/templates/deployment.yml b/roles/openshift-apps/message-tagging-service/templates/deployment.yml
index 2b8240f6a7..bf2a2d7a47 100644
--- a/roles/openshift-apps/message-tagging-service/templates/deployment.yml
+++ b/roles/openshift-apps/message-tagging-service/templates/deployment.yml
@@ -17,14 +17,16 @@ spec:
         service: mts
     spec:
       containers:
-      - name: message-tagging-service
-        image: quay.io/factory2/message-tagging-service:{{quay_tag}}
+      - name: "{{ app_name }}"
         ports:
         - containerPort: 8080
         volumeMounts:
-#        - name: config
-#          mountPath: /etc/mts
-#          readOnly: true
+        - name: "{{ app_name }}-config"
+          mountPath: /etc/mts
+          readOnly: true
+        - name: "{{ app_name }}"-fedmsg
+          mountPath: /etc/fedmsg.d
+          readOnly: true
         - name: keytab
           mountPath: /etc/krb5.keytab
           subPath: krb5.keytab
@@ -49,9 +51,16 @@ spec:
             path: /
             port: 8080
       volumes:
-#      - name: config
-#        secret:
-#          secretName: mts-config
       - name: keytab
         secret:
           secretName: keytab
+    triggers:
+      - type: ConfigChange
+      - type: ImageChange
+        imageChangeParams:
+          automatic: true
+          containerNames:
+          - "{{ app_name }}"
+          from:
+            kind: ImageStreamTag
+            name: "{{ app_name }}:latest"
diff --git a/roles/openshift-apps/message-tagging-service/templates/imagestream.yml b/roles/openshift-apps/message-tagging-service/templates/imagestream.yml
new file mode 100644
index 0000000000..59ad0a632d
--- /dev/null
+++ b/roles/openshift-apps/message-tagging-service/templates/imagestream.yml
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: ImageStream
+metadata:
+  name: "{{ app_name }}"
+  labels:
+    app: "{{ app_name }}"
+spec:
+  tags:
+  - name: latest
+    from:
+      kind: DockerImage
+{% if env == 'staging' %}
+      name: "quay.io/factory2/{{ app_name }}:stage"
+{% else %}
+      name: "quay.io/factory2/{{ app_name }}:prod"
+{% endif %}
+    importPolicy:
+      scheduled: true
diff --git a/roles/openshift-apps/message-tagging-service/vars/main.yml b/roles/openshift-apps/message-tagging-service/vars/main.yml
index 76ce422b3d..1dccb7af0a 100644
--- a/roles/openshift-apps/message-tagging-service/vars/main.yml
+++ b/roles/openshift-apps/message-tagging-service/vars/main.yml
@@ -1,4 +1,4 @@
-app: message-tagging-service
+app_name: message-tagging-service
 description: message-tagging-service
 appowners:
   - mizdebsk