From 6428f8f7720dbc204a6515e540cea2bd840283c2 Mon Sep 17 00:00:00 2001 From: Michal Konecny Date: Tue, 4 Feb 2025 15:14:47 +0100 Subject: [PATCH] Sunset github2fedmsg and fedmsg This commit is removing all the fedmsg related stuff from ansible repository. Signed-off-by: Michal Konecny --- .ansible-lint | 2 - files/communishift/haproxy.cfg | 4 +- filter_plugins/fedmsg.py | 39 - handlers/restart_services.yml | 21 - inventory/group_vars/all | 34 - inventory/group_vars/autosign | 1 - inventory/group_vars/batcave | 13 - inventory/group_vars/bodhi_backend | 2 - inventory/group_vars/buildhw | 2 +- inventory/group_vars/buildvm | 2 +- inventory/group_vars/buildvm_aarch64 | 2 +- inventory/group_vars/buildvm_ppc64le | 2 +- inventory/group_vars/buildvm_s390x | 2 +- inventory/group_vars/busgateway | 30 - inventory/group_vars/github2fedmsg | 74 - inventory/group_vars/greenwave | 9 - inventory/group_vars/koji | 23 +- inventory/group_vars/mailman | 16 +- inventory/group_vars/nagios | 13 - inventory/group_vars/notifs_backend | 22 - inventory/group_vars/notifs_web | 15 - inventory/group_vars/openqa_onebox_test | 2 - inventory/group_vars/pagure | 44 +- inventory/group_vars/people | 11 - inventory/group_vars/pkgs | 52 - inventory/group_vars/proxies | 14 - inventory/group_vars/releng_compose | 26 - inventory/group_vars/retrace | 32 - inventory/group_vars/value | 31 +- inventory/group_vars/waiverdb | 9 - inventory/group_vars/wiki | 13 - .../bodhi-backend01.iad2.fedoraproject.org | 69 +- .../compose-branched01.iad2.fedoraproject.org | 32 - .../compose-iot01.iad2.fedoraproject.org | 17 - .../compose-rawhide01.iad2.fedoraproject.org | 32 - .../compose-x86-01.iad2.fedoraproject.org | 40 - .../host_vars/people01.fedoraproject.org | 1 - inventory/inventory | 35 - main.yml | 2 - playbooks/fedmsgupdate.yml | 19 - playbooks/groups/busgateway.yml | 58 - playbooks/groups/github2fedmsg.yml | 57 - playbooks/groups/pkgs.yml | 1 - playbooks/groups/value.yml | 2 - playbooks/include/proxies-miscellaneous.yml | 11 - playbooks/include/proxies-reverseproxy.yml | 8 - .../uninstall_ipa_client.yml | 1 - playbooks/manual/restart-fedmsg-services.yml | 95 - playbooks/manual/upgrade/datanommer.yml | 2 - playbooks/manual/upgrade/fedmsg.yml | 58 - playbooks/manual/upgrade/packages.yml | 54 - .../openshift-apps/messaging-bridges.yml | 171 - .../openshift-apps/monitor_dashboard.yml | 124 - roles/abrt/faf/defaults/main.yml | 3 - .../etc-fedora-messaging-config.toml.j2 | 4 - roles/base/templates/iptables/iptables | 6 - .../base/templates/iptables/iptables.bastion | 6 - .../iptables.torrent02.fedoraproject.org | 7 - roles/base/templates/nftables/nftables | 6 - .../nftables.torrent02.fedoraproject.org | 7 - .../batcave/templates/batcave-messaging.toml | 8 - roles/collectd/base/files/fedmsg-types.db | 2 - roles/collectd/base/files/fedmsg.conf | 6 - .../files/fedmsg-activation.conf | 4 - .../fedmsg-activation/files/fedmsg-map.py | 143 - .../templates/fedmsg-service-collectd.py | 122 - .../templates/fedmsg-service.conf | 4 - roles/collectd/fedmsg-service/vars/main.yml | 3 - roles/distgit/pagure/files/stunnel.service | 14 - roles/distgit/pagure/tasks/main.yml | 33 - .../pagure/templates/fedora-messaging.toml | 8 - .../fedmsg/base/files/relay-debug-loopback.py | 27 - roles/fedmsg/base/files/selinux/fedmsg.mod | Bin 1158 -> 0 bytes roles/fedmsg/base/files/selinux/fedmsg.pp | Bin 1174 -> 0 bytes roles/fedmsg/base/files/selinux/fedmsg.te | 21 - roles/fedmsg/base/templates/base.py.j2 | 107 - .../base/templates/endpoints-anitya.py.j2 | 13 - .../templates/endpoints-bugzilla2fedmsg.py.j2 | 26 - .../endpoints-external-composer.py.j2 | 8 - .../base/templates/endpoints-fedbadges.py.j2 | 26 - .../base/templates/endpoints-fedimg.py.j2 | 20 - .../base/templates/endpoints-hotness.py.j2 | 26 - .../base/templates/endpoints-mailman.py.j2 | 37 - roles/fedmsg/base/templates/endpoints.py.j2 | 47 - roles/fedmsg/base/templates/logging.py.j2 | 254 -- roles/fedmsg/base/templates/policy.py.j2 | 30 - roles/fedmsg/base/templates/relay.py.j2 | 45 - roles/fedmsg/base/templates/ssl.py.j2 | 42 - roles/fedmsg/crl/templates/fedmsg.conf | 6 - roles/fedmsg/gateway/files/fixup.patch | 57 - roles/fedmsg/gateway/files/fs-limits.conf | 2 - roles/fedmsg/gateway/files/gateway.py | 7 - roles/fedmsg/gateway/slave/files/endpoints.py | 3 - roles/fedmsg/gateway/slave/files/fixup.patch | 57 - roles/fedmsg/gateway/slave/files/gateway.py | 3 - .../gateway/slave/files/stunnel.service | 14 - .../templates/fedmsg-gateway-slave.py.j2 | 39 - .../gateway/slave/templates/stunnel-conf.j2 | 8 - roles/fedmsg/hub/defaults/main.yml | 10 - roles/fedmsg/hub/files/websockets.py | 9 - roles/fedmsg/hub/handlers/main.yml | 3 - .../hub/templates/fedmsg-hub-systemd.conf.j2 | 25 - roles/fedmsg/irc/templates/fas-credentials.py | 9 - roles/fedmsg/irc/templates/ircbot.py | 726 ---- roles/git/checks/files/check-perms.py | 7 +- roles/git/hooks/files/post-receive-fedmsg | 163 - roles/github2fedmsg/files/11776.patch | 26 - roles/github2fedmsg/files/github2fedmsg.wsgi | 16 - roles/github2fedmsg/files/openid.py | 407 --- .../templates/github2fedmsg.conf | 16 - .../github2fedmsg/templates/github2fedmsg.ini | 97 - .../gitolite/check_fedmsg_hooks/meta/main.yml | 3 - .../check_fedmsg_hooks/tasks/main.yml | 14 - roles/haproxy/templates/haproxy.cfg | 73 +- roles/ipsilon/templates/configuration.conf | 2 +- .../koji_hub/templates/fedora-messaging.toml | 8 - .../base/templates/messaging.toml.j2 | 8 - .../scripts/check_fedmsg_consumer_backlog.py | 72 - .../check_fedmsg_consumer_exceptions.py | 68 - .../scripts/check_fedmsg_producer_last_ran.py | 72 - .../check_fedmsg_producers_consumers.py | 66 - roles/nagios_client/tasks/main.yml | 24 - .../templates/check_datanommer_history.cfg.j2 | 2 +- .../check_fedmsg_composer_proc.cfg.j2 | 1 - .../templates/check_fedmsg_consumers.cfg.j2 | 46 - .../check_fedmsg_gateway_proc.cfg.j2 | 5 - .../templates/check_fedmsg_hub_proc.cfg.j2 | 1 - .../templates/check_fedmsg_irc_proc.cfg.j2 | 1 - .../templates/check_fedmsg_relay_proc.cfg.j2 | 1 - .../files/nagios/commands/notify.cfg | 12 - .../contactgroups/fedora-sysadmin-ircbot.cfg | 2 +- .../files/nagios/contacts/fedmsg.cfg | 10 - .../plugins/check_fedmsg_consumer_backlog.py | 60 - .../check_fedmsg_consumer_exceptions.py | 56 - .../check_fedmsg_producers_consumers.py | 62 - .../nagios/services/iad2_internal/fedmsg.cfg | 284 -- roles/nagios_server/tasks/main.yml | 2 - .../templates/nagios/services/websites.cfg.j2 | 9 - .../nagios_server/templates/nrpe/nrpe.cfg.j2 | 38 +- .../badges/templates/fm-fedbadges.toml | 8 - .../badges/templates/fm-tahrir.toml | 8 - .../templates/fedora-messaging-config.toml | 8 - .../elections/templates/fedora-messaging.toml | 8 - .../fedocal/templates/fedora-messaging.toml | 8 - .../firmitas/templates/certlist.yml.j2 | 16 - roles/openshift-apps/fmn/templates/api.toml | 8 - .../greenwave/templates/config.toml | 6 - .../greenwave/templates/greenwave.py | 7 - .../templates/fedora-messaging.toml | 8 - .../templates/fedora-messaging.toml.j2 | 1 - .../messaging-bridges/files/imagestream.yml | 10 - .../messaging-bridges/files/service.yml | 15 - .../templates/amqp-to-zmq.toml | 67 - .../templates/buildconfig.yml.j2 | 31 - .../messaging-bridges/templates/config.toml | 37 - .../templates/configmap.yml.j2 | 27 - .../templates/deploymentconfig.yml | 234 -- .../templates/fedmsg-migration-tools.py | 76 - .../templates/verify-missing.toml | 79 - .../templates/zmq-to-amqp.toml | 52 - .../templates/fedora-messaging.toml | 8 - .../files/dashboard_provision_config.yml | 31 - .../monitor-dashboard/files/dashboards.yaml | 25 - .../files/datagrepper_route.yml | 17 - .../files/datagrepper_service.yml | 15 - .../files/dockerfile-datagrepper | 15 - .../monitor-dashboard/files/imagestream.yml | 11 - .../monitor-dashboard/files/notifiers.yaml | 27 - .../files/postgrest_route.yml | 17 - .../files/postgrest_service.yml | 15 - .../monitor-dashboard/files/prest_route.yml | 17 - .../monitor-dashboard/files/prest_service.yml | 15 - .../monitor-dashboard/files/route.yml | 17 - .../files/route_serviceaccount.yml | 7 - .../monitor-dashboard/files/service.yml | 17 - .../templates/buildconfig.yml.j2 | 39 - .../templates/configmap.yml.j2 | 33 - .../templates/dashboard_anitya.json.j2 | 282 -- .../templates/dashboard_config.yml.j2 | 15 - .../dashboard_fedora_coreos_updates.json.j2 | 497 --- .../dashboard_monitor_gating.json.j2 | 3057 ----------------- .../templates/dashboard_package_tests.json.j2 | 347 -- .../templates/datagrepper_configmap.yml.j2 | 49 - .../datagrepper_deploymentconfig.yml.j2 | 63 - .../templates/deploymentconfig.yml.j2 | 91 - .../postgrest_deploymentconfig.yml.j2 | 38 - .../templates/prest_deploymentconfig.yml.j2 | 40 - .../noggin/templates/fedora-messaging.toml | 8 - .../poddlers/templates/fedora-messaging.toml | 8 - .../templates/fedora-messaging.toml.j2 | 8 - roles/packages3/web/files/distmappings.py | 86 - .../web/files/fedmsg-hub-forward-compat | 9 - roles/packages3/web/files/package_128x128.png | Bin 12266 -> 0 bytes roles/packages3/web/files/packages-httpd.conf | 76 - .../web/templates/fedoracommunity.py | 7 - .../web/templates/packages-app.ini.j2 | 238 -- roles/pagure/templates/fedora-messaging.toml | 7 - roles/rabbit/queue/tasks/main.yml | 20 - .../templates/fedora-messaging.toml.j2 | 8 - 199 files changed, 17 insertions(+), 11255 deletions(-) delete mode 100644 filter_plugins/fedmsg.py delete mode 100644 inventory/group_vars/busgateway delete mode 100644 inventory/group_vars/github2fedmsg delete mode 100644 inventory/group_vars/greenwave delete mode 100644 inventory/group_vars/waiverdb delete mode 100644 playbooks/fedmsgupdate.yml delete mode 100644 playbooks/groups/busgateway.yml delete mode 100644 playbooks/groups/github2fedmsg.yml delete mode 100644 playbooks/manual/restart-fedmsg-services.yml delete mode 100644 playbooks/manual/upgrade/fedmsg.yml delete mode 100644 playbooks/manual/upgrade/packages.yml delete mode 100644 playbooks/openshift-apps/messaging-bridges.yml delete mode 100644 playbooks/openshift-apps/monitor_dashboard.yml delete mode 100644 roles/collectd/base/files/fedmsg-types.db delete mode 100644 roles/collectd/base/files/fedmsg.conf delete mode 100644 roles/collectd/fedmsg-activation/files/fedmsg-activation.conf delete mode 100644 roles/collectd/fedmsg-activation/files/fedmsg-map.py delete mode 100644 roles/collectd/fedmsg-service/templates/fedmsg-service-collectd.py delete mode 100644 roles/collectd/fedmsg-service/templates/fedmsg-service.conf delete mode 100644 roles/collectd/fedmsg-service/vars/main.yml delete mode 100644 roles/distgit/pagure/files/stunnel.service delete mode 100644 roles/fedmsg/base/files/relay-debug-loopback.py delete mode 100644 roles/fedmsg/base/files/selinux/fedmsg.mod delete mode 100644 roles/fedmsg/base/files/selinux/fedmsg.pp delete mode 100644 roles/fedmsg/base/files/selinux/fedmsg.te delete mode 100644 roles/fedmsg/base/templates/base.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints-anitya.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints-external-composer.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints-fedbadges.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints-fedimg.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints-hotness.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints-mailman.py.j2 delete mode 100644 roles/fedmsg/base/templates/endpoints.py.j2 delete mode 100644 roles/fedmsg/base/templates/logging.py.j2 delete mode 100644 roles/fedmsg/base/templates/policy.py.j2 delete mode 100644 roles/fedmsg/base/templates/relay.py.j2 delete mode 100644 roles/fedmsg/base/templates/ssl.py.j2 delete mode 100644 roles/fedmsg/crl/templates/fedmsg.conf delete mode 100644 roles/fedmsg/gateway/files/fixup.patch delete mode 100644 roles/fedmsg/gateway/files/fs-limits.conf delete mode 100644 roles/fedmsg/gateway/files/gateway.py delete mode 100644 roles/fedmsg/gateway/slave/files/endpoints.py delete mode 100644 roles/fedmsg/gateway/slave/files/fixup.patch delete mode 100644 roles/fedmsg/gateway/slave/files/gateway.py delete mode 100644 roles/fedmsg/gateway/slave/files/stunnel.service delete mode 100644 roles/fedmsg/gateway/slave/templates/fedmsg-gateway-slave.py.j2 delete mode 100644 roles/fedmsg/gateway/slave/templates/stunnel-conf.j2 delete mode 100644 roles/fedmsg/hub/defaults/main.yml delete mode 100644 roles/fedmsg/hub/files/websockets.py delete mode 100644 roles/fedmsg/hub/handlers/main.yml delete mode 100644 roles/fedmsg/hub/templates/fedmsg-hub-systemd.conf.j2 delete mode 100644 roles/fedmsg/irc/templates/fas-credentials.py delete mode 100644 roles/fedmsg/irc/templates/ircbot.py delete mode 100755 roles/git/hooks/files/post-receive-fedmsg delete mode 100644 roles/github2fedmsg/files/11776.patch delete mode 100644 roles/github2fedmsg/files/github2fedmsg.wsgi delete mode 100644 roles/github2fedmsg/files/openid.py delete mode 100644 roles/github2fedmsg/templates/github2fedmsg.conf delete mode 100644 roles/github2fedmsg/templates/github2fedmsg.ini delete mode 100644 roles/gitolite/check_fedmsg_hooks/meta/main.yml delete mode 100644 roles/gitolite/check_fedmsg_hooks/tasks/main.yml delete mode 100644 roles/nagios_client/files/scripts/check_fedmsg_consumer_backlog.py delete mode 100644 roles/nagios_client/files/scripts/check_fedmsg_consumer_exceptions.py delete mode 100644 roles/nagios_client/files/scripts/check_fedmsg_producer_last_ran.py delete mode 100644 roles/nagios_client/files/scripts/check_fedmsg_producers_consumers.py delete mode 100644 roles/nagios_client/templates/check_fedmsg_composer_proc.cfg.j2 delete mode 100644 roles/nagios_client/templates/check_fedmsg_consumers.cfg.j2 delete mode 100644 roles/nagios_client/templates/check_fedmsg_gateway_proc.cfg.j2 delete mode 100644 roles/nagios_client/templates/check_fedmsg_hub_proc.cfg.j2 delete mode 100644 roles/nagios_client/templates/check_fedmsg_irc_proc.cfg.j2 delete mode 100644 roles/nagios_client/templates/check_fedmsg_relay_proc.cfg.j2 delete mode 100644 roles/nagios_server/files/nagios/contacts/fedmsg.cfg delete mode 100644 roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_backlog.py delete mode 100644 roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_exceptions.py delete mode 100644 roles/nagios_server/files/nagios/plugins/check_fedmsg_producers_consumers.py delete mode 100644 roles/nagios_server/files/nagios/services/iad2_internal/fedmsg.cfg delete mode 100644 roles/openshift-apps/messaging-bridges/files/imagestream.yml delete mode 100644 roles/openshift-apps/messaging-bridges/files/service.yml delete mode 100644 roles/openshift-apps/messaging-bridges/templates/amqp-to-zmq.toml delete mode 100644 roles/openshift-apps/messaging-bridges/templates/buildconfig.yml.j2 delete mode 100644 roles/openshift-apps/messaging-bridges/templates/config.toml delete mode 100644 roles/openshift-apps/messaging-bridges/templates/configmap.yml.j2 delete mode 100644 roles/openshift-apps/messaging-bridges/templates/deploymentconfig.yml delete mode 100644 roles/openshift-apps/messaging-bridges/templates/fedmsg-migration-tools.py delete mode 100644 roles/openshift-apps/messaging-bridges/templates/verify-missing.toml delete mode 100644 roles/openshift-apps/messaging-bridges/templates/zmq-to-amqp.toml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/dashboards.yaml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/dockerfile-datagrepper delete mode 100644 roles/openshift-apps/monitor-dashboard/files/imagestream.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/notifiers.yaml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/prest_route.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/prest_service.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/route.