From debd16df22f709540cca9e65446d768edc9c499d Mon Sep 17 00:00:00 2001
From: Adam Miller <admiller@redhat.com>
Date: Fri, 2 Dec 2016 23:17:04 +0000
Subject: [PATCH] Clean up OSBS items

    - Remove osbs-client from koji-hub, no longer needed
    - Set site-specific OSBS plugins config
    - Remove atomic-reactor.tar.gz hardlinking for docker, no longer
      needed
    - Update osbs/atomic-reactor buildroot to user RPM version of
      atomic-reactor and not source shipped with RPM (fixed issue
      so this works now)

Signed-off-by: Adam Miller <admiller@redhat.com>
---
 files/osbs/buildroot-Dockerfile-staging.j2    |  6 ++--
 playbooks/groups/buildvm.yml                  |  2 +-
 playbooks/groups/koji-hub.yml                 | 32 -------------------
 playbooks/groups/osbs-cluster.yml             | 29 ++---------------
 .../files/osbs-site-customizations.json       | 19 +++++++++++
 roles/osbs-client/tasks/main.yml              | 20 ++++++++++++
 6 files changed, 44 insertions(+), 64 deletions(-)
 create mode 100644 roles/osbs-client/files/osbs-site-customizations.json

diff --git a/files/osbs/buildroot-Dockerfile-staging.j2 b/files/osbs/buildroot-Dockerfile-staging.j2
index f6c92a7f04..6c3bfd9709 100644
--- a/files/osbs/buildroot-Dockerfile-staging.j2
+++ b/files/osbs/buildroot-Dockerfile-staging.j2
@@ -1,10 +1,8 @@
 FROM fedora:latest
 RUN curl -o /etc/yum.repos.d/maxamillion-atomic-reactor-copr.repo https://copr.fedorainfracloud.org/coprs/maxamillion/atomic-reactor/repo/fedora-24/maxamillion-atomic-reactor-fedora-24.repo
-RUN dnf -y install --refresh dnf-plugins-core && dnf -y install docker git python-docker-py python-setuptools e2fsprogs koji python-backports-lzma osbs-client gssproxy fedpkg python-docker-squash
+RUN dnf -y install --refresh dnf-plugins-core && dnf -y install docker git python-docker-py python-setuptools e2fsprogs koji python-backports-lzma osbs-client gssproxy fedpkg python-docker-squash atomic-reactor python-atomic-reactor*
 RUN sed -i 's|.*default_ccache_name.*| default_ccache_name = DIR:/tmp/ccache_%{uid}|g' /etc/krb5.conf
-ADD ./atomic-reactor.tar.gz /tmp/
 ADD ./krb5.osbs_{{osbs_url}}.keytab /etc/
-RUN cd /tmp/atomic-reactor-*/ && python setup.py install
 ADD ./ca.crt /etc/pki/ca-trust/source/anchors/osbs.ca.crt
 RUN update-ca-trust
-CMD ["atomic-reactor", "--verbose", "inside-build"]
+CMD ["python2", "/usr/bin/atomic-reactor", "--verbose", "inside-build"]
diff --git a/playbooks/groups/buildvm.yml b/playbooks/groups/buildvm.yml
index eb90179547..97cdd466b5 100644
--- a/playbooks/groups/buildvm.yml
+++ b/playbooks/groups/buildvm.yml
@@ -50,7 +50,7 @@
         when: env == 'staging' and ansible_architecture == 'x86_64',
         general: {
           verbose: 0,
-          build_json_dir: '/usr/share/osbs/',
+          build_json_dir: '/etc/osbs/input/',
           openshift_required_version: 1.1.0,
         },
         default: {
diff --git a/playbooks/groups/koji-hub.yml b/playbooks/groups/koji-hub.yml
index 6cb1e0090e..dbc124e3a8 100644
--- a/playbooks/groups/koji-hub.yml
+++ b/playbooks/groups/koji-hub.yml
@@ -31,38 +31,6 @@
   - apache
   - fedmsg/base
   - koji_hub
-  - {
-      role: osbs-client,
-        when: env != 'staging',
-        general: {
-          verbose: 0,
-          build_json_dir: '/usr/share/osbs/',
-          openshift_required_version: 1.1.0,
-        },
-        default: {
-          username: "{{ osbs_koji_prod_username }}",
-          password: "{{ osbs_koji_prod_password }}",
-          koji_use_kerberos: True,
-          koji_kerberos_keytab: "/etc/krb5.osbs_{{osbs_url}}.keytab",
-          koji_kerberos_principal: "osbs/{{osbs_url}}@{{ipa_realm}}",
-          openshift_url: 'https://{{ osbs_url }}/',
-          registry_uri: 'https://{{ docker_registry }}/v2',
-          source_registry_uri: 'https://{{ source_registry }}/v2',
-          build_host: '{{ osbs_url }}',
-          koji_root: 'http://{{ koji_root }}',
-          koji_hub: 'https://koji.fedoraproject.org/kojihub',
-          sources_command: 'fedpkg sources',
-          build_type: 'prod',
-          authoritative_registry: 'registry.example.com',
-          vendor: 'Fedora Project',
-          verify_ssl: false,
-          use_auth: true,
-          builder_use_auth: true,
-          distribution_scope: 'private',
-          registry_api_versions: 'v2',
-          builder_openshift_url: 'https://172.17.0.1:8443/'
-        }
-    }
   - { role: nfs/server, when: env == "staging" }
   - { role: keepalived, when: env == "production" and inventory_hostname.startswith('koji') }
   - role: nfs/client
diff --git a/playbooks/groups/osbs-cluster.yml b/playbooks/groups/osbs-cluster.yml
index d8a676401c..0d5557eb43 100644
--- a/playbooks/groups/osbs-cluster.yml
+++ b/playbooks/groups/osbs-cluster.yml
@@ -460,7 +460,7 @@
       role: osbs-client,
         general: {
           verbose: 0,
-          build_json_dir: '/usr/share/osbs/',
+          build_json_dir: '/etc/osbs/input/',
           openshift_required_version: 1.1.0,
         },
         default: {
@@ -492,7 +492,7 @@
       role: osbs-client,
         general: {
           verbose: 0,
-          build_json_dir: '/usr/share/osbs/',
+          build_json_dir: '/etc/osbs/input/',
           openshift_required_version: 1.1.0,
         },
         default: {
@@ -562,31 +562,6 @@
       notify:
         - buildroot container
 
