Comment the FMN playbook and role

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

playbooks/openshift-apps/fmn.yml

@@ -1,3 +1,8 @@
+#
+# Fedora Messaging Notifications (FMN)
+#
+
+
 - name: setup the database
   hosts: db01.iad2.fedoraproject.org:db01.stg.iad2.fedoraproject.org
   gather_facts: no
@@ -34,16 +39,22 @@
       username: "fmn{{ env_suffix }}"
       queue_name: "fmn{{ env_suffix }}"
       routing_keys:
+      # The FMN queue is subscribed to everything
         - "#"
       thresholds:
         warning: 50
         critical: 500
+      # FMN sends messages when a rule is changed, to invalidate its cache
       sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fmn\..*
       tags:
         - config
         - fedora-messaging
         - rabbitmq_cluster
 
+    # FMN also has an internal VHost for communication between the consumer
+    # (which listens to the Fedora Messaging bus on /pubsub) and the senders
+    # (which send messages to the various destinations such as email, IRC,
+    # Matrix).
     - role: rabbit/vhost
       vhost: /fmn
       tags:
@@ -64,24 +75,9 @@
         - fedora-messaging
         - rabbitmq_cluster
 
-    - name: Create the email queue in the fmn vhost
+    - name: Create the sending queues in the fmn vhost
       rabbitmq_queue:
-        name: email
+        name: "{{ item }}"
-        vhost: /fmn
-        auto_delete: no
-        durable: yes
-        # message_ttl: 300000
-        state: present
-        login_user: admin
-        login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
-      tags:
-        - config
-        - fedora-messaging
-        - rabbitmq_cluster
-
-    - name: Create the irc queue in the fmn vhost
-      rabbitmq_queue:
-        name: irc
         vhost: /fmn
         auto_delete: no
         durable: yes
@@ -89,6 +85,10 @@
         state: present
         login_user: admin
         login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
+      with_items:
+        - email
+        - irc
+        - matrix
       tags:
         - config
         - fedora-messaging
@@ -146,7 +146,6 @@
       serviceport: web
       annotations:
         haproxy.router.openshift.io/timeout: 5m
-
     - role: openshift/route
       app: fmn
       routename: api
@@ -155,7 +154,7 @@
       serviceport: web
       annotations:
         haproxy.router.openshift.io/timeout: 5m
-
+    # Sendria is an email sink for testing, to avoid sending actual emails.
     - role: openshift/route
       app: fmn
       routename: sendria
@@ -164,6 +163,7 @@
       serviceport: web
       annotations:
         haproxy.router.openshift.io/timeout: 5m
+      when: env == "staging"
 
     # Secrets
     - role: openshift/object
@@ -202,7 +202,6 @@
     # FASJSON access
     - role: openshift/ipa-client
       app: fmn
-
     - role: openshift/keytab
       app: fmn
       key: service.keytab

roles/openshift-apps/fmn/files/imagestream.yml

@@ -1,10 +1,12 @@
 apiVersion: image.openshift.io/v1
 kind: List
 items:
+  # The main FMN image
   - apiVersion: image.openshift.io/v1
     kind: ImageStream
     metadata:
       name: fmn
+  # The Python 3.10 builder image
   - apiVersion: image.openshift.io/v1
     kind: ImageStream
     metadata:
@@ -21,18 +23,12 @@ items:
             scheduled: true
           referencePolicy:
             type: Source
+  # Sendria (to view email notifications in staging)
   - apiVersion: image.openshift.io/v1
     kind: ImageStream
     metadata:
       name: sendria
-    # We need to build the sendria image until this is fixed:
+  # Redis (for caching)
-    # https://github.com/msztolcman/sendria/issues/17
-    # spec:
-    #   tags:
-    #     - name: latest
-    #       from:
-    #         kind: DockerImage
-    #         name: msztolcman/sendria:v2.2.2.0
   - apiVersion: image.openshift.io/v1
     kind: ImageStream
     metadata:

roles/openshift-apps/fmn/templates/Dockerfile-sendria

@@ -1,4 +1,4 @@
-# Required until this is fixed:
+# Sendria expects the container to run as root
 # https://github.com/msztolcman/sendria/issues/17
 
 FROM msztolcman/sendria:v2.2.2.0

roles/openshift-apps/fmn/templates/api.toml

@@ -1,3 +1,7 @@
+#
+# Fedora Messaging configuration for the API component
+#
+
 amqp_url = "amqps://fmn{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
 passive_declares = true
 