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/files/service.yml delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/buildconfig.yml.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/configmap.yml.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/dashboard_anitya.json.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/dashboard_config.yml.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/dashboard_fedora_coreos_updates.json.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/dashboard_monitor_gating.json.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/dashboard_package_tests.json.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/datagrepper_configmap.yml.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/deploymentconfig.yml.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/postgrest_deploymentconfig.yml.j2 delete mode 100644 roles/openshift-apps/monitor-dashboard/templates/prest_deploymentconfig.yml.j2 delete mode 100644 roles/packages3/web/files/distmappings.py delete mode 100644 roles/packages3/web/files/fedmsg-hub-forward-compat delete mode 100644 roles/packages3/web/files/package_128x128.png delete mode 100644 roles/packages3/web/files/packages-httpd.conf delete mode 100644 roles/packages3/web/templates/fedoracommunity.py delete mode 100644 roles/packages3/web/templates/packages-app.ini.j2 diff --git a/.ansible-lint b/.ansible-lint index 29aac0dae9..6954c4c552 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -14,8 +14,6 @@ exclude_paths: - scripts # Ignore playbooks with strange error happening in - playbooks/groups/copr-db.yml - # Exclude playbook that contains only include_playbook - - playbooks/fedmsgupdate.yml # Some playbooks contains hardcoded paths, so exclude them from check - playbooks/list-vms-per-host.yml - playbooks/set_root_auth_keys.yml diff --git a/files/communishift/haproxy.cfg b/files/communishift/haproxy.cfg index 62627bcc38..c13c168185 100644 --- a/files/communishift/haproxy.cfg +++ b/files/communishift/haproxy.cfg @@ -2,9 +2,7 @@ global log 127.0.0.1 local0 warning - # Set this to 4096 + 16384 - # 16384 for the fedmsg gateway and 4096 for everybody else. - maxconn 20480 + maxconn 4096 chroot /var/lib/haproxy user haproxy group haproxy diff --git a/filter_plugins/fedmsg.py b/filter_plugins/fedmsg.py deleted file mode 100644 index 16773cee12..0000000000 --- a/filter_plugins/fedmsg.py +++ /dev/null @@ -1,39 +0,0 @@ -import operator - - -def invert_fedmsg_policy(groups, vars, env): - """ Given hostvars that map hosts -> topics, invert that - and return a dict that maps topics -> hosts. - - Really, returns a list of tuples -- not a dict. - """ - - if env == 'staging': - hosts = groups['staging'] + groups['staging_friendly'] - else: - hosts = [h for h in groups['all'] if h not in groups['staging']] - - inverted = {} - for host in hosts: - prefix = '.'.join([vars[host]['fedmsg_prefix'], - vars[host]['fedmsg_env']]) - fqdn = vars[host].get('fedmsg_fqdn', host) - - for cert in vars[host]['fedmsg_certs']: - for topic in cert.get('can_send', []): - key = prefix + '.' + topic - inverted[key] = inverted.get(key, []) - inverted[key].append(cert['service'] + '-' + fqdn) - - result = list(inverted.items()) - # Sort things so they come out in a reliable order (idempotence) - [inverted[key].sort() for key in inverted] - result.sort(key=operator.itemgetter(0)) - return result - - -class FilterModule(object): - def filters(self): - return { - "invert_fedmsg_policy": invert_fedmsg_policy, - } diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml index 690c2d544d..6166705a67 100644 --- a/handlers/restart_services.yml +++ b/handlers/restart_services.yml @@ -17,27 +17,6 @@ - name: Restart crond action: service name=crond state=restarted -- name: Restart fedmsg-gateway - ansible.builtin.command: /usr/local/bin/conditional-restart.sh fedmsg-gateway - -- name: Restart fedmsg-hub - ansible.builtin.command: /usr/local/bin/conditional-restart.sh {{ item }} - with_items: - - fedmsg-hub - - fedmsg-hub-3 - -- name: Restart fedmsg-hub-3 - ansible.builtin.command: /usr/local/bin/conditional-restart.sh {{ item }} - with_items: - - fedmsg-hub - - fedmsg-hub-3 - -- name: Restart fedmsg-irc - ansible.builtin.command: /usr/local/bin/conditional-restart.sh fedmsg-irc - -- name: Restart fedmsg-relay - ansible.builtin.command: /usr/local/bin/conditional-restart.sh fedmsg-relay - - name: Restart fm-consumer@koji_sync_listener action: service name=fm-consumer@koji_sync_listener state=restarted enabled=yes diff --git a/inventory/group_vars/all b/inventory/group_vars/all index ef8923e0c5..3f8e717d43 100644 --- a/inventory/group_vars/all +++ b/inventory/group_vars/all @@ -91,13 +91,6 @@ nft_custom6_rules: [] nft_custom_rules: [] # most of our systems are in IAD2 datacenter: iad2 -# These are used to: -# 1) configure mod_wsgi -# 2) open iptables rules for fedmsg (per wsgi thread) -# 3) declare enough fedmsg endpoints for the service -#wsgi_fedmsg_service: bodhi -#wsgi_procs: 4 -#wsgi_threads: 4 # Datanommer datanommer_db_hostname: db-datanommer02 @@ -120,33 +113,6 @@ env_suffix: "" eth0_ipv4_nm: 24 eth1_ip: 10.0.0.10 eth1_nm: 255.255.255.0 -# By default, fedmsg hosts are in passive mode. External hosts are typically -# active. -fedmsg_active: False -# By default, nodes get no fedmsg certs. They need to declare them explicitly. -fedmsg_certs: [] -# A special flag that, when set to true, will disconnect the host from the -# global fedmsg-relay instance and set it up with its own local one. You can -# temporarily set this to true for a specific host to do some debugging -- so -# you can *replay real messages from the datagrepper history without having -# those broadcast to the rest of the bus*. -fedmsg_debug_loopback: False -fedmsg_env: prod -# By default, fedmsg sends error logs to sysadmin-datanommer-members@fp.o. -fedmsg_error_recipients: - - sysadmin-datanommer-members@fedoraproject.org -# By default, fedmsg should not log debug info. Groups can override this. -fedmsg_loglevel: INFO -# Amount of time to wait for connections after a socket is first established. -fedmsg_post_init_sleep: 1.0 -# Other defaults for fedmsg environments -fedmsg_prefix: org.fedoraproject -# Everywhere, always, we should sign messages and validate signatures. -# However, we allow individual hosts and groups to override this. Use this very -# carefully.. and never in production (good for testing stuff in staging). -fedmsg_sign_messages: True -fedmsg_validate_signatures: True -# # END: Ansible roles_path variables ####### freezes: true diff --git a/inventory/group_vars/autosign b/inventory/group_vars/autosign index 80abde26aa..05d2675432 100644 --- a/inventory/group_vars/autosign +++ b/inventory/group_vars/autosign @@ -11,7 +11,6 @@ ansible_ifcfg_allowlist: # https://bugzilla.redhat.com/show_bug.cgi?id=1283364 custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.3.169.120 -j ACCEPT'] nft_custom_rules: ['add rule ip filter INPUT ip saddr 10.3.169.120 tcp sport 44334 counter accept'] -fedmsg_error_recipients: [] host_group: autosign ipa_client_shell_groups: - sysadmin-releng diff --git a/inventory/group_vars/batcave b/inventory/group_vars/batcave index fd62ac89a2..a80212a130 100644 --- a/inventory/group_vars/batcave +++ b/inventory/group_vars/batcave @@ -10,19 +10,6 @@ nft_custom_rules: # This host is externally reachable # external: true -fedmsg_certs: - - can_send: - - ansible.playbook.complete - - ansible.playbook.start - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - infragit.receive - group: sysadmin - owner: root - service: scm freezes: true ipa_client_shell_groups: - fi-apprentice diff --git a/inventory/group_vars/bodhi_backend b/inventory/group_vars/bodhi_backend index 22cd483566..5e58673e3b 100644 --- a/inventory/group_vars/bodhi_backend +++ b/inventory/group_vars/bodhi_backend @@ -19,8 +19,6 @@ ipa_host_group: bodhi ipa_host_group_desc: Bodhi update service lvm_size: 100000 mem_size: 16384 -## XXX -- note that the fedmsg_certs declaration does not happen here, but -# happens instead at the inventory/host_vars/ level s nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3" nrpe_procs_crit: 1000 # With 16 cpus, theres a bunch more kernel threads diff --git a/inventory/group_vars/buildhw b/inventory/group_vars/buildhw index 1f38248fa5..3d129dcc42 100644 --- a/inventory/group_vars/buildhw +++ b/inventory/group_vars/buildhw @@ -17,6 +17,6 @@ source_registry: "registry.fedoraproject.org" notes: | Koji service employs a set of machines to build packages for the Fedora project. - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/buildvm b/inventory/group_vars/buildvm index 9cdb48e9d6..e98179d82c 100644 --- a/inventory/group_vars/buildvm +++ b/inventory/group_vars/buildvm @@ -27,6 +27,6 @@ notes: | Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders. * VMs built on top of buildvmhost - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/buildvm_aarch64 b/inventory/group_vars/buildvm_aarch64 index fcd13ed6cf..9bbfb04c3e 100644 --- a/inventory/group_vars/buildvm_aarch64 +++ b/inventory/group_vars/buildvm_aarch64 @@ -27,6 +27,6 @@ volgroup: /dev/vg_guests notes: | Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders. * VMs built on top of buildvmhost - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/buildvm_ppc64le b/inventory/group_vars/buildvm_ppc64le index 0c67e02284..f15815b404 100644 --- a/inventory/group_vars/buildvm_ppc64le +++ b/inventory/group_vars/buildvm_ppc64le @@ -30,7 +30,7 @@ volgroup: /dev/vg_virt_buildvm_ppc64le_iscsi notes: | Koji service employs a set of virtual machines to build packages for the Fedora project. This group builds packages for ppcle architecture. - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new * virtual instances diff --git a/inventory/group_vars/buildvm_s390x b/inventory/group_vars/buildvm_s390x index 9e741b0f0b..a233c7e63c 100644 --- a/inventory/group_vars/buildvm_s390x +++ b/inventory/group_vars/buildvm_s390x @@ -27,6 +27,6 @@ volgroup: /dev/vg_guests notes: | Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders. * VMs built on top of a s390x LPAR - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/busgateway b/inventory/group_vars/busgateway deleted file mode 100644 index 8c7dc53dca..0000000000 --- a/inventory/group_vars/busgateway +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Define resources for this group of hosts here. -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell -ipa_client_shell_groups: - - sysadmin-datanommer - - sysadmin-noc - - sysadmin-veteran -ipa_client_sudo_groups: - - sysadmin-datanommer - - sysadmin-noc -ipa_host_group: busgateway -ipa_host_group_desc: Bridge between fedmsg and fedora-messaging -lvm_size: 20000 -mem_size: 8192 -num_cpus: 2 -primary_auth_source: ipa -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file -tcp_ports: [3999, # The fedmsg-relay republishes here. Listeners need to connect. - 9941, # The fedmsg-relay listens here. Ephemeral producers connect. - 3998, # The fedmsg-relay listens here. VPN producers connect. - 9940, # The fedmsg-gateway republishes here. Proxies need to connect. - 9919, # The websocket server publishes here. Proxies need to connect. -] diff --git a/inventory/group_vars/github2fedmsg b/inventory/group_vars/github2fedmsg deleted file mode 100644 index b60e071982..0000000000 --- a/inventory/group_vars/github2fedmsg +++ /dev/null @@ -1,74 +0,0 @@ ---- -# Define resources for this group of hosts here. -# Neeed for rsync from log01 for logs. -custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT'] -nft_custom_rules: - - 'add rule ip filter INPUT ip saddr 10.3.163.39 tcp dport 873 counter accept' - - 'add rule ip filter INPUT ip saddr 192.168.1.59 tcp dport 873 counter accept' -deployment_type: prod -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - github.commit_comment - - github.create - - github.delete - - github.fork - - github.gollum - - github.issue.assigned - - github.issue.closed - - github.issue.comment - - github.issue.edited - - github.issue.labeled - - github.issue.milestone - - github.issue.opened - - github.issue.reopened - - github.issue.unassigned - - github.issue.unlabeled - - github.label - - github.member - - github.page_build - - github.pull_request.assigned - - github.pull_request.closed - - github.pull_request.edited - - github.pull_request.labeled - - github.pull_request.opened - - github.pull_request_review - - github.pull_request_review_comment - - github.pull_request.review_requested - - github.pull_request.synchronize - - github.pull_request.unlabeled - - github.push - - github.release - - github.repository_vulnerability_alert - - github.star - - github.status - - github.team_add - - github.webhook - group: apache - owner: root - service: github2fedmsg -ipa_client_shell_groups: - - sysadmin-noc - - sysadmin-veteran -ipa_host_group: github2fedmsg -ipa_host_group_desc: Bridge select GitHub repo events into bus messages -lvm_size: 20000 -mem_size: 2048 -num_cpus: 2 -primary_auth_source: ipa -tcp_ports: [80] -# for fedora-messaging -username: "github2fedmsg{{ env_suffix }}" -user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.github\..* -# Definining these vars has a number of effects -# 1) mod_wsgi is configured to use the vars for its own setup -# 2) iptables opens enough ports for all threads for fedmsg -# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads -wsgi_fedmsg_service: github2fedmsg -wsgi_procs: 2 -wsgi_threads: 2 diff --git a/inventory/group_vars/greenwave b/inventory/group_vars/greenwave deleted file mode 100644 index 23865f1fd0..0000000000 --- a/inventory/group_vars/greenwave +++ /dev/null @@ -1,9 +0,0 @@ ---- -# XXX - this is not really a group of real hosts. -# Instead, it represents an application in openshift. -# See playbooks/openshift-apps/greenwave.yml -fedmsg_certs: - - can_send: - - logger.log - - greenwave.decision.update - service: greenwave diff --git a/inventory/group_vars/koji b/inventory/group_vars/koji index 5eb37cd3e0..9f9b351aee 100644 --- a/inventory/group_vars/koji +++ b/inventory/group_vars/koji @@ -8,25 +8,6 @@ nft_custom_rules: - 'add rule ip filter INPUT ip daddr 224.0.0.0/8 counter accept' - 'add rule ip filter INPUT ip protocol vrrp counter accept' docker_registry: "candidate-registry.fedoraproject.org" -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - buildsys.build.state.change - - buildsys.package.list.change - - buildsys.repo.done - - buildsys.repo.init - - buildsys.rpm.sign - - buildsys.tag - - buildsys.task.state.change - - buildsys.untag - group: apache - owner: root - service: koji ipa_client_shell_groups: - sysadmin-releng ipa_client_sudo_groups: @@ -44,8 +25,6 @@ primary_auth_source: ipa source_registry: "registry.fedoraproject.org" # for systems that do not match the above - specify the same parameter in # the host_vars/$hostname file -tcp_ports: [80, 443, 111, 2049, - # These 8 ports are used by fedmsg. One for each wsgi thread. - 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007] +tcp_ports: [80, 443, 111, 2049] udp_ports: [111, 2049] virt_install_command: "{{ virt_install_command_two_nic }}" diff --git a/inventory/group_vars/mailman b/inventory/group_vars/mailman index 9dbb922c05..55a7ba0894 100644 --- a/inventory/group_vars/mailman +++ b/inventory/group_vars/mailman @@ -1,18 +1,6 @@ --- # common items for the releng-* boxes deployment_type: prod -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - mailman.receive - group: mailman - owner: mailman - service: mailman ipa_client_shell_groups: - sysadmin-tools ipa_client_sudo_groups: @@ -66,9 +54,7 @@ num_cpus: 4 # Postfix main.cf postfix_group: mailman primary_auth_source: ipa -tcp_ports: [25, 80, 443, - # For outgoing fedmsg - 3000, 3001, 3002, 3003] +tcp_ports: [25, 80, 443] # mailman role variables mailman_rest_api_username: "{{ mailman_rest_api_user }}" diff --git a/inventory/group_vars/nagios b/inventory/group_vars/nagios index 3758155323..71ec95643e 100644 --- a/inventory/group_vars/nagios +++ b/inventory/group_vars/nagios @@ -15,19 +15,6 @@ exclude_iad2_hostgroups: - zabbix_stg - zabbix - logdetective -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - nagios.host.state.change - - nagios.service.state.change - group: nagios - owner: root - service: nagios #iad2_management_slowping: # - ppc8-01-fsp.mgmt.fedoraproject.org # - ppc8-02-fsp.mgmt.fedoraproject.org diff --git a/inventory/group_vars/notifs_backend b/inventory/group_vars/notifs_backend index a089c7c291..5c8742d48d 100644 --- a/inventory/group_vars/notifs_backend +++ b/inventory/group_vars/notifs_backend @@ -1,29 +1,7 @@ --- # Define resources for this group of hosts here. deployment_type: prod -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - # The shell cert needs to be allowed to send these too so it can do alembic - # upgrades that trigger messages. - can_send: - - fmn.filter.update - - fmn.preference.update - - fmn.rule.update - - fmn.confirmation.update - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - fmn.filter.update - - fmn.preference.update - - fmn.rule.update - - fmn.confirmation.update - group: fedmsg - owner: root - service: fmn # For performance measurement.. for now. This can be removed whenever. -fedmsg_loglevel: DEBUG lvm_size: 65536 max_mem_size: "{{ mem_size }}" mem_size: 24576 diff --git a/inventory/group_vars/notifs_web b/inventory/group_vars/notifs_web index 13f0a0ac70..efd729a89a 100644 --- a/inventory/group_vars/notifs_web +++ b/inventory/group_vars/notifs_web @@ -1,21 +1,6 @@ --- # Define resources for this group of hosts here. deployment_type: prod -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - fmn.filter.update - - fmn.preference.update - - fmn.rule.update - - fmn.confirmation.update - group: apache - owner: root - service: fmn lvm_size: 20000 mem_size: 1024 num_cpus: 2 diff --git a/inventory/group_vars/openqa_onebox_test b/inventory/group_vars/openqa_onebox_test index 2292a35006..483d3611b0 100644 --- a/inventory/group_vars/openqa_onebox_test +++ b/inventory/group_vars/openqa_onebox_test @@ -16,8 +16,6 @@ deployment_type: stg # this won't really work, there's not going to be any way to get at # the webui from outside the box, but we gotta set it to something external_hostname: openqa.oneboxtest.fedoraproject.org -# makes sure it sends stg not prod fedmsgs -fedmsg_env: stg freezes: false gw: 10.3.174.254 diff --git a/inventory/group_vars/pagure b/inventory/group_vars/pagure index ec8d2e9319..9420aa4b63 100644 --- a/inventory/group_vars/pagure +++ b/inventory/group_vars/pagure @@ -16,46 +16,6 @@ nft_custom_rules: db_backup_dir: ['/backups'] dbs_to_backup: ['pagure'] env: pagure -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - pagure.git.receive - - pagure.issue.assigned.added - - pagure.issue.assigned.reset - - pagure.issue.comment.added - - pagure.issue.comment.edited - - pagure.issue.dependency.added - - pagure.issue.dependency.removed - - pagure.issue.drop - - pagure.issue.edit - - pagure.issue.new - - pagure.issue.tag.added - - pagure.issue.tag.removed - - pagure.project.deleted - - pagure.project.edit - - pagure.project.forked - - pagure.project.group.added - - pagure.project.new - - pagure.project.tag.edited - - pagure.project.tag.removed - - pagure.project.user.access.updated - - pagure.project.user.added - - pagure.pull-request.closed - - pagure.pull-request.comment.added - - pagure.pull-request.flag.added - - pagure.pull-request.flag.updated - - pagure.pull-request.new - - pagure.request.assigned.added - group: apache - owner: git - service: pagure -fedmsg_env: prod -fedmsg_prefix: io.pagure freezes: true host_backup_targets: ['/srv/git', '/var/www/releases'] ipa_client_shell_groups: @@ -81,9 +41,7 @@ stunnel_source_port: 8088 # the host_vars/$hostname file tcp_ports: [22, 25, 80, 443, 8442, 8443, 8444, 8445, # Used for the eventsource - 8088, - # This is for the pagure public fedmsg relay - 9940] + 8088] vpn: true notes: | diff --git a/inventory/group_vars/people b/inventory/group_vars/people index acba9d3427..0d8398988a 100644 --- a/inventory/group_vars/people +++ b/inventory/group_vars/people @@ -7,17 +7,6 @@ clamscan_paths: # Neeed for rsync from log01 for logs. custom_rules: ['-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT'] nft_custom_rules: ['add rule ip filter INPUT ip saddr 192.168.1.59 tcp dport 873 counter accept'] -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - planet.post.new - group: planet-user - owner: root - service: planet git_basepath: / git_daemon_user: nobody git_port: 9418 diff --git a/inventory/group_vars/pkgs b/inventory/group_vars/pkgs index 64e0754adf..000f4a3edb 100644 --- a/inventory/group_vars/pkgs +++ b/inventory/group_vars/pkgs @@ -24,58 +24,6 @@ clamscan_paths: # This host is externally reachable # external: true -fedmsg_active: True -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - git.branch - - git.mass_branch.complete - - git.mass_branch.start - - logger.log - - pagure.git.receive - group: sysadmin - owner: root - service: shell - - can_send: - - git.receive - - pagure.git.receive - group: packager - owner: root - service: scm - - can_send: - - git.lookaside.new - group: apache - owner: root - service: lookaside - - can_send: - - pagure.git.receive - - pagure.issue.assigned.added - - pagure.issue.assigned.reset - - pagure.issue.comment.added - - pagure.issue.dependency.added - - pagure.issue.dependency.removed - - pagure.issue.edit - - pagure.issue.new - - pagure.issue.tag.added - - pagure.issue.tag.removed - - pagure.project.edit - - pagure.project.forked - - pagure.project.group.added - - pagure.project.new - - pagure.project.tag.edited - - pagure.project.tag.removed - - pagure.project.user.added - - pagure.project.user.removed - - pagure.pull-request.closed - - pagure.pull-request.comment.added - - pagure.pull-request.comment.edited - - pagure.pull-request.flag.added - - pagure.pull-request.flag.updated - - pagure.pull-request.new - - pagure.request.assigned.added - group: apache - owner: pagure - service: pagure ipa_client_shell_groups: - packager - sysadmin-cvs diff --git a/inventory/group_vars/proxies b/inventory/group_vars/proxies index 19eff3742b..6df7e85701 100644 --- a/inventory/group_vars/proxies +++ b/inventory/group_vars/proxies @@ -11,10 +11,6 @@ custom_rules: [ '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6082 -j ACCEPT', # also allow varnish from internal for purge requests '-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.0/24 --dport 6081 -j ACCEPT', - # Allow happinesspackets.fedorainfracloud.org to talk to inbound fedmsg relay. - '-A INPUT -p tcp -m tcp --dport 9941 -s 209.132.184.58 -j ACCEPT', - # Allow openqa01 to talk to the inbound fedmsg relay. - '-A INPUT -p tcp -m tcp --dport 9941 -s 10.3.174.0/24 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.120 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.121 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.122 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.123 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.124 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.125 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.126 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.65 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.127 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.128 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.129 -j ACCEPT'] nft_custom_rules: # Need for rsync from log01 for logs. @@ -27,10 +23,6 @@ nft_custom_rules: # also allow varnish from internal for purge requests - 'add rule ip filter INPUT ip saddr 192.168.1.0/24 tcp dport 6081 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.163.0/24 tcp dport 6081 counter accept' - # Allow happinesspackets.fedorainfracloud.org to talk to inbound fedmsg relay. - - 'add rule ip filter INPUT ip saddr 209.132.184.58 tcp dport 9941 counter accept' - # Allow openqa01 to talk to the inbound fedmsg relay. - - 'add rule ip filter INPUT ip saddr 10.3.174.0/24 tcp dport 9941 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.163.120 tcp dport 22623 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.163.121 tcp dport 22623 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.163.122 tcp dport 22623 counter accept' @@ -92,12 +84,6 @@ tcp_ports: [ 15671, # This is for TOTP 8443, - # For fedmsg websocket server over stunnel - 9939, - # For fedmsg raw zeromq socket (outbound) - 9940, - # 9941 is closed generally, is for the inbound fedmsg and is covered in - # custom_rules ] varnish_group: proxies zabbix_templates: diff --git a/inventory/group_vars/releng_compose b/inventory/group_vars/releng_compose index 0ee5446352..ceb404cbc2 100644 --- a/inventory/group_vars/releng_compose +++ b/inventory/group_vars/releng_compose @@ -1,32 +1,6 @@ --- # common items for the releng-* boxes dns: 10.3.163.33 -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: root - owner: root - service: shell - - can_send: - - pungi.compose.phase.start - - pungi.compose.phase.stop - - pungi.compose.status.change - - pungi.compose.createiso.targets - - pungi.compose.createiso.imagefail - - pungi.compose.createiso.imagedone - - pungi.compose.ostree - - compose.27.complete - - compose.27.start - - compose.28.complete - - compose.28.rsync.complete - - compose.28.rsync.start - - compose.28.start - - compose.29.complete - - compose.29.start - group: masher - owner: root - service: releng freezes: true host_group: releng ipa_client_shell_groups: diff --git a/inventory/group_vars/retrace b/inventory/group_vars/retrace index 1f28d5495b..40975a18a6 100644 --- a/inventory/group_vars/retrace +++ b/inventory/group_vars/retrace @@ -6,38 +6,6 @@ nft_custom_rules: - 'add rule ip filter INPUT ip saddr 10.5.78.11 tcp dport 2049 counter accept' - 'add rule ip filter INPUT ip saddr 10.5.78.11 tcp dport 5432 counter accept' env: production -# Since retrace is on the qa network, it needs to actively connect to our -# inbound relay. -fedmsg_active: True -fedmsg_cert_prefix: faf -# Declare fedmsg certs that should be put in /etc/pki/fedmsg/ -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: retrace - owner: root - service: shell - - can_send: - - faf.report.threshold1 - - faf.report.threshold10 - - faf.report.threshold100 - - faf.report.threshold1000 - - faf.report.threshold1000 - - faf.report.threshold10000 - - faf.report.threshold100000 - - faf.report.threshold1000000 - - faf.problem.threshold1 - - faf.problem.threshold10 - - faf.problem.threshold100 - - faf.problem.threshold1000 - - faf.problem.threshold1000 - - faf.problem.threshold10000 - - faf.problem.threshold100000 - - faf.problem.threshold1000000 - group: faf - owner: root - service: faf freezes: false ipa_client_shell_groups: - retrace diff --git a/inventory/group_vars/value b/inventory/group_vars/value index f745cd3fbc..9210d77a6d 100644 --- a/inventory/group_vars/value +++ b/inventory/group_vars/value @@ -18,32 +18,6 @@ nft_custom_rules: # batcave01 also needs access to announce commits. - 'add rule ip filter INPUT ip saddr 10.3.163.35 tcp dport 5050 counter accept' deployment_type: prod -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - # cookies! - - irc.karma - # standard meetbot stuff - - meetbot.meeting.complete - - meetbot.meeting.start - - meetbot.meeting.topic.update - # meetbot line items - - meetbot.meeting.item.agreed - - meetbot.meeting.item.accepted - - meetbot.meeting.item.rejected - - meetbot.meeting.item.action - - meetbot.meeting.item.info - - meetbot.meeting.item.idea - - meetbot.meeting.item.help - - meetbot.meeting.item.link - group: daemon - owner: root - service: supybot ipa_client_shell_groups: - fi-apprentice - sysadmin-mote @@ -61,13 +35,10 @@ num_cpus: 2 primary_auth_source: ipa # for systems that do not match the above - specify the same parameter in # the host_vars/$hostname file -tcp_ports: [80, 443, - # These 16 ports are used by fedmsg. One for each wsgi thread. - 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] +tcp_ports: [80, 443] notes: | Hosts services which help facilitate communication over IRC and related mediums. There are a couple things running here. * zodbot, a supybot instance. See the zodbot SOP for more info. - * fedmsg-irc, our fedmsg to IRC relay. 'journalctl -u fedmsg-irc' * mote, a webapp running behind httpd that serves meetbot log files. diff --git a/inventory/group_vars/waiverdb b/inventory/group_vars/waiverdb deleted file mode 100644 index 07a8272ff6..0000000000 --- a/inventory/group_vars/waiverdb +++ /dev/null @@ -1,9 +0,0 @@ ---- -# XXX - this is not really a group of real hosts. -# Instead, it represents an application in openshift. -# See playbooks/openshift-apps/waiverdb.yml -fedmsg_certs: - - can_send: - - logger.log - - waiverdb.waiver.new - service: waiverdb diff --git a/inventory/group_vars/wiki b/inventory/group_vars/wiki index dae4b6925a..6e80764a73 100644 --- a/inventory/group_vars/wiki +++ b/inventory/group_vars/wiki @@ -1,19 +1,6 @@ --- # Define resources for this group of hosts here. deployment_type: prod -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - wiki.article.edit - - wiki.upload.complete - group: apache - owner: root - service: mediawiki ipa_client_shell_groups: - fi-apprentice - sysadmin-noc diff --git a/inventory/host_vars/bodhi-backend01.iad2.fedoraproject.org b/inventory/host_vars/bodhi-backend01.iad2.fedoraproject.org index a6149b50c9..5ba77e5026 100644 --- a/inventory/host_vars/bodhi-backend01.iad2.fedoraproject.org +++ b/inventory/host_vars/bodhi-backend01.iad2.fedoraproject.org @@ -1,78 +1,11 @@ --- -# These set a config value in /etc/fedmsg.d/, see roles/bodhi2/base/ +# These set a config value, see roles/bodhi2/base/ bodhi_masher_enabled: True bodhi_signed_handler_enabled: False bodhi_updates_handler_enabled: False -csi_primary_contact: Releng Admins sysadmin-releng-members@fedoraproject.org -csi_purpose: Run the Bodhi masher. -csi_relationship: | - The mashing of repos here happens as part of the 'fedmsg-hub' daemon. Check - logs with 'journalctl -u fedmsg-hub'. Check the bodhi masher docs/code for - more detail on what it does: - https://github.com/fedora-infra/bodhi/blob/develop/bodhi/consumers/masher.py - - * This host relies on: - * db01 for its database, which is shares with the bodhi2 frontend nodes. - * An NFS mount of koji data in /mnt/koji/ - * The fedmsg bus for triggering mashes. - * XMLRPC calls to koji for tagging and untagging updates. - * bugzilla for posting comments about status changes - * the wiki for getting information about QA "Test Cases" - * taksotron (resultsdb) for getting status-check results (gating updates). - - * No other systems rely directly on this host. Everything depends on it - indirectly for the creation of new updates repos (which get synced out to - the master mirror for distribution. -# For the MOTD -csi_security_category: Medium datacenter: iad2 eth0_ipv4_gw: 10.3.169.254 eth0_ipv4_ip: 10.3.169.101 -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - # These are certs for pungi - - can_send: - # new school pungi-koji stuff (ask dgilmore) - - pungi.compose.phase.start - - pungi.compose.phase.stop - - pungi.compose.status.change - - pungi.compose.createiso.targets - - pungi.compose.ostree - - releng.atomic.twoweek.begin - - releng.atomic.twoweek.complete - group: sysadmin-releng - owner: apache - service: releng - # These are certs for the masher to publish its own messages