-    - name: stat /usr/share/atomic-reactor/atomic-reactor.tar.gz
-      stat:
-        path: /usr/share/atomic-reactor/atomic-reactor.tar.gz
-      register: usr_ar_stat
-
-    - name: stat /etc/osbs/buildroot/atomic-reactor.tar.gz
-      stat:
-        path: /etc/osbs/buildroot/atomic-reactor.tar.gz
-      register: etc_ar_stat
-
-    - name: remove old hardlink to /etc/osbs/buildroot/atomic-reactor.tar.gz
-      file:
-        path: /etc/osbs/buildroot/atomic-reactor.tar.gz
-        state: absent
-      when: etc_ar_stat.stat.exists and usr_ar_stat.stat.checksum != etc_ar_stat.stat.checksum
-
-    - name: Hardlink atomic-reactor source for buildroot container (because Docker)
-      file:
-        src: /usr/share/atomic-reactor/atomic-reactor.tar.gz
-        dest: /etc/osbs/buildroot/atomic-reactor.tar.gz
-        state: hard
-      notify:
-        - buildroot container
-      when: etc_ar_stat.stat.exists == false
-
     - name: stat /etc/ keytab
       stat:
         path: "/etc/krb5.osbs_{{osbs_url}}.keytab"
diff --git a/roles/osbs-client/files/osbs-site-customizations.json b/roles/osbs-client/files/osbs-site-customizations.json
new file mode 100644
index 0000000000..8e4ef749a9
--- /dev/null
+++ b/roles/osbs-client/files/osbs-site-customizations.json
@@ -0,0 +1,19 @@
+{
+    "disable_plugins": [
+        {
+            "plugin_type": "postbuild_plugins",
+            "plugin_name": "pulp_push"
+        },
+        {
+            "plugin_type": "postbuild_plugins",
+            "plugin_name": "pulp_sync"
+        },
+        {
+            "plugin_type": "postbuild_plugins",
+            "plugin_name": "pulp_pull"
+        }
+    ],
+
+    "enable_plugins": [
+    ]
+}
diff --git a/roles/osbs-client/tasks/main.yml b/roles/osbs-client/tasks/main.yml
index efb5a849e2..fe50bd5160 100644
--- a/roles/osbs-client/tasks/main.yml
+++ b/roles/osbs-client/tasks/main.yml
@@ -7,3 +7,23 @@
 - name: apply osbs-client templated config
   template: src=osbs.conf.j2 dest={{ osbs_client_conf_path }} mode=0640
 
+- name: Create custom OSBS input directory
+  file:
+    path: "/etc/osbs/input/"
+    state: directory
+
+- name: Upload OSBS Site Customizations plugin conf
+  copy:
+    src: "osbs-site-customizations.json"
+    dest: "/etc/osbs/input/prod_customizations.json"
+    mode: 0400
+
+- name: Symlink in OSBS input configs provided by package
+  file:
+    src: "/usr/share/osbs/{{item}}.json"
+    dest: "/etc/osbs/input/{{item}}.json"
+    state: link
+  with_items:
+    - "prod"
+    - "prod_inner"
+