roles/openshift-apps/fmn/templates/buildconfig.yml

@@ -28,8 +28,11 @@ spec:
         kind: ImageStreamTag
         # name: python:3.10
         # namespace: openshift
+        # OpenShift does not have Python 3.10 (yet), use our own ImageStream
         name: python-310:latest
       env:
+      # The .s2i/bin/assemble script uses this to build the frontend with the
+      # correct API and Ipsilon addresses.
       - name: FEDORA_ENV
         value: "{{ env }}"
   output:
@@ -49,8 +52,8 @@ spec:
       secret: "{{ fmn_stg_github_secret }}"
 {% endif %}
 ---
-# We need to build the sendria image until this is fixed:
+# Sendria, to display email notifications in staging
-# https://github.com/msztolcman/sendria/issues/17
+{% if env == 'staging' %}
 apiVersion: build.openshift.io/v1
 kind: BuildConfig
 metadata:
@@ -60,6 +63,7 @@ metadata:
     build: sendria
 spec:
   runPolicy: Serial
+  # We build the sendria image with a few fixes.
   source:
     type: Dockerfile
     dockerfile: |-
@@ -73,3 +77,4 @@ spec:
   triggers:
   - type: ConfigChange
   - type: ImageChange
+{% endif %}

roles/openshift-apps/fmn/templates/consumer.toml

@@ -1,3 +1,7 @@
+#
+# Fedora Messaging configuration for the consumer component
+#
+
 amqp_url = "amqps://fmn{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
 callback = "fmn.consumer:Consumer"
 passive_declares = true

roles/openshift-apps/fmn/templates/cron.yml

@@ -1,4 +1,7 @@
 ---
+# Cleanup the counting of generated notifications in the database.
+# Increase the retained duration if you want to be able to generate generation
+# statistics over a longer period of time.
 apiVersion: batch/v1
 kind: CronJob
 metadata:
@@ -41,6 +44,9 @@ spec:
               configMap:
                 name: fmn
 ---
+# Refresh the cache before it is expired.
+# This will avoid message processing to be blocked while the cache is being
+# rebuilt.
 apiVersion: batch/v1
 kind: CronJob
 metadata:

roles/openshift-apps/fmn/templates/deploymentconfig.yml

@@ -1,4 +1,5 @@
 ---
+# Frontend component (Javascript served by Apache httpd)
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -63,6 +64,7 @@ spec:
           kind: ImageStreamTag
           name: fmn:latest
 ---
+# API component (Python/FastAPI served by Uvicorn)
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -183,6 +185,7 @@ spec:
           kind: ImageStreamTag
           name: fmn:latest
 ---
+# Consumer component (Fedora Messaging consume command)
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -281,6 +284,7 @@ spec:
           kind: ImageStreamTag
           name: fmn:latest
 ---
+# Email sending component (custom python runner)
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -345,6 +349,7 @@ spec:
           kind: ImageStreamTag
           name: fmn:latest
 ---
+# IRC sending component (custom python runner)
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -412,6 +417,7 @@ spec:
           kind: ImageStreamTag
           name: fmn:latest
 ---
+# Matrix sending component (custom python runner)
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -477,6 +483,7 @@ spec:
           kind: ImageStreamTag
           name: fmn:latest
 ---
+# Redis, for caching
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -515,6 +522,8 @@ spec:
           kind: ImageStreamTag
           name: redis:latest
 ---
+# Sendria, to display email notifications in staging
+{% if env == 'staging' %}
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
@@ -569,3 +578,4 @@ spec:
         from:
           kind: ImageStreamTag
           name: sendria:latest
+{% endif %}

roles/openshift-apps/fmn/templates/fmn.cfg

@@ -1,3 +1,7 @@
+#
+# FMN configuration (fmn.core.config)
+#
+
 DATABASE__SQLALCHEMY__URL="postgresql://fmn:{{ (env == 'production')|ternary(fmn_prod_db_password, fmn_stg_db_password) }}@db01{{ env_suffix }}.iad2.fedoraproject.org/fmn"
 CORS_ORIGINS="https://fmn.apps.ocp{{ env_suffix }}.fedoraproject.org"
 OIDC_PROVIDER_URL="https://id{{ env_suffix }}.fedoraproject.org/openidc"

roles/openshift-apps/fmn/templates/sender-email.toml

@@ -1,3 +1,8 @@
+# Configuration for the email sender.
+# This is not a Fedora Messaging configuration (even if it looks similar)
+# because senders don't use Fedora Messaging, they only connect to FMN's own
+# VHost on RabbitMQ.
+
 amqp_url = "amqps://fmn{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Ffmn"
 queue = "email"
 

roles/openshift-apps/fmn/templates/sender-irc.toml

@@ -1,3 +1,8 @@
+# Configuration for the IRC sender.
+# This is not a Fedora Messaging configuration (even if it looks similar)
+# because senders don't use Fedora Messaging, they only connect to FMN's own
+# VHost on RabbitMQ.
+
 amqp_url = "amqps://fmn{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Ffmn"
 queue = "irc"
 

roles/openshift-apps/fmn/templates/sender-matrix.toml

@@ -1,4 +1,7 @@
-# A sample configuration for the FMN sender. This file is in the TOML format.
+# Configuration for the Matrix sender.
+# This is not a Fedora Messaging configuration (even if it looks similar)
+# because senders don't use Fedora Messaging, they only connect to FMN's own
+# VHost on RabbitMQ.
 
 amqp_url = "amqps://fmn{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Ffmn"
 queue = "matrix"