as it progresses. - - can_send: - - bodhi.mashtask.complete - - bodhi.mashtask.mashing - - bodhi.mashtask.start - - bodhi.mashtask.sync.done - - bodhi.mashtask.sync.wait - - bodhi.ostree.compose.start - - bodhi.ostree.compose.fail - - bodhi.ostree.compose.finish - - bodhi.errata.publish - - bodhi.update.eject - - bodhi.update.complete.testing - - bodhi.update.complete.stable - - bodhi.update.request.testing - - bodhi.update.request.stable - - bodhi.update.request.batched - - bodhi.update.karma.threshold.reach - - bodhi.buildroot_override.untag - - bodhi.update.comment - - bodhi.update.requirements_met.stable - group: apache - owner: root - service: bodhi - - can_send: - - bodhi.updates.epel.sync - - bodhi.updates.fedora.sync - group: ftpsync - owner: root - service: ftpsync ks_repo: https://infrastructure.fedoraproject.org/pub/fedora/linux/releases/40/Server/x86_64/os/ ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-fedora max_mem_size: 98304 diff --git a/inventory/host_vars/compose-branched01.iad2.fedoraproject.org b/inventory/host_vars/compose-branched01.iad2.fedoraproject.org index ac9fcdf91a..57d259d335 100644 --- a/inventory/host_vars/compose-branched01.iad2.fedoraproject.org +++ b/inventory/host_vars/compose-branched01.iad2.fedoraproject.org @@ -1,38 +1,6 @@ datacenter: iad2 eth0_ipv4_gw: 10.3.169.254 eth0_ipv4_ip: 10.3.169.121 -fedmsg_certs: - - can_send: - - pungi.compose.phase.start - - pungi.compose.phase.stop - - pungi.compose.status.change - - pungi.compose.createiso.targets - - pungi.compose.createiso.imagefail - - pungi.compose.createiso.imagedone - - pungi.compose.ostree - - compose.branched.complete - - compose.branched.mash.complete - - compose.branched.mash.start - - compose.branched.image.complete - - compose.branched.image.start - - compose.branched.pungify.complete - - compose.branched.pungify.start - - compose.branched.rsync.complete - - compose.branched.rsync.start - - compose.branched.start - - compose.bikeshed.complete - - compose.bikeshed.mash.complete - - compose.bikeshed.mash.start - - compose.bikeshed.image.complete - - compose.bikeshed.image.start - - compose.bikeshed.pungify.complete - - compose.bikeshed.pungify.start - - compose.bikeshed.rsync.complete - - compose.bikeshed.rsync.start - - compose.bikeshed.start - group: sysadmin-releng - owner: root - service: releng freezes: true koji_hub_nfs: "fedora_koji" kojihub_scheme: https diff --git a/inventory/host_vars/compose-iot01.iad2.fedoraproject.org b/inventory/host_vars/compose-iot01.iad2.fedoraproject.org index 7cdf01601b..f1303923b1 100644 --- a/inventory/host_vars/compose-iot01.iad2.fedoraproject.org +++ b/inventory/host_vars/compose-iot01.iad2.fedoraproject.org @@ -2,23 +2,6 @@ datacenter: iad2 eth0_ipv4_gw: 10.3.169.254 eth0_ipv4_ip: 10.3.169.122 -fedmsg_certs: - - can_send: - # new school pungi-koji stuff (ask dgilmore) - - pungi.compose.phase.start - - pungi.compose.phase.stop - - pungi.compose.status.change - - pungi.compose.createiso.targets - - pungi.compose.createiso.imagefail - - pungi.compose.createiso.imagedone - - pungi.compose.ostree - - compose.29.complete - - compose.29.start - - compose.29.rsync.start - - compose.29.rsync.complete - group: sysadmin-releng - owner: root - service: releng # This VM is the compose host for IoT Edition freezes: false koji_hub_nfs: "fedora_koji" diff --git a/inventory/host_vars/compose-rawhide01.iad2.fedoraproject.org b/inventory/host_vars/compose-rawhide01.iad2.fedoraproject.org index 9ef7a28582..541ef1de20 100644 --- a/inventory/host_vars/compose-rawhide01.iad2.fedoraproject.org +++ b/inventory/host_vars/compose-rawhide01.iad2.fedoraproject.org @@ -1,38 +1,6 @@ datacenter: iad2 eth0_ipv4_gw: 10.3.169.254 eth0_ipv4_ip: 10.3.169.123 -fedmsg_certs: - - can_send: - - pungi.compose.phase.start - - pungi.compose.phase.stop - - pungi.compose.status.change - - pungi.compose.createiso.targets - - pungi.compose.createiso.imagefail - - pungi.compose.createiso.imagedone - - pungi.compose.ostree - - compose.rawhide.complete - - compose.rawhide.mash.complete - - compose.rawhide.mash.start - - compose.rawhide.image.complete - - compose.rawhide.image.start - - compose.rawhide.pungify.complete - - compose.rawhide.pungify.start - - compose.rawhide.rsync.complete - - compose.rawhide.rsync.start - - compose.rawhide.start - - compose.bikeshed.complete - - compose.bikeshed.mash.complete - - compose.bikeshed.mash.start - - compose.bikeshed.image.complete - - compose.bikeshed.image.start - - compose.bikeshed.pungify.complete - - compose.bikeshed.pungify.start - - compose.bikeshed.rsync.complete - - compose.bikeshed.rsync.start - - compose.bikeshed.start - group: sysadmin-releng - owner: root - service: releng # rawhide is never frozen, the compose box should not be so we can make needed changes freezes: false koji_hub_nfs: "fedora_koji" diff --git a/inventory/host_vars/compose-x86-01.iad2.fedoraproject.org b/inventory/host_vars/compose-x86-01.iad2.fedoraproject.org index ed55044323..fd4cdcf338 100644 --- a/inventory/host_vars/compose-x86-01.iad2.fedoraproject.org +++ b/inventory/host_vars/compose-x86-01.iad2.fedoraproject.org @@ -1,46 +1,6 @@ datacenter: iad2 eth0_ipv4_gw: 10.3.169.254 eth0_ipv4_ip: 10.3.169.124 -fedmsg_certs: - - can_send: - # two-week-atomic stuff (ask maxamillion) - - releng.atomic.twoweek.begin - - releng.atomic.twoweek.complete - # new school pungi-koji stuff (ask dgilmore) - - pungi.compose.phase.start - - pungi.compose.phase.stop - - pungi.compose.status.change - - pungi.compose.createiso.targets - - pungi.compose.createiso.imagefail - - pungi.compose.createiso.imagedone - - pungi.compose.ostree - # traditional old school compose stuff - - compose.branched.complete - - compose.branched.mash.complete - - compose.branched.mash.start - - compose.branched.image.complete - - compose.branched.image.start - - compose.branched.pungify.complete - - compose.branched.pungify.start - - compose.branched.rsync.complete - - compose.branched.rsync.start - - compose.branched.start - - compose.epelbeta.complete - - compose.rawhide.complete - - compose.rawhide.mash.complete - - compose.rawhide.mash.start - - compose.rawhide.image.complete - - compose.rawhide.image.start - - compose.rawhide.pungify.complete - - compose.rawhide.pungify.start - - compose.rawhide.rsync.complete - - compose.rawhide.rsync.start - - compose.rawhide.start - - compose.29.start - - compose.29.complete - group: sysadmin-releng - owner: root - service: releng koji_hub_nfs: "fedora_koji" kojihub_scheme: https kojihub_url: koji.fedoraproject.org/kojihub diff --git a/inventory/host_vars/people01.fedoraproject.org b/inventory/host_vars/people01.fedoraproject.org index 0ae296d9cf..d00f8b358c 100644 --- a/inventory/host_vars/people01.fedoraproject.org +++ b/inventory/host_vars/people01.fedoraproject.org @@ -10,7 +10,6 @@ eth0_ipv4_nm: 25 eth0_ipv6_ip: "2600:2701:4000:5211:dead:beef:00a7:9475" eth0_ipv6_gw: "2600:2701:4000:5211::1" eth0_ipv6_nm: 104 -fedmsg_fqdn: people01.vpn.fedoraproject.org freezes: false #host_backup_targets: ['/srv/web'] diff --git a/inventory/inventory b/inventory/inventory index 9814241a40..109a425961 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -87,15 +87,9 @@ vmhost-x86-cc05.rdu-cc.fedoraproject.org ibiblio02.fedoraproject.org ibiblio05.fedoraproject.org -[busgateway] -busgateway01.iad2.fedoraproject.org - [flatpak_cache] flatpak-cache01.iad2.fedoraproject.org -[github2fedmsg] -github2fedmsg01.iad2.fedoraproject.org - [mailman] mailman01.iad2.fedoraproject.org @@ -653,33 +647,6 @@ wiki01.stg.iad2.fedoraproject.org wiki01.iad2.fedoraproject.org wiki02.iad2.fedoraproject.org -# assorted categories of fedmsg services, for convenience -[fedmsg_hubs:children] -busgateway -pkgs - -[fedmsg_ircs:children] -value - -[fedmsg_relays:children] -busgateway - -[fedmsg_gateways:children] -busgateway -proxies - -[fedmsg_services:children] -fedmsg_hubs -fedmsg_ircs -fedmsg_relays -fedmsg_gateways - -# These are groups that are using the python34 fedmsg stack. -[python34_fedmsg:children] -mailman - -## END fedmsg services - #[cloud_hardware] #virthost-aarch64-os01.fedorainfracloud.org #virthost-aarch64-os02.fedorainfracloud.org @@ -968,7 +935,6 @@ buildvm buildvm_aarch64 buildvm_ppc64le bkernel -busgateway bvirthost certgetter dbserver @@ -976,7 +942,6 @@ debuginfod dns_iad2 download_iad2 flatpak_cache -github2fedmsg ipa ipsilon koji diff --git a/main.yml b/main.yml index 5ee6587789..1753565579 100644 --- a/main.yml +++ b/main.yml @@ -17,7 +17,6 @@ - import_playbook: /srv/web/infra/ansible/playbooks/groups/bodhi-backend.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/buildhw.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/buildvm.yml -- import_playbook: /srv/web/infra/ansible/playbooks/groups/busgateway.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/certgetter.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-backend.yml # - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-db.yml @@ -30,7 +29,6 @@ - import_playbook: /srv/web/infra/ansible/playbooks/groups/dns.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/download.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/flatpak-cache.yml -- import_playbook: /srv/web/infra/ansible/playbooks/groups/github2fedmsg.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/ipa.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/ipsilon.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/koji-hub.yml diff --git a/playbooks/fedmsgupdate.yml b/playbooks/fedmsgupdate.yml deleted file mode 100644 index 8965d0193a..0000000000 --- a/playbooks/fedmsgupdate.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# -# Use this playbook to run over all the playbooks that have fedmsg.d in them. -# -# Call it with -t fedmsgdupdate to only run that one play. -# -- include_playbook: /srv/web/infra/ansible/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/ask.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/bodhi.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/badges-backend.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/badges-web.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/busgateway.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/gallery.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/koji-hub.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/mailman.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/packages.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/releng.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/wiki.yml -- include_playbook: /srv/web/infra/ansible/playbooks/groups/value.yml diff --git a/playbooks/groups/busgateway.yml b/playbooks/groups/busgateway.yml deleted file mode 100644 index 083146e4ef..0000000000 --- a/playbooks/groups/busgateway.yml +++ /dev/null @@ -1,58 +0,0 @@ ---- -- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml" - vars: - myhosts: "busgateway" - -- name: Dole out the generic configuration - hosts: busgateway - user: root - gather_facts: true - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - roles: - - base - - rkhunter - - nagios_client - - zabbix/zabbix_agent - - hosts - - {role: openvpn/client, when: env != "staging"} - - ipa/client - - collectd/base - - fedmsg/base - - sudo - - pre_tasks: - - import_tasks: "{{ tasks_path }}/yumrepos.yml" - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - -- name: Dole out the service-specific config - hosts: busgateway - user: root - gather_facts: true - - roles: - - role: fedmsg/hub - enable_websocket_server: true - - role: fedmsg/relay - - role: fedmsg/gateway - - role: collectd/fedmsg-service - process: fedmsg-hub - - role: collectd/fedmsg-service - process: fedmsg-relay - - role: collectd/fedmsg-service - process: fedmsg-gateway - - role: collectd/fedmsg-activation - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - "{{ vars_path }}/{{ ansible_distribution }}.yml" - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" diff --git a/playbooks/groups/github2fedmsg.yml b/playbooks/groups/github2fedmsg.yml deleted file mode 100644 index dc8701057d..0000000000 --- a/playbooks/groups/github2fedmsg.yml +++ /dev/null @@ -1,57 +0,0 @@ -# create a new github2fedmsg server -# NOTE: should be used with --limit most of the time -# NOTE: make sure there is room/space for this server on the vmhost -# NOTE: most of these vars_path come from group_vars/github2fedmsg* or from hostvars - ---- -- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml" - vars: - myhosts: "github2fedmsg" - -- name: Make the box be real - hosts: github2fedmsg - user: root - gather_facts: true - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - roles: - - base - - rkhunter - - nagios_client - - zabbix/zabbix_agent - - hosts - - {role: openvpn/client, - when: env != "staging"} - - ipa/client - - collectd/base - - rsyncd - - sudo - - mod_wsgi - - pre_tasks: - - import_tasks: "{{ tasks_path }}/yumrepos.yml" - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - -- name: Deploy service-specific config - hosts: github2fedmsg - user: root - gather_facts: true - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - - roles: - - github2fedmsg - - fedmsg/base - - {role: rabbit/user, when: deployment_type == "stg"} diff --git a/playbooks/groups/pkgs.yml b/playbooks/groups/pkgs.yml index e74eee0eae..e457dce7ab 100644 --- a/playbooks/groups/pkgs.yml +++ b/playbooks/groups/pkgs.yml @@ -64,7 +64,6 @@ - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml roles: - - gitolite/check_fedmsg_hooks - {role: git/make_checkout_seed, when: env != "staging"} - git/hooks - git/checks diff --git a/playbooks/groups/value.yml b/playbooks/groups/value.yml index ba8dd583ce..f05ac1c033 100644 --- a/playbooks/groups/value.yml +++ b/playbooks/groups/value.yml @@ -37,8 +37,6 @@ - supybot - sudo - rsyncd - - role: collectd/fedmsg-service - process: fedmsg-irc - {role: nfs/client, nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3", mnt_dir: '/srv/', diff --git a/playbooks/include/proxies-miscellaneous.yml b/playbooks/include/proxies-miscellaneous.yml index f98afa41c3..5bd1965fa3 100644 --- a/playbooks/include/proxies-miscellaneous.yml +++ b/playbooks/include/proxies-miscellaneous.yml @@ -29,17 +29,6 @@ extensions: - .ico - - role: fedmsg/crl - website: fedoraproject.org - path: /fedmsg - when: env != "staging" - - - role: fedmsg/gateway/slave - stunnel_service: "websockets" - stunnel_source_port: 9939 - stunnel_destination_port: 9938 - when: env != "staging" - - role: httpd/fingerprints website: admin.fedoraproject.org diff --git a/playbooks/include/proxies-reverseproxy.yml b/playbooks/include/proxies-reverseproxy.yml index b15f877c1a..6cbc670d40 100644 --- a/playbooks/include/proxies-reverseproxy.yml +++ b/playbooks/include/proxies-reverseproxy.yml @@ -128,14 +128,6 @@ proxyurl: http://value02 when: env == "staging" - - role: httpd/reverseproxy - website: apps.fedoraproject.org - destname: github2fedmsg - localpath: /github2fedmsg - remotepath: /github2fedmsg - header_scheme: true - proxyurl: http://localhost:10037 - - role: httpd/reverseproxy website: apps.fedoraproject.org destname: fedora-notifications diff --git a/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml b/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml index 4e34499494..2ecf178c0e 100644 --- a/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml +++ b/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml @@ -14,7 +14,6 @@ - import_playbook: "/srv/web/infra/ansible/playbooks/groups/bodhi-backend.yml" - import_playbook: "/srv/web/infra/ansible/playbooks/groups/bugzilla2fedmsg.yml" -- import_playbook: "/srv/web/infra/ansible/playbooks/groups/github2fedmsg.yml" - import_playbook: "/srv/web/infra/ansible/playbooks/groups/ipsilon.yml" - import_playbook: "/srv/web/infra/ansible/playbooks/groups/buildvm.yml" diff --git a/playbooks/manual/restart-fedmsg-services.yml b/playbooks/manual/restart-fedmsg-services.yml deleted file mode 100644 index 89bf439f66..0000000000 --- a/playbooks/manual/restart-fedmsg-services.yml +++ /dev/null @@ -1,95 +0,0 @@ -# Restart fedmsg services -# -# The grande list of "what is running and where" is maintained here manually. -# By running this playbook, you're not actually guaranteed that all services -# everywhere will be restarted. As stuff changes over time, this playbook will -# need to be periodically updated with new things. - ---- -- name: Restart fedmsg-gateway instances - hosts: fedmsg_gateways - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - tasks: - - name: Bounce the fedmsg-gateway service - service: name=fedmsg-gateway state=restarted - -- name: Restart fedmsg-relay instances - hosts: fedmsg_relays - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - tasks: - - name: Bounce the fedmsg-relay service - service: name=fedmsg-relay state=restarted - -- name: Restart fedmsg-irc instances - hosts: fedmsg_ircs - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - tasks: - - name: Bounce the fedmsg-irc service - service: name=fedmsg-irc state=restarted - -- name: Tell nagios to be quiet about FMN for the moment - hosts: notifs_backend - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - tasks: - - name: Schedule a 25 minute downtime. give notifs backend time to start up. - nagios: action=downtime minutes=25 service=host host={{ inventory_hostname_short }}{{ env_suffix }} - delegate_to: noc01.iad2.fedoraproject.org - ignore_errors: true -# - name: Bounce the fmn-digests service -# service: name=fmn-digests@1 state=restarted - -- name: Restart fedmsg-hub instances - hosts: fedmsg_hubs - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - tasks: - - name: Bounce the fedmsg-hub service - service: name=fedmsg-hub state=restarted - -- name: Restart moksha-hub instances - hosts: moksha_hubs - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - tasks: - - name: Bounce the moksha-hub service - service: name=moksha-hub state=restarted diff --git a/playbooks/manual/upgrade/datanommer.yml b/playbooks/manual/upgrade/datanommer.yml index d8705af4b7..3065150bad 100644 --- a/playbooks/manual/upgrade/datanommer.yml +++ b/playbooks/manual/upgrade/datanommer.yml @@ -105,8 +105,6 @@ - /srv/web/infra/ansible/vars/global.yml - /srv/private/ansible/vars.yml - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - tasks: - - service: name="fedmsg-hub" state=started post_tasks: - name: tell nagios to unshush nagios: action=unsilence service=host host={{ inventory_hostname_short }}{{ env_suffix }} diff --git a/playbooks/manual/upgrade/fedmsg.yml b/playbooks/manual/upgrade/fedmsg.yml deleted file mode 100644 index 6fc94ba0eb..0000000000 --- a/playbooks/manual/upgrade/fedmsg.yml +++ /dev/null @@ -1,58 +0,0 @@ ---- -- name: Push packages out - hosts: - - fedmsg-hubs - - - fedmsg-relays - - - fedmsg-ircs - - - fedmsg-gateways - - - moksha-hubs - - - datagrepper - - user: root - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - vars: - testing: false - packages: - - fedmsg - - python2-fedmsg-meta-fedora-infrastructure - - python-moksha-hub - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - - tasks: - - name: Clean all metadata {%if testing%}(with infrastructure-testing on){%endif%} - ansible.builtin.command: yum clean all {%if testing%} --enablerepo=infrastructure-tags-stg {%endif%} - check_mode: no - - name: Yum update fedmsg packages from the main repo - ansible.builtin.package: name={{item}} state=latest - when: not testing - with_items: "{{packages}}" - - name: Yum update fedmsg packages from testing repo - ansible.builtin.package: name={{item}} state=latest enablerepo=infrastructure-tags-stg - when: testing - with_items: "{{packages}}" - - # Restart all the backend daemons - # - import_tasks: "{{tasks_path}}../restart-fedmsg-services.yml" - -# Also restart the frontend web services -- name: Bounce apache - hosts: datagrepper:datagrepper_stg - user: root - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - - tasks: - - service: name="httpd" state=restarted diff --git a/playbooks/manual/upgrade/packages.yml b/playbooks/manual/upgrade/packages.yml deleted file mode 100644 index 7d004e61bc..0000000000 --- a/playbooks/manual/upgrade/packages.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -- name: Push packages out - hosts: packages:packages_stg - user: root - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - vars: - testing: false - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - - tasks: - - name: Clean all metadata {%if testing%}(with infrastructure-testing on){%endif%} - ansible.builtin.command: dnf clean all {%if testing%} --enablerepo=infrastructure-tags-stg {%endif%} - check_mode: no - - name: Update fedora-packages packages from main repo - ansible.builtin.package: name="fedora-packages" state=latest - when: not testing - - name: Update fedora-packages packages from testing repo - dnf: name="fedora-packages" state=latest enablerepo=infrastructure-tags-stg - when: testing - -- name: Verify the config and restart it - hosts: packages:packages_stg - user: root - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - - pre_tasks: - - name: Tell nagios to shush - nagios: action=downtime minutes=60 service=host host={{ inventory_hostname_short }}{{ env_suffix }} - delegate_to: noc01.iad2.fedoraproject.org - ignore_errors: true - - roles: - - role: packages3/web - - post_tasks: - - service: name="fedmsg-hub" state=stopped - - service: name="httpd" state=stopped - # TODO -- do any DB maintenance steps we need to do here.. - - service: name="httpd" state=started - - service: name="fedmsg-hub" state=started - - - name: Tell nagios to unshush - nagios: action=unsilence service=host host={{ inventory_hostname_short }}{{ env_suffix }} - delegate_to: noc01.iad2.fedoraproject.org - ignore_errors: true diff --git a/playbooks/openshift-apps/messaging-bridges.yml b/playbooks/openshift-apps/messaging-bridges.yml deleted file mode 100644 index 6542873911..0000000000 --- a/playbooks/openshift-apps/messaging-bridges.yml +++ /dev/null @@ -1,171 +0,0 @@ -# Create the RabbitMQ users ---- -- name: Setup RabbitMQ - hosts: rabbitmq[0] - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - tasks: - - name: Create the RabbitMQ user - community.rabbitmq.rabbitmq_user: - user: "messaging-bridge{{ env_suffix }}.fedoraproject.org" - vhost: /pubsub - read_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)" - write_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)" - configure_priv: "^$" - tags: - - config - - rabbitmq_cluster - - - name: Create the RabbitMQ queue amqp_to_zmq - community.rabbitmq.rabbitmq_queue: - name: amqp_to_zmq - vhost: /pubsub - login_user: admin - login_password: "{{ (env == 'production') | ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}" - tags: - - config - - rabbitmq_cluster - - - name: Create the RabbitMQ queue for verify-missing - community.rabbitmq.rabbitmq_queue: - name: amqp_bridge_verify_missing - vhost: /pubsub - durable: true - auto_delete: false - message_ttl: 60000 - login_user: admin - login_password: "{{ (env == 'production') | ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}" - tags: - - config - - rabbitmq_cluster - - - name: Create the amqp-to-zmq bindings - community.rabbitmq.rabbitmq_binding: - name: amq.topic - destination: amqp_to_zmq - destination_type: queue - vhost: /pubsub - login_user: admin - login_password: "{{ (env == 'production') | ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}" - tags: - - config - - rabbitmq_cluster - - - name: Create the verify-missing bindings - community.rabbitmq.rabbitmq_binding: - name: "{{ item }}" - destination: amqp_bridge_verify_missing - destination_type: queue - vhost: /pubsub - login_user: admin - login_password: "{{ (env == 'production') | ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}" - with_items: - - amq.topic - - zmq.topic - tags: - - config - - rabbitmq_cluster - - -# Now create the app - -- name: Make the app be real - hosts: os_control[0]:os_control_stg[0] - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - roles: - - role: openshift/project - project_app: messaging-bridges - project_description: "ZeroMQ <-> AMQP bridges" - project_appowners: - - abompard - - kevin - tags: - - appowners - - - role: openshift/secret-file - secret_file_app: messaging-bridges - secret_file_secret_name: fedmsg-key - secret_file_key: fedmsg-fedmsg-migration-tools.key - secret_file_privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.key" - - role: openshift/secret-file - secret_file_app: messaging-bridges - secret_file_secret_name: fedmsg-cert - secret_file_key: fedmsg-fedmsg-migration-tools.crt - secret_file_privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt" - - - role: openshift/secret-file - secret_file_app: messaging-bridges - secret_file_secret_name: rabbitmq-ca - secret_file_key: rabbitmq-ca.crt - secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt" - - role: openshift/secret-file - secret_file_app: messaging-bridges - secret_file_secret_name: rabbitmq-key - secret_file_key: rabbitmq-fedmsg-migration-tools.key - secret_file_privatefile: "rabbitmq/{{env}}/pki/private/messaging-bridge{{env_suffix}}.fedoraproject.org.key" - - role: openshift/secret-file - secret_file_app: messaging-bridges - secret_file_secret_name: rabbitmq-cert - secret_file_key: rabbitmq-fedmsg-migration-tools.crt - secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/messaging-bridge{{env_suffix}}.fedoraproject.org.crt" - - - role: openshift/object - object_app: messaging-bridges - object_file: imagestream.yml - object_objectname: imagestream.yml - - role: openshift/object - object_app: messaging-bridges - object_template: buildconfig.yml.j2 - object_objectname: buildconfig.yml - - - role: openshift/start-build - start_build_app: messaging-bridges - start_build_buildname: messaging-bridges-build - tags: - - never - - build - - - role: openshift/object - object_app: messaging-bridges - object_template: configmap.yml.j2 - object_objectname: configmap.yml - - role: openshift/object - object_app: messaging-bridges - object_file: service.yml - object_objectname: service.yml - - role: openshift/object - object_app: messaging-bridges - object_template: deploymentconfig.yml - object_objectname: deploymentconfig.yml - - - role: openshift/rollout - rollout_app: messaging-bridges - rollout_dcname: amqp-to-zmq - tags: - - never - - rollout - - role: openshift/rollout - rollout_app: messaging-bridges - rollout_dcname: zmq-to-amqp - tags: - - never - - rollout - - role: openshift/rollout - rollout_app: messaging-bridges - rollout_dcname: verify-missing - tags: - - never - - rollout diff --git a/playbooks/openshift-apps/monitor_dashboard.yml b/playbooks/openshift-apps/monitor_dashboard.yml deleted file mode 100644 index 3d56479c35..0000000000 --- a/playbooks/openshift-apps/monitor_dashboard.yml +++ /dev/null @@ -1,124 +0,0 @@ ---- -- name: Make the app be real - hosts: os_control_stg[0]:os_control - user: root - gather_facts: false - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - vars: - - ocp4: true - - roles: - - role: openshift/project - project_app: monitor-dashboard - project_description: POC for the dashboards - project_appowners: - - nphilipp - - asaleh - -# - role: openshift/object -# object_app: monitor-dashboard -# object_template: configmap.yml.j2 -# object_objectname: configmap.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: notifiers.yaml -# object_objectname: notifiers.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: dashboard_provision_config.yml -# object_objectname: dashboard_provision_config.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_template: dashboard_config.yml.j2 -# object_objectname: dashboard_config.yml - - -# - role: openshift/object -# object_app: monitor-dashboard -# object_template: buildconfig.yml.j2 -# object_objectname: buildconfig.yml - - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: imagestream.yml -# object_objectname: imagestream.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_template: datagrepper_configmap.yml.j2 -# object_objectname: datagrepper_configmap.yml - - - role: openshift/object - object_app: monitor-dashboard - object_file: service.yml - object_objectname: service.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: datagrepper_service.yml -# object_objectname: datagrepper_service.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: postgrest_service.yml -# object_objectname: postgrest_service.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: prest_service.yml -# object_objectname: prest_service.yml - - - role: openshift/object - object_app: monitor-dashboard - object_file: route_serviceaccount.yml - object_objectname: route_serviceaccount.yml - -# Route already present, will figure updating later - - role: openshift/object - object_app: monitor-dashboard - object_file: route.yml - object_objectname: route.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: datagrepper_route.yml -# object_objectname: datagrepper_route.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: postgrest_route.yml -# object_objectname: postgrest_route.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_file: prest_route.yml -# object_objectname: prest_route.