Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Blockerbugs: spearate stg/prod credentials

Browse source
This commit is contained in:
František Zatloukal 2022-09-27 20:51:43 +02:00
parent 272f488d23
commit e24d06b1f6
3 changed files with 57 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

40
playbooks/openshift-apps/blockerbugs.yml
View file

@ -10,7 +10,7 @@
- packages - packages
- name: setup the database - name: setup the database
hosts: db01.stg.iad2.fedoraproject.org:db01.iad2.fedoraproject.org hosts: db01.stg.iad2.fedoraproject.org
gather_facts: no gather_facts: no
become: yes become: yes
become_user: postgres become_user: postgres
@ -22,17 +22,43 @@
tasks: tasks:
- name: Create the database user - name: Create the database user
postgresql_user: postgresql_user:
name: "{{ blockerbugs_db_user }}" name: "{{ stg_blockerbugs_db_user }}"
password: "{{ blockerbugs_db_password }}" password: "{{ stg_blockerbugs_db_password }}"
- name: Create the database itself - name: Create the database itself
postgresql_db: postgresql_db:
name: "{{ blockerbugs_db_name }}" name: "{{ stg_blockerbugs_db_name }}"
owner: "{{ blockerbugs_db_user }}" owner: "{{ stg_blockerbugs_db_user }}"
encoding: UTF-8 encoding: UTF-8
- name: Test the database creation - name: Test the database creation
postgresql_db: postgresql_db:
name: "{{ blockerbugs_db_name }}" name: "{{ stg_blockerbugs_db_name }}"
owner: "{{ blockerbugs_db_user }}" owner: "{{ stg_blockerbugs_db_user }}"
encoding: UTF-8
- name: setup the database
hosts: db01.iad2.fedoraproject.org
gather_facts: no
become: yes
become_user: postgres
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- "/srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml"
tasks:
- name: Create the database user
postgresql_user:
name: "{{ prod_blockerbugs_db_user }}"
password: "{{ prod_blockerbugs_db_password }}"
- name: Create the database itself
postgresql_db:
name: "{{ prod_blockerbugs_db_name }}"
owner: "{{ prod_blockerbugs_db_user }}"
encoding: UTF-8
- name: Test the database creation
postgresql_db:
name: "{{ prod_blockerbugs_db_name }}"
owner: "{{ prod_blockerbugs_db_user }}"
encoding: UTF-8 encoding: UTF-8
- name: make the app be real - name: make the app be real

14
roles/openshift-apps/blockerbugs/templates/cron.yml
View file

@ -27,8 +27,13 @@ spec:
value: "db01{{ env_suffix }}.iad2.fedoraproject.org" value: "db01{{ env_suffix }}.iad2.fedoraproject.org"
- name: POSTGRESQL_SERVICE_PORT - name: POSTGRESQL_SERVICE_PORT
value: "5432" value: "5432"
{% if env == 'staging' %}
- name: POSTGRESQL_PASSWORD - name: POSTGRESQL_PASSWORD
value: "{{ blockerbugs_db_password }}" value: "{{ stg_blockerbugs_db_password }}"
{% else %}
- name: POSTGRESQL_PASSWORD
value: "{{ prod_blockerbugs_db_password }}"
{% endif %}
- name: SECRET_KEY - name: SECRET_KEY
value: "{{ blockerbugs_secret_key }}" value: "{{ blockerbugs_secret_key }}"
- name: BLOCKERBUGS_URL - name: BLOCKERBUGS_URL
@ -55,8 +60,13 @@ spec:
value: "{{ blockerbugs_pagure_url }}api/0/" value: "{{ blockerbugs_pagure_url }}api/0/"
- name: BUGZILLA_URL - name: BUGZILLA_URL
value: "{{ blockerbugs_bugzilla_url }}" value: "{{ blockerbugs_bugzilla_url }}"
{% if env == 'staging' %}
- name: BUGZILLA_API_KEY - name: BUGZILLA_API_KEY
value: "{{ blockerbugs_bz_api_key }}" value: "{{ stg_blockerbugs_bz_api_key }}"
{% else %}
- name: BUGZILLA_API_KEY
value: "{{ prod_blockerbugs_bz_api_key }}"
{% endif %}
- name: BODHI_URL - name: BODHI_URL
value: "https://bodhi{{ env_suffix }}.fedoraproject.org/" value: "https://bodhi{{ env_suffix }}.fedoraproject.org/"
- name: OPENSHIFT_PROD - name: OPENSHIFT_PROD

14
roles/openshift-apps/blockerbugs/templates/deploymentconfig.yml
View file

@ -45,8 +45,13 @@ spec:
value: "db01{{ env_suffix }}.iad2.fedoraproject.org" value: "db01{{ env_suffix }}.iad2.fedoraproject.org"
- name: POSTGRESQL_SERVICE_PORT - name: POSTGRESQL_SERVICE_PORT
value: "5432" value: "5432"
{% if env == 'staging' %}
- name: POSTGRESQL_PASSWORD - name: POSTGRESQL_PASSWORD
value: "{{ blockerbugs_db_password }}" value: "{{ stg_blockerbugs_db_password }}"
{% else %}
- name: POSTGRESQL_PASSWORD
value: "{{ prod_blockerbugs_db_password }}"
{% endif %}
- name: SECRET_KEY - name: SECRET_KEY
value: "{{ blockerbugs_secret_key }}" value: "{{ blockerbugs_secret_key }}"
- name: BLOCKERBUGS_URL - name: BLOCKERBUGS_URL
@ -73,8 +78,13 @@ spec:
value: "{{ blockerbugs_pagure_url }}api/0/" value: "{{ blockerbugs_pagure_url }}api/0/"
- name: BUGZILLA_URL - name: BUGZILLA_URL
value: "{{ blockerbugs_bugzilla_url }}" value: "{{ blockerbugs_bugzilla_url }}"
{% if env == 'staging' %}
- name: BUGZILLA_API_KEY - name: BUGZILLA_API_KEY
value: "{{ blockerbugs_bz_api_key }}" value: "{{ stg_blockerbugs_bz_api_key }}"
{% else %}
- name: BUGZILLA_API_KEY
value: "{{ prod_blockerbugs_bz_api_key }}"
{% endif %}
- name: BODHI_URL - name: BODHI_URL
value: "https://bodhi{{ env_suffix }}.fedoraproject.org/" value: "https://bodhi{{ env_suffix }}.fedoraproject.org/"
- name: OPENSHIFT_PROD - name: OPENSHIFT_PROD