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_template: postgrest_deploymentconfig.yml.j2 -# object_objectname: postgrest_deploymentconfig.yml - -# - role: openshift/object -# object_app: monitor-dashboard -# object_template: prest_deploymentconfig.yml.j2 -# object_objectname: prest_deploymentconfig.yml - - -# - role: openshift/object -# object_app: monitor-dashboard -# object_template: datagrepper_deploymentconfig.yml.j2 -# object_objectname: datagrepper_deploymentconfig.yml - - - role: openshift/object - object_app: monitor-dashboard - object_template: deploymentconfig.yml.j2 - object_objectname: deploymentconfig.yml diff --git a/roles/abrt/faf/defaults/main.yml b/roles/abrt/faf/defaults/main.yml index a9b2bbec64..9796bfb83b 100644 --- a/roles/abrt/faf/defaults/main.yml +++ b/roles/abrt/faf/defaults/main.yml @@ -128,9 +128,6 @@ faf_web_throttle_burst: 1 # fedora-messaging config # ############################## faf_fedmsg_server: -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -faf_fedmsg_topic_prefix: # [TLS] faf_fedmsg_ca_cert: diff --git a/roles/abrt/faf/templates/etc-fedora-messaging-config.toml.j2 b/roles/abrt/faf/templates/etc-fedora-messaging-config.toml.j2 index b905439cd3..3845e5a132 100644 --- a/roles/abrt/faf/templates/etc-fedora-messaging-config.toml.j2 +++ b/roles/abrt/faf/templates/etc-fedora-messaging-config.toml.j2 @@ -7,10 +7,6 @@ amqp_url = "amqp://{{ faf_fedmsg_server }}?connection_attempts=3&retry_delay=5" passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -topic_prefix = {{ faf_fedmsg_topic_prefix }} - [tls] ca_cert = {{ faf_fedmsg_ca_cert }} keyfile = {{ faf_fedmsg_keyfile }} diff --git a/roles/base/templates/iptables/iptables b/roles/base/templates/iptables/iptables index b084d1902c..6a537c48c4 100644 --- a/roles/base/templates/iptables/iptables +++ b/roles/base/templates/iptables/iptables @@ -65,12 +65,6 @@ # Reject all further connections from less secure vpn -A INPUT -s 192.168.100.0/24 -j REJECT --reject-with icmp-host-prohibited {% endif %} -# if the host declares a fedmsg-enabled wsgi app, open ports for it -{% if wsgi_fedmsg_service is defined %} -{% for i in range(wsgi_procs * wsgi_threads) %} --A INPUT -p tcp -m tcp --dport 30{{ '%02d' % i }} -j ACCEPT -{% endfor %} -{% endif %} # if the host/group defines incoming tcp_ports - allow them diff --git a/roles/base/templates/iptables/iptables.bastion b/roles/base/templates/iptables/iptables.bastion index 89b2146739..eb67800d7b 100644 --- a/roles/base/templates/iptables/iptables.bastion +++ b/roles/base/templates/iptables/iptables.bastion @@ -65,12 +65,6 @@ # Reject all further connections from less secure vpn -A INPUT -s 192.168.100.0/24 -j REJECT --reject-with icmp-host-prohibited {% endif %} -# if the host declares a fedmsg-enabled wsgi app, open ports for it -{% if wsgi_fedmsg_service is defined %} -{% for i in range(wsgi_procs * wsgi_threads) %} --A INPUT -p tcp -m tcp --dport 30{{ '%02d' % i }} -j ACCEPT -{% endfor %} -{% endif %} # smtp rules we want to allow vpn and out internal networks and mimecast -A INPUT -s 192.168.100.0/24 -m tcp -p tcp --dport 25 -j ACCEPT diff --git a/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org b/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org index ed92663664..d09f24aade 100644 --- a/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org +++ b/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org @@ -48,13 +48,6 @@ {% endfor %} {% endif %} -# if the host declares a fedmsg-enabled wsgi app, open ports for it -{% if wsgi_fedmsg_service is defined %} -{% for i in range(wsgi_procs * wsgi_threads) %} --A INPUT -p tcp -m tcp --dport 30{{ '%02d' % i }} -j ACCEPT -{% endfor %} -{% endif %} - # if the host/group defines incoming tcp_ports - allow them {% if tcp_ports is defined %} diff --git a/roles/base/templates/nftables/nftables b/roles/base/templates/nftables/nftables index edbdeeb0db..765e7019fc 100644 --- a/roles/base/templates/nftables/nftables +++ b/roles/base/templates/nftables/nftables @@ -65,12 +65,6 @@ add rule ip filter INPUT ip saddr 192.168.100.0/24 udp dport 464 counter accept # Reject all further connections from less secure vpn add rule ip filter INPUT ip saddr 192.168.100.0/24 counter reject with icmp type host-prohibited {% endif %} -# if the host declares a fedmsg-enabled wsgi app, open ports for it -{% if wsgi_fedmsg_service is defined %} -{% for i in range(wsgi_procs * wsgi_threads) %} -add rule ip filter INPUT tcp dport 30{{ '%02d' % i }} counter accept -{% endfor %} -{% endif %} # if the host/group defines incoming tcp_ports - allow them diff --git a/roles/base/templates/nftables/nftables.torrent02.fedoraproject.org b/roles/base/templates/nftables/nftables.torrent02.fedoraproject.org index f7ec0c8ffe..21f105432f 100644 --- a/roles/base/templates/nftables/nftables.torrent02.fedoraproject.org +++ b/roles/base/templates/nftables/nftables.torrent02.fedoraproject.org @@ -50,13 +50,6 @@ add rule ip filter INPUT ip saddr {{ hostvars[host]['eth0_ip'] }} counter reject {% endfor %} {% endif %} -# if the host declares a fedmsg-enabled wsgi app, open ports for it -{% if wsgi_fedmsg_service is defined %} -{% for i in range(wsgi_procs * wsgi_threads) %} -add rule ip filter INPUT tcp dport 30{{ '%02d' % i }} counter accept -{% endfor %} -{% endif %} - # if the host/group defines incoming tcp_ports - allow them {% if tcp_ports is defined %} diff --git a/roles/batcave/templates/batcave-messaging.toml b/roles/batcave/templates/batcave-messaging.toml index 6eb69d6bf4..91f43960f0 100644 --- a/roles/batcave/templates/batcave-messaging.toml +++ b/roles/batcave/templates/batcave-messaging.toml @@ -5,14 +5,6 @@ # Broker address amqp_url = "amqps://batcave{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/rabbitmq/batcave.ca" keyfile = "/etc/pki/rabbitmq/batcave.key" diff --git a/roles/collectd/base/files/fedmsg-types.db b/roles/collectd/base/files/fedmsg-types.db deleted file mode 100644 index 9471315774..0000000000 --- a/roles/collectd/base/files/fedmsg-types.db +++ /dev/null @@ -1,2 +0,0 @@ -fedmsg_wallboard count:GAUGE:0:U - diff --git a/roles/collectd/base/files/fedmsg.conf b/roles/collectd/base/files/fedmsg.conf deleted file mode 100644 index d9b2deb618..0000000000 --- a/roles/collectd/base/files/fedmsg.conf +++ /dev/null @@ -1,6 +0,0 @@ -LoadPlugin exec -TypesDB "/usr/share/collectd/fedmsg-types.db" - - - Exec "fedmsg" "/usr/bin/fedmsg-collectd" "--collectd-interval" "10" - diff --git a/roles/collectd/fedmsg-activation/files/fedmsg-activation.conf b/roles/collectd/fedmsg-activation/files/fedmsg-activation.conf deleted file mode 100644 index b19eb52514..0000000000 --- a/roles/collectd/fedmsg-activation/files/fedmsg-activation.conf +++ /dev/null @@ -1,4 +0,0 @@ -LoadPlugin exec - - Exec "fedmsg" "/usr/local/bin/fedmsg-map" - diff --git a/roles/collectd/fedmsg-activation/files/fedmsg-map.py b/roles/collectd/fedmsg-activation/files/fedmsg-map.py deleted file mode 100644 index 8cdb85ac6c..0000000000 --- a/roles/collectd/fedmsg-activation/files/fedmsg-map.py +++ /dev/null @@ -1,143 +0,0 @@ -#!/usr/bin/env python -""" Utility to scan a fedmsg setup for port availability. - -Reports what percentage of fedmsg endpoints are bound and ready. -""" - -import base64 -import collections -import multiprocessing.pool -import socket -import sys -import time - -import fedmsg.config -config = fedmsg.config.load_config() - -timeout = 0.2 -expected = '/wAAAAAAAAABfw==' - -for_collectd = 'verbose' not in sys.argv - -active = collections.defaultdict(list) -inactive = collections.defaultdict(list) - -def info(content="\n"): - if not for_collectd: - sys.stdout.write(content) - sys.stdout.flush() - -def scan_one(item): - name, endpoint = item - if not endpoint.startswith('tcp://'): - raise ValueError("Don't know how to deal with %r" % endpoint) - endpoint = endpoint[len('tcp://'):].split(':') - connection = None - try: - connection = socket.create_connection(endpoint, timeout) - actual = base64.b64encode(connection.recv(10)) - if actual != expected: - inactive[name].append(( - endpoint, "%r is not %r" % (actual, expected))) - info("F") - else: - active[name].append((endpoint, "all active")) - info(".") - except socket.error as e: - inactive[name].append((endpoint, str(e))) - info("F") - if connection: - connection.close() - - -def scan_all(): - global active - global inactive - - del active - del inactive - - active = collections.defaultdict(list) - inactive = collections.defaultdict(list) - - items = [(name, addr) - for name, endpoints in config['endpoints'].items() - for addr in endpoints] - - # There is likely overhead in creating and destroying this thing, but we have - # memory leaks to track down. - pool = multiprocessing.pool.ThreadPool(25) - pool.map(scan_one, items) - pool.close() - - info() - - if 'verbose' in sys.argv: - import pprint - pprint.pprint(dict(active)) - pprint.pprint(dict(inactive)) - - header = "".join([ - "name".center(29), - "active".rjust(8), - "inactive".rjust(9), - "percent".rjust(9), - "reason".center(32), - ]) - info() - info(header + "\n") - info("-" * len(header) + "\n") - - active_n_total, inactive_n_total = 0, 0 - for name in sorted(config['endpoints']): - active_n = len(active[name]) - inactive_n = len(inactive[name]) - - active_n_total += active_n - inactive_n_total += inactive_n - - total = active_n + inactive_n - - percent = "" - if total: - percent = "%%%0.1f" % (100 * float(active_n) / total) - - reasons = set([reason for _, reason in inactive[name]]) - - info(name.rjust(29)) - info(str(active_n).rjust(8)) - info(str(inactive_n).rjust(9)) - info(percent.rjust(9)) - info(", ".join(reasons).rjust(32) + "\n") - - info("-" * len(header) + "\n") - - info(" total active: %i\n" % active_n_total) - info("total inactive: %i\n" % inactive_n_total) - value = 100 * float(active_n_total) / (active_n_total + inactive_n_total) - info("percent active: %%%0.1f\n" % value) - return value - -if not for_collectd: - scan_all() -else: - interval = 5 - host = socket.getfqdn() - while True: - start = time.time() - value = scan_all() - stop = timestamp = time.time() - delta = stop - start - output = ( - "PUTVAL " - "{host}/fedmsg/percent " - "interval={interval} " - "{timestamp}:{value}" - ).format( - host=host, - interval=interval, - timestamp=int(timestamp), - value="%0.1f" % value) - print(output) - if interval - delta > 0: - time.sleep(interval - delta) diff --git a/roles/collectd/fedmsg-service/templates/fedmsg-service-collectd.py b/roles/collectd/fedmsg-service/templates/fedmsg-service-collectd.py deleted file mode 100644 index 948d4d3a00..0000000000 --- a/roles/collectd/fedmsg-service/templates/fedmsg-service-collectd.py +++ /dev/null @@ -1,122 +0,0 @@ -#!/usr/bin/env python -""" fedmsg-service-collectd.py -- produce collectd stats on fedmsg daemons """ - -import json -import os -import pprint -import socket -import sys -import time -import zmq - - -#hostname = socket.gethostname().split('.')[0] -hostname = socket.gethostname() # Use FQDN, I guess.. - - -def print_consumer(service, consumer): - timestamp = int(time.time()) - print "PUTVAL %s/%s/queue_length-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_backlog' % consumer['name'], - timestamp, - consumer['backlog'] - ) - print "PUTVAL %s/%s/gauge-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_exceptions' % consumer['name'], - timestamp, - consumer['exceptions'] - ) - # These got introduced in a later version of moksha, so not every host has them - if 'headcount_in' in consumer: - print "PUTVAL %s/%s/gauge-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_in' % consumer['name'], - timestamp, - consumer['headcount_in'] - ) - - if 'headcount_out' in consumer: - print "PUTVAL %s/%s/gauge-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_out' % consumer['name'], - timestamp, - consumer['headcount_out'] - ) - - # And these got introduced even later - if 'times' in consumer: - maxval = 1000 * max(consumer['times'] or [0]) - minval = 1000 * min(consumer['times'] or [0]) - - avgval = 0 - if consumer['times']: - avgval = 1000 * sum(consumer['times']) / len(consumer['times']) - - print "PUTVAL %s/%s/response_time-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_min' % consumer['name'], - timestamp, - minval, - ) - print "PUTVAL %s/%s/response_time-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_max' % consumer['name'], - timestamp, - maxval, - ) - print "PUTVAL %s/%s/response_time-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_avg' % consumer['name'], - timestamp, - avgval, - ) - - -def print_producer(service, producer): - timestamp = int(time.time()) - print "PUTVAL %s/%s/gauge-%s interval=5 %i:%i" % ( - hostname, - service, - '%s_exceptions' % producer['name'], - timestamp, - producer['exceptions'] - ) - - -if __name__ == '__main__': - service = "{{ process }}" - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - - if not os.path.exists(fname): - print "UNKNOWN - %s does not exist" % fname - sys.exit(3) - - connect_to = "ipc:///%s" % fname - - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - - s.setsockopt(zmq.SUBSCRIBE, '') - - try: - while True: - msg = s.recv() - msg = json.loads(msg) - for consumer in msg['consumers']: - if consumer['initialized']: - print_consumer(service, consumer) - for producer in msg['producers']: - if producer['initialized']: - print_producer(service, producer) - except KeyboardInterrupt: - pass diff --git a/roles/collectd/fedmsg-service/templates/fedmsg-service.conf b/roles/collectd/fedmsg-service/templates/fedmsg-service.conf deleted file mode 100644 index 171f3dc8ba..0000000000 --- a/roles/collectd/fedmsg-service/templates/fedmsg-service.conf +++ /dev/null @@ -1,4 +0,0 @@ -LoadPlugin exec - - Exec "{{user}}" "/usr/local/bin/fedmsg-service-collectd-{{ process }}" - diff --git a/roles/collectd/fedmsg-service/vars/main.yml b/roles/collectd/fedmsg-service/vars/main.yml deleted file mode 100644 index 4b1eb32f26..0000000000 --- a/roles/collectd/fedmsg-service/vars/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -user: fedmsg -process: fedmsg-hub diff --git a/roles/distgit/pagure/files/stunnel.service b/roles/distgit/pagure/files/stunnel.service deleted file mode 100644 index 8701ba266f..0000000000 --- a/roles/distgit/pagure/files/stunnel.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=stunnel -After=network.target -Documentation=https://infrastructure.fedoraproject.org/infra/docs/fedmsg-websocket.txt - -[Service] -ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf -Type=forking -User=root -Group=root -Restart=on-failure - -[Install] -WantedBy=multi-user.target diff --git a/roles/distgit/pagure/tasks/main.yml b/roles/distgit/pagure/tasks/main.yml index 87a016273b..3b5078285e 100644 --- a/roles/distgit/pagure/tasks/main.yml +++ b/roles/distgit/pagure/tasks/main.yml @@ -35,38 +35,6 @@ state: yes persistent: yes -# Set-up stunnel for the event source server - -# - name: Install stunnel service definition -# ansible.builtin.copy: src=stunnel.service -# dest=/usr/lib/systemd/system/stunnel.service -# owner=root group=root mode=0755 -# notify: -# - Reload systemd -# - Restart stunnel -# tags: -# - pagure -# - stunnel - -# - name: Ensure old stunnel init file is gone -# ansible.builtin.file: dest=/etc/init.d/stunnel/stunnel.init state=absent -# tags: -# - pagure -# - stunnel -# - config - -# - name: Install stunnel.conf -# ansible.builtin.template: src={{ item.file }} -# dest={{ item.dest }} -# owner=root group=root mode=0600 -# with_items: -# - { file: stunnel-conf.j2, dest: /etc/stunnel/stunnel.conf } -# notify: Restart stunnel -# tags: -# - pagure -# - stunnel -# - config - # Set-up Pagure - name: Create a group pagure we can use @@ -372,7 +340,6 @@ with_items: - httpd - postfix - # - stunnel - redis - pagure_ev - pagure_logcom diff --git a/roles/distgit/pagure/templates/fedora-messaging.toml b/roles/distgit/pagure/templates/fedora-messaging.toml index 13afc00ea2..1384a0f106 100644 --- a/roles/distgit/pagure/templates/fedora-messaging.toml +++ b/roles/distgit/pagure/templates/fedora-messaging.toml @@ -3,14 +3,6 @@ amqp_url = "amqps://pagure{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/rabbitmq/pagurecert/src.fp.o.ca" keyfile = "/etc/pki/rabbitmq/pagurecert/src.fp.o.key" diff --git a/roles/fedmsg/base/files/relay-debug-loopback.py b/roles/fedmsg/base/files/relay-debug-loopback.py deleted file mode 100644 index 938cc8985d..0000000000 --- a/roles/fedmsg/base/files/relay-debug-loopback.py +++ /dev/null @@ -1,27 +0,0 @@ -## WARNING ## -# This file is a replacement for the *regular* relay.py file we ship to all -# fedora infra prod/stg hosts. -# If you are seeing this file on a host, that is because it has -# fedmsg_debug_loopback set to 'true' in our ansible config. That should be an -# exceptional thing used only for debugging. -# -# Things to know: -# -# * No 'fedmsg-logger' statements on this host will make it to the real bus -# * They will only be broadcast locally (on this box) -# * No messages from the main fedmsg-relay on our bus will make it to this box. -# * Other messages from persistent fedmsg services will make it here. -# -# You can use this to test services locally with 'fedmsg-dg-replay'. Messages -# rebroadcast by that command will be replayed locally, to only this host. - -config = dict( - endpoints={ - "relay_outbound": [ - "tcp://127.0.0.1:3999", - ], - }, - relay_inbound=[ - "tcp://127.0.0.1:9941", - ], -) diff --git a/roles/fedmsg/base/files/selinux/fedmsg.mod b/roles/fedmsg/base/files/selinux/fedmsg.mod deleted file mode 100644 index 25e47ae6947a7970a65f40de69c42a259c8d12c7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1158 zcmb`GO-=$q5QQI#N?hO-IDrW_V8c#U9-sqE4~&5sG8B=8SMb2DBoF!}_o}>p49eL!$ zJA?3$<+=`ev561Kwu&}4tNZC$QpqX3OVancuqXlJOH?i1;?hFx>*=}^md`UxF%*+{ zzj;}ep(v{?=KEl*xY>eRb<+F7 ziO=UXzsaFlw&n0W2(RPa=j4|p*EAeVn?^K!1#4;M>+0RxMOWOv*#8Um#ud@J`T24_ i+$(S6oqDa3=0v+z<>xwhZ%!cn{@%=0xcu(k+QtdJGeWfh diff --git a/roles/fedmsg/base/files/selinux/fedmsg.pp b/roles/fedmsg/base/files/selinux/fedmsg.pp deleted file mode 100644 index 17a25943f710b4e615d397595b8e9b132868a260..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1174 zcmb`GO-=$q5QR%cF)q*}Z~_xa`-E`Bd|p9PDLV4!r|W9rl_NFA2_R(3mz2Y5Ee>(#+R&ceRtQxPP(# s7q}ZngyW|DMSn0?YQr9SjuQI>J4fZ`IH)%|kbZwPV-!xmyIR}$0@}4j$^ZZW diff --git a/roles/fedmsg/base/files/selinux/fedmsg.te b/roles/fedmsg/base/files/selinux/fedmsg.te deleted file mode 100644 index 6ce38d40f6..0000000000 --- a/roles/fedmsg/base/files/selinux/fedmsg.te +++ /dev/null @@ -1,21 +0,0 @@ - -module fedmsg 1.1; - -require { - type anon_inodefs_t; - type httpd_t; - class file write; -} - -require { - type ptmx_t; - type httpd_t; - class chr_file getattr; -} - -#============= httpd_t ============== -# For basic port binding -allow httpd_t anon_inodefs_t:file write; -# So that psutil can work from /etc/fedmsg.d/logging.py -allow httpd_t ptmx_t:chr_file getattr; - diff --git a/roles/fedmsg/base/templates/base.py.j2 b/roles/fedmsg/base/templates/base.py.j2 deleted file mode 100644 index 90b49bf872..0000000000 --- a/roles/fedmsg/base/templates/base.py.j2 +++ /dev/null @@ -1,107 +0,0 @@ -config = dict( - # Set this to dev if you're hacking on fedmsg or an app locally. - # Set to stg or prod if running in the Fedora Infrastructure. - environment="{{ fedmsg_env }}", - - # Most hosts will be "false" here indicating that if they publish messages, - # they will passively bind to ports and have other consuming services - # actively connect to them. If this flag is set to True, then the service - # will actively connect out to a fedmsg-relay to have its messages forwarded - # on. - active={{fedmsg_active}}, - - {% if fedmsg_cert_prefix is defined %} - # Most fedmsg enabled services dynamically guess their cert_prefix by - # looking at the namespace of the python code that they're running in. For - # instance, bodhi's code is in the 'bodhi' python module, so fedmsg grabs - # that and uses it for its cert prefix. Some code, however, runs in an - # oddly-namespaced module, and so we allow the option here to override that - # at the host level. - cert_prefix='{{fedmsg_cert_prefix}}', - {% endif %} - - {% if not (ansible_hostname.startswith('busgateway') or ansible_hostname.startswith('bodhi-backend')) %} - # These options provide a place for hub processes to write out their last - # processed message. This let's them read it in at startup and figure out - # what kind of backlog they have to deal with. - {% if env == 'staging' %} - # But we have it turned off in staging. - #status_directory="/var/run/fedmsg/status", - {% else %} - status_directory="/var/run/fedmsg/status", - {% endif %} - - # This is the URL of a datagrepper instance that we can query for backlog. - {% if env == 'staging' %} - # But we have it turned off in staging. - #datagrepper_url="https://apps.stg.fedoraproject.org/datagrepper/raw", - {% else %} - datagrepper_url="https://apps.fedoraproject.org/datagrepper/raw", - {% endif %} - {% endif %} - - # This used to be set to 1 for safety, but it turns out it was - # excessive. It is the number of seconds that fedmsg should sleep - # after it has initialized, but before it begins to try and send any - # messages. If set to a non-zero value, this will slow down one-off - # fedmsg scripts like the git post-receive hook and pkgdb2branch. - # If we are experiencing message-loss problems, one of the first things - # to try should be to turn this number up to a non-zero value. '1' should - # be more than sufficient. - post_init_sleep={{fedmsg_post_init_sleep}}, - - # This is the number of milliseconds to wait before timing out on - # connections.. notably to the fedmsg-relay in the event that it has - # crashed. - zmq_linger=2000, - - # Default is 0 - high_water_mark=0, - io_threads=1, - - # We almost always want the fedmsg-hub to be sending messages with zmq as - # opposed to amqp or stomp. The only exception will be the bugzilla - # amqp<->zmq bridge service. - zmq_enabled=True, - - # When subscribing to messages, we want to allow splats ('*') so we tell the - # hub to not be strict when comparing messages topics to subscription - # topics. - zmq_strict=False, - - # See the following - # - http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html - # - http://api.zeromq.org/3-2:zmq-setsockopt - zmq_tcp_keepalive=1, - zmq_tcp_keepalive_cnt=3, - zmq_tcp_keepalive_idle=60, - zmq_tcp_keepalive_intvl=5, - - # See the following - # - https://github.com/fedora-infra/fedmsg/issues/305 - # - http://api.zeromq.org/3-2:zmq-setsockopt - zmq_reconnect_ivl=100, - zmq_reconnect_ivl_max=500, -) - -# This option adds an IPC socket by which we can monitor hub health. -try: - import os - import psutil - - pid = os.getpid() - proc = [p for p in psutil.process_iter() if p.pid == pid][0] - - # proc.name is a method on modern versions of psutil. - name = proc.name - if callable(name): - name = name() - - config['moksha.monitoring.socket'] = \ - 'ipc:///var/run/fedmsg/monitoring-%s.socket' % name - config['moksha.monitoring.socket.mode'] = '770' -except (OSError, ImportError): - # We run into issues when trying to import psutil from mod_wsgi on rhel7 - # but this feature is of no concern in that context, so just fail quietly. - # https://github.com/jmflinuxtx/kerneltest-harness/pull/17#issuecomment-48007837 - pass diff --git a/roles/fedmsg/base/templates/endpoints-anitya.py.j2 b/roles/fedmsg/base/templates/endpoints-anitya.py.j2 deleted file mode 100644 index 6dd6425e4b..0000000000 --- a/roles/fedmsg/base/templates/endpoints-anitya.py.j2 +++ /dev/null @@ -1,13 +0,0 @@ -# This tells our nodes to also pull messages from anitya. -# Among those nodes is our public gateway which means that it will forward them -# back out to the public on "our bus". - -config = dict( - {% if env != 'staging' %} - endpoints={ - "anitya-public-relay": [ - "tcp://anitya-frontend01.fedoraproject.org:9940", - ], - }, - {% endif %} -) diff --git a/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 b/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 deleted file mode 100644 index 776a4e843c..0000000000 --- a/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 +++ /dev/null @@ -1,26 +0,0 @@ -{% if datacenter == 'iad2' %} -{% if env == 'staging' %} -suffix = 'stg.iad2.fedoraproject.org' -{% else %} -suffix = 'iad2.fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% else %} -{% if env == 'staging' %} -suffix = 'stg.fedoraproject.org' -{% else %} -suffix = 'fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% endif %} - -config = dict( - endpoints={ - "bugzilla2fedmsg.bugzilla2fedmsg01": [ - "tcp://bugzilla2fedmsg01.%s:3000" % suffix, - "tcp://bugzilla2fedmsg01.%s:3001" % suffix, - "tcp://bugzilla2fedmsg01.%s:3002" % suffix, - "tcp://bugzilla2fedmsg01.%s:3003" % suffix, - ], - }, -) diff --git a/roles/fedmsg/base/templates/endpoints-external-composer.py.j2 b/roles/fedmsg/base/templates/endpoints-external-composer.py.j2 deleted file mode 100644 index a88ef409cd..0000000000 --- a/roles/fedmsg/base/templates/endpoints-external-composer.py.j2 +++ /dev/null @@ -1,8 +0,0 @@ - -config = dict( - endpoints = { - "fedora-infrastructure": [ - "tcp://hub.fedoraproject.org:9940", - ], - } -) diff --git a/roles/fedmsg/base/templates/endpoints-fedbadges.py.j2 b/roles/fedmsg/base/templates/endpoints-fedbadges.py.j2 deleted file mode 100644 index 0c555c0074..0000000000 --- a/roles/fedmsg/base/templates/endpoints-fedbadges.py.j2 +++ /dev/null @@ -1,26 +0,0 @@ -{% if datacenter == 'iad2' %} -{% if env == 'staging' %} -suffix = 'stg.iad2.fedoraproject.org' -{% else %} -suffix = 'iad2.fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% else %} -{% if env == 'staging' %} -suffix = 'stg.fedoraproject.org' -{% else %} -suffix = 'fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% endif %} - -config = dict( - endpoints={ - "fedbadges.badges-backend01": [ - "tcp://badges-backend01.%s:3000" % suffix, - "tcp://badges-backend01.%s:3001" % suffix, - "tcp://badges-backend01.%s:3002" % suffix, - "tcp://badges-backend01.%s:3003" % suffix, - ], - }, -) diff --git a/roles/fedmsg/base/templates/endpoints-fedimg.py.j2 b/roles/fedmsg/base/templates/endpoints-fedimg.py.j2 deleted file mode 100644 index 0628698db7..0000000000 --- a/roles/fedmsg/base/templates/endpoints-fedimg.py.j2 +++ /dev/null @@ -1,20 +0,0 @@ -{% if env == 'staging' %} -suffix = 'stg.iad2.fedoraproject.org' -{% else %} -suffix = 'iad2.fedoraproject.org' -{% endif %} - -# REMEMBER -- if you change these, you need to also change the iptables rules in -# inventory/groups/fedimg and inventory/groups/fedimsg-stg -primary_threads = 4 -atomic_threads = 2 -NUM_FEDIMG_PORTS = 2 * ((primary_threads + atomic_threads) + 1) - -config = dict( - endpoints={ - "fedimg.fedimg01": [ - "tcp://fedimg01.%s:30%0.2i" % (suffix, i) - for i in range(NUM_FEDIMG_PORTS) - ], - }, -) diff --git a/roles/fedmsg/base/templates/endpoints-hotness.py.j2 b/roles/fedmsg/base/templates/endpoints-hotness.py.j2 deleted file mode 100644 index 691a9a8cdf..0000000000 --- a/roles/fedmsg/base/templates/endpoints-hotness.py.j2 +++ /dev/null @@ -1,26 +0,0 @@ -{% if datacenter == 'iad2' %} -{% if env == 'staging' %} -suffix = 'stg.iad2.fedoraproject.org' -{% else %} -suffix = 'iad2.fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% else %} -{% if env == 'staging' %} -suffix = 'stg.fedoraproject.org' -{% else %} -suffix = 'fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% endif %} - -config = dict( - endpoints={ - "hotness.hotness01": [ - "tcp://hotness01.%s:3000" % suffix, - "tcp://hotness01.%s:3001" % suffix, - "tcp://hotness01.%s:3002" % suffix, - "tcp://hotness01.%s:3003" % suffix, - ], - }, -) diff --git a/roles/fedmsg/base/templates/endpoints-mailman.py.j2 b/roles/fedmsg/base/templates/endpoints-mailman.py.j2 deleted file mode 100644 index 73d9850610..0000000000 --- a/roles/fedmsg/base/templates/endpoints-mailman.py.j2 +++ /dev/null @@ -1,37 +0,0 @@ -{% if datacenter == 'iad2' %} -{% if env == 'staging' %} -suffix = 'stg.iad2.fedoraproject.org' -{% else %} -suffix = 'iad2.fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% else %} -{% if env == 'staging' %} -suffix = 'stg.fedoraproject.org' -{% else %} -suffix = 'fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% endif %} - -config = dict( - endpoints={ - # We need an endpoint for each of the mailman pieces that picks up and - # imports our plugin. So far that's the 'archiver' and the 'pipeline'. - "mailman.mailman01": [ - "tcp://mailman01.%s:3000" % suffix, - "tcp://mailman01.%s:3001" % suffix, - - # On Nov 19th, we started getting tracebacks that mailman3 had run - # out of endpoints. We're not sure what changed that required - # additional entries here, but we're adding them to try and make the - # error go away. - # One idea is that the mailman REST server grew the ability to list - # the archivers. Postorius calls that, and it (under the hood) - # tries to initialize all the archivers, which would inadvertently - # try to force our fedmsg plugin to establish a socket. - "tcp://mailman01.%s:3002" % suffix, - "tcp://mailman01.%s:3003" % suffix, - ], - }, -) diff --git a/roles/fedmsg/base/templates/endpoints.py.j2 b/roles/fedmsg/base/templates/endpoints.py.j2 deleted file mode 100644 index 41563914bf..0000000000 --- a/roles/fedmsg/base/templates/endpoints.py.j2 +++ /dev/null @@ -1,47 +0,0 @@ -{% if datacenter == 'iad2' %} -{% if env == 'staging' %} -suffix = 'stg.iad2.fedoraproject.org' -{% else %} -suffix = 'iad2.fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% else %} -{% if env == 'staging' %} -suffix = 'stg.fedoraproject.org' -{% else %} -suffix = 'fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% endif %} - - -config = dict( - # This is a dict of possible addresses from which fedmsg can send - # messages. fedmsg.init(...) requires that a 'name' argument be passed - # to it which corresponds with one of the keys in this dict. - endpoints = { - # For message producers, fedmsg will try to guess the - # name of it's calling module to determine which endpoint definition - # to use. This can be overridden by explicitly providing the name in - # the initial call to fedmsg.init(...). - # This used to be on value01 and value03.. but now we just have one - "supybot.value02": [ - "tcp://value02.%s:3000" % suffix, - ], - - # koji is not listed here since it publishes to the fedmsg-relay - - -# Dynamically generate endpoint declarations from our wsgi app vars. -# Eventually, replace *all* fedmsg endpoint definitions with this one loop -{% for host in groups['all']|sort %} -{% if 'wsgi_fedmsg_service' in hostvars[host] and env == hostvars[host]['env'] %} - "{{hostvars[host]['wsgi_fedmsg_service']}}.{{host.split('.')|first}}": [ -{% for i in range(hostvars[host]['wsgi_procs'] * hostvars[host]['wsgi_threads']) %} - "tcp://{{host}}:30{{'%02d' % i}}", -{% endfor %} - ], -{% endif %} -{% endfor %} - }, -) diff --git a/roles/fedmsg/base/templates/logging.py.j2 b/roles/fedmsg/base/templates/logging.py.j2 deleted file mode 100644 index 2aeefa5220..0000000000 --- a/roles/fedmsg/base/templates/logging.py.j2 +++ /dev/null @@ -1,254 +0,0 @@ -# Setup fedmsg logging. - -# All of these modules are just used by the ContextInjector below. -import inspect -import hashlib -import logging -import os -import socket -import traceback - -psutil = None -try: - import psutil -except (OSError, ImportError): - # We run into issues when trying to import psutil from inside mod_wsgi on - # rhel7. If we hit that here, then just fail quietly. - # https://github.com/jmflinuxtx/kerneltest-harness/pull/17#issuecomment-48007837 - pass - - -radio_silence = """ -*** %i instances of this error seen. No more mail will be sent. *** -""".strip() - -seen_errors = {} # This could be a default dict. -error_limit = 100 - - -class ContextInjector(logging.Filter): - """ Logging filter that adds context to log records. - - Filters are typically used to "filter" log records. They declare a filter - method that can return True or False. Only records with 'True' will - actually be logged. - - Here, we somewhat abuse the concept of a filter. We for the most part - return true, but we use the opportunity to hang important contextual - information on the log record to later be used by the logging Formatter. We - don't normally want to see all this stuff in normal log records, but we *do* - want to see it when we are emailed error messages. Seeing an error, but not - knowing which host it comes from, is not that useful. - - After we've seen an error ~100 times, we stop sending email to avoid choking - the world. - - http://docs.python.org/2/howto/logging-cookbook.html#filters-contextual - """ - - def filter(self, record): - current_process = ContextInjector.get_current_process() - current_hostname = socket.gethostname() - - record.host = current_hostname - record.proc = current_process - record.pid = current_process.pid - record.proc_name = current_process.name - record.command_line = current_process.cmdline - # These are callabls on more modern versions of psutil. - if callable(record.proc_name): - record.proc_name = record.proc_name() - if callable(record.command_line): - record.command_line = record.command_line() - record.command_line = " ".join(record.command_line) - record.callstack = self.format_callstack() - record.farewell = "" - - key = hashlib.sha256(record.callstack.encode("utf-8")).hexdigest() - if not key in seen_errors: - seen_errors[key] = 0 - - if seen_errors[key] > error_limit: - return False - - seen_errors[key] += 1 - - if seen_errors[key] > error_limit: - record.farewell = radio_silence % error_limit - - msg_id = "" - try: - msg = self.get_msg_object() - if isinstance(msg, dict): - if 'msg_id' in msg: - msg_id = msg['msg_id'] - elif 'msg' in msg: - if 'msg_id' in msg['msg']: - msg_id = msg['msg']['msg_id'] - except: - pass - - record.msg_id = msg_id - - return True - - @staticmethod - def get_msg_object(): - """ Return the current request object - - This is insane. - - There is no way to know the actual fedmsg message at this point in - the code, so we're crawling our way down the call stack until we - find the first place with a 'msg' local instance variable and - attempt to extract the msg_id from it (later). - - Please forgive me (and Ralph, the original author of this code). - """ - - for frame in (f[0] for f in reversed(inspect.stack())): - if 'msg' in frame.f_locals: - return frame.f_locals['msg'] - - # This code is reached if there's no Request. Most common case is trac-admin - return None - - @staticmethod - def format_callstack(): - for i, frame in enumerate(f[0] for f in inspect.stack()): - if not '__name__' in frame.f_globals: - continue - modname = frame.f_globals['__name__'].split('.')[0] - if modname != "logging": - break - - def _format_frame(frame): - if type(frame) not in [tuple, list]: - # It must be FrameSummary, convert it to tuples. - frame = (frame.filename, frame.lineno, frame.name, "") - return ' File "%s", line %i in %s\n %s' % (frame) - - stack = traceback.extract_stack() - stack = stack[:-i] - return "\n".join([_format_frame(frame) for frame in stack]) - - @staticmethod - def get_current_process(): - mypid = os.getpid() - - if not psutil: - raise OSError("Could not import psutil for %r" % mypid) - - for proc in psutil.process_iter(): - if proc.pid == mypid: - return proc - - # This should be impossible. - raise ValueError("Could not find process %r" % mypid) - - @classmethod - def __json__(cls): - """ We need to be jsonifiable for "fedmsg-config" """ - return {'name': 'ContextInjector'} - - -hefty_format = """Message -------- -[%(asctime)s][%(name)10s %(levelname)7s] -```python -%(message)s -``` -%(farewell)s - -Process Details ---------------- -- host: %(host)s -- PID: %(pid)s -- name: %(proc_name)s -- command: %(command_line)s -- msg_id: %(msg_id)s - -Callstack that lead to the logging statement --------------------------------------------- -```python -%(callstack)s -``` -""" - - -# See the following for constraints on this format http://bit.ly/Xn1WDn -config = dict( - logging=dict( - version=1, - formatters=dict( - bare={ - "datefmt": "%Y-%m-%d %H:%M:%S", - {% if inventory_hostname.startswith(('bodhi-backend01')) %} - # Here we use a different format just so we can include - # threadName. We set the threadName in the bodhi masher to some - # useful strings that will tell us which branch is doing what. - # See https://github.com/fedora-infra/bodhi/commit/66d94094 - "format": "[%(asctime)s][%(name)10s %(levelname)7s]%(threadName)s %(message)s" - {% else %} - "format": "[%(asctime)s][%(name)10s %(levelname)7s] %(message)s" - {% endif %} - }, - hefty={ - "datefmt": "%Y-%m-%d %H:%M:%S", - "format": hefty_format, - }, - ), - filters=dict( - context={ - # This "()" syntax in the stdlib doesn't seem to be documented - # anywhere. I had to read - # /usr/lib64/python2.7/logging/config.py to figure it out. - "()": ContextInjector, - }, - ), - handlers=dict( - console={ - "class": "logging.StreamHandler", - "formatter": "bare", - "level": "{{fedmsg_loglevel}}", - "stream": "ext://sys.stdout", - }, - mailer={ - "class": "logging.handlers.SMTPHandler", - "formatter": "hefty", - "filters": ["context"], - "level": "ERROR", -{% if datacenter == 'iad2' %} - "mailhost": "bastion.iad2.fedoraproject.org", -{% else %} - "mailhost": "bastion.vpn.fedoraproject.org", -{% endif %} - "fromaddr": "fedmsg@fedoraproject.org", - "toaddrs": [ - {% for recipient in fedmsg_error_recipients %} - "{{recipient}}", - {% endfor %} - ], - "subject": "fedmsg error log %s" % socket.gethostname(), - }, - ), - loggers=dict( - fedmsg={ - "level": "{{fedmsg_loglevel}}", - "propagate": False, - "handlers": ["console", "mailer"], - }, - moksha={ - "level": "{{fedmsg_loglevel}}", - "propagate": False, - "handlers": ["console", "mailer"], - }, - ), - # Root handler that deals with log messages that are not handled by the - # loggers explicitly configured in the `loggers` dict. - root={ - "level": "{{fedmsg_loglevel}}", - "handlers": ["console", "mailer"], - }, - ), -) diff --git a/roles/fedmsg/base/templates/policy.py.j2 b/roles/fedmsg/base/templates/policy.py.j2 deleted file mode 100644 index a19512ddc5..0000000000 --- a/roles/fedmsg/base/templates/policy.py.j2 +++ /dev/null @@ -1,30 +0,0 @@ -config = dict( - routing_nitpicky=False, - routing_policy={ - # The gist here is that only messages signed by the - # bodhi-app0{1,2,3,4,5,6,7,8} certificates may bear the - # "org.fedoraproject.prod.bodhi.update.request.stable" topic, or else - # they fail validation and are either dropped or marked as invalid - # (depending on the consumer's wishes). - # - # There is another option that we do not set. If `routing_nitpicky` is - # set to True, then a given message's topic *must* appear in this list - # in order for it to pass validation. For instance, we have - # routing_nitpicky set to False by default and no - # "org.fedoraproject.prod.logger.log" topics appear in this policy, - # therefore, any message bearing that topic and *any* certificate signed - # by our CA may pass validation. - # - - # ** policy dynamically generated from inventory vars - # See ansible/filter_plugins/fedmsg.py for this inversion filter. - {% for topic, certs in groups | invert_fedmsg_policy(hostvars, env) %} - "{{topic}}": [ - {% for cert in certs %} - "{{ cert }}", - {% endfor %} - "fedmsg-migration-tools{{env_suffix}}.fedoraproject.org", - ], - {% endfor %} - }, -) diff --git a/roles/fedmsg/base/templates/relay.py.j2 b/roles/fedmsg/base/templates/relay.py.j2 deleted file mode 100644 index 64c9c71115..0000000000 --- a/roles/fedmsg/base/templates/relay.py.j2 +++ /dev/null @@ -1,45 +0,0 @@ -{% if datacenter == 'iad2' %} -{% if env == 'staging' %} -suffix = 'stg.iad2.fedoraproject.org' -{% else %} -suffix = 'iad2.fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% else %} -{% if env == 'staging' %} -suffix = 'stg.fedoraproject.org' -{% else %} -suffix = 'fedoraproject.org' -vpn_suffix = 'vpn.fedoraproject.org' -{% endif %} -{% endif %} - -# This is just an extension of fedmsg.d/endpoints.py. This dict -# will get merged in with the other. -config = dict( - endpoints={ - # This is the output side of the relay to which all other - # services can listen. - "relay_outbound": [ - # Messages emerge here - "tcp://busgateway01.%s:3999" % suffix, - ], - }, - # This is the address of an active->passive relay. It is used for the - # fedmsg-logger command which requires another service with a stable - # listening address for it to send messages to. - # It is also used by the git-hook, for the same reason. - # It is also used by the mediawiki php plugin which, due to the oddities of - # php, can't maintain a single passive-bind endpoint of it's own. - relay_inbound=[ - - # Primarily, scripts from inside iad2 connect here. - # Furthermore, scripts from outside (coprs, secondary arch koji) connect - # here via haproxy. - "tcp://busgateway01.%s:9941" % suffix, - - # Scripts from the vpn (people03, anitya) connect here - "tcp://busgateway01.vpn.fedoraproject.org:3998", - - ], -) diff --git a/roles/fedmsg/base/templates/ssl.py.j2 b/roles/fedmsg/base/templates/ssl.py.j2 deleted file mode 100644 index cdb558a0f4..0000000000 --- a/roles/fedmsg/base/templates/ssl.py.j2 +++ /dev/null @@ -1,42 +0,0 @@ -config = dict( - sign_messages={{fedmsg_sign_messages}}, - validate_signatures={{fedmsg_validate_signatures}}, - ssldir="/etc/pki/fedmsg", - - {% if env == 'staging' %} - ca_cert_location="https://stg.fedoraproject.org/fedmsg/ca.crt", - crl_location="https://stg.fedoraproject.org/fedmsg/crl.pem", - {% else %} - ca_cert_location="https://fedoraproject.org/fedmsg/ca.crt", - crl_location="https://fedoraproject.org/fedmsg/crl.pem", - {% endif %} - crl_cache="/var/run/fedmsg/crl.pem", - crl_cache_expiry=86400, # Daily - - certnames=dict([ - # This is the set of certs for this host, dynamically generated from the - # ``fedmsg_certs`` host vars - {% for cert in fedmsg_certs %} - ("{{cert.get('alias', cert['service'])}}.{{inventory_hostname_short}}", "{{cert['service']}}-{{fedmsg_fqdn | default(inventory_hostname)}}"), - {% endfor %} -] + [ - ("shell.anitya-frontend01", "shell-anitya-frontend01.vpn.fedoraproject.org"), - ("anitya.anitya-frontend01", "anitya-anitya-frontend01.vpn.fedoraproject.org"), - ("shell.anitya-backend01", "shell-anitya-backend01.vpn.fedoraproject.org"), - ("anitya.anitya-backend01", "anitya-anitya-backend01.vpn.fedoraproject.org"), - - # FAF/retrace is on the qa network and talks to an inbound relay. - ("shell.retrace01", "shell-retrace01.qa.fedoraproject.org"), - ("faf.retrace01", "faf-retrace01.qa.fedoraproject.org"), - - # This is for the copr backend, which is a little different. The - # "cert-prefix" is just "copr", and is hardcoded in - # backend/dispatcher.py. The hostname is also a little different, - # since it is an openstack node. This might be a little fragile. :/ - # See https://github.com/fedora-infra/fedmsg/issues/199 for the plan. - ("copr.dhcp-client03", "copr-copr-be.cloud.fedoraproject.org"), - ("copr.copr-be-i-00000407", "copr-copr-be.cloud.fedoraproject.org"), - ("copr.copr-be", "copr-copr-be.cloud.fedoraproject.org"), - ]), -) - diff --git a/roles/fedmsg/crl/templates/fedmsg.conf b/roles/fedmsg/crl/templates/fedmsg.conf deleted file mode 100644 index 39f1bb56bc..0000000000 --- a/roles/fedmsg/crl/templates/fedmsg.conf +++ /dev/null @@ -1,6 +0,0 @@ -Alias {{path}} /srv/web/fedmsg - - - Options Indexes - AllowOverride None - diff --git a/roles/fedmsg/gateway/files/fixup.patch b/roles/fedmsg/gateway/files/fixup.patch deleted file mode 100644 index 0736f8f259..0000000000 --- a/roles/fedmsg/gateway/files/fixup.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 922c6f390525faa9a9d65a501a44d8081940194a Mon Sep 17 00:00:00 2001 -From: Patrick Uiterwijk -Date: Thu, 1 Dec 2016 11:56:34 +0000 -Subject: [PATCH] Only check for stomp messages after we decoded any ZMQMessage - -Signed-off-by: Patrick Uiterwijk ---- - fedmsg/consumers/__init__.py | 24 ++++++++++++------------ - 1 file changed, 12 insertions(+), 12 deletions(-) - -diff --git a/fedmsg/consumers/__init__.py b/fedmsg/consumers/__init__.py -index 88324b1..a12a587 100644 ---- a/fedmsg/consumers/__init__.py -+++ b/fedmsg/consumers/__init__.py -@@ -204,16 +204,23 @@ def _make_query(page=1): - - def validate(self, message): - """ This needs to raise an exception, caught by moksha. """ -- # If we're not validating, then everything is valid. -- # If this is turned on globally, our child class can override it. -- if not self.validate_signatures: -- return -- - if hasattr(message, '__json__'): - message = message.__json__() - if isinstance(message['body'], basestring): - message['body'] = json.loads(message['body']) - -+ # Massage STOMP messages into a more compatible format. -+ if 'topic' not in message['body']: -+ message['body'] = { -+ 'topic': message.get('topic'), -+ 'msg': message['body'], -+ } -+ -+ # If we're not validating, then everything is valid. -+ # If this is turned on globally, our child class can override it. -+ if not self.validate_signatures: -+ return -+ - # We assume these match inside fedmsg.crypto, so we should enforce it. - if not message['topic'] == message['body']['topic']: - raise RuntimeWarning("Topic envelope mismatch.") -@@ -223,13 +230,6 @@ def validate(self, message): - - def _consume(self, message): - -- # Massage STOMP messages into a more compatible format. -- if 'topic' not in message['body']: -- message['body'] = { -- 'topic': message.get('topic'), -- 'msg': message['body'], -- } -- - try: - self.validate(message) - except RuntimeWarning as e: diff --git a/roles/fedmsg/gateway/files/fs-limits.conf b/roles/fedmsg/gateway/files/fs-limits.conf deleted file mode 100644 index c31a46611b..0000000000 --- a/roles/fedmsg/gateway/files/fs-limits.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -LimitNOFILE=160000 diff --git a/roles/fedmsg/gateway/files/gateway.py b/roles/fedmsg/gateway/files/gateway.py deleted file mode 100644 index d621a23694..0000000000 --- a/roles/fedmsg/gateway/files/gateway.py +++ /dev/null @@ -1,7 +0,0 @@ -config = { - # Tell fedmsg-gateway where its special outgoing port is. - 'fedmsg.consumers.gateway.port': 9940, - - # Set this number to near, but not quite the fs.file-limit. Try 160000. - 'fedmsg.consumers.gateway.high_water_mark': 160000, -} diff --git a/roles/fedmsg/gateway/slave/files/endpoints.py b/roles/fedmsg/gateway/slave/files/endpoints.py deleted file mode 100644 index 354386d257..0000000000 --- a/roles/fedmsg/gateway/slave/files/endpoints.py +++ /dev/null @@ -1,3 +0,0 @@ -# This is empty on purpose. See: -# https://fedorahosted.org/fedora-infrastructure/ticket/4995 -config = {} diff --git a/roles/fedmsg/gateway/slave/files/fixup.patch b/roles/fedmsg/gateway/slave/files/fixup.patch deleted file mode 100644 index 0736f8f259..0000000000 --- a/roles/fedmsg/gateway/slave/files/fixup.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 922c6f390525faa9a9d65a501a44d8081940194a Mon Sep 17 00:00:00 2001 -From: Patrick Uiterwijk -Date: Thu, 1 Dec 2016 11:56:34 +0000 -Subject: [PATCH] Only check for stomp messages after we decoded any ZMQMessage - -Signed-off-by: Patrick Uiterwijk ---- - fedmsg/consumers/__init__.py | 24 ++++++++++++------------ - 1 file changed, 12 insertions(+), 12 deletions(-) - -diff --git a/fedmsg/consumers/__init__.py b/fedmsg/consumers/__init__.py -index 88324b1..a12a587 100644 ---- a/fedmsg/consumers/__init__.py -+++ b/fedmsg/consumers/__init__.py -@@ -204,16 +204,23 @@ def _make_query(page=1): - - def validate(self, message): - """ This needs to raise an exception, caught by moksha. """ -- # If we're not validating, then everything is valid. -- # If this is turned on globally, our child class can override it. -- if not self.validate_signatures: -- return -- - if hasattr(message, '__json__'): - message = message.__json__() - if isinstance(message['body'], basestring): - message['body'] = json.loads(message['body']) - -+ # Massage STOMP messages into a more compatible format. -+ if 'topic' not in message['body']: -+ message['body'] = { -+ 'topic': message.get('topic'), -+ 'msg': message['body'], -+ } -+ -+ # If we're not validating, then everything is valid. -+ # If this is turned on globally, our child class can override it. -+ if not self.validate_signatures: -+ return -+ - # We assume these match inside fedmsg.crypto, so we should enforce it. - if not message['topic'] == message['body']['topic']: - raise RuntimeWarning("Topic envelope mismatch.") -@@ -223,13 +230,6 @@ def validate(self, message): - - def _consume(self, message): - -- # Massage STOMP messages into a more compatible format. -- if 'topic' not in message['body']: -- message['body'] = { -- 'topic': message.get('topic'), -- 'msg': message['body'], -- } -- - try: - self.validate(message) - except RuntimeWarning as e: diff --git a/roles/fedmsg/gateway/slave/files/gateway.py b/roles/fedmsg/gateway/slave/files/gateway.py deleted file mode 100644 index 354386d257..0000000000 --- a/roles/fedmsg/gateway/slave/files/gateway.py +++ /dev/null @@ -1,3 +0,0 @@ -# This is empty on purpose. See: -# https://fedorahosted.org/fedora-infrastructure/ticket/4995 -config = {} diff --git a/roles/fedmsg/gateway/slave/files/stunnel.service b/roles/fedmsg/gateway/slave/files/stunnel.service deleted file mode 100644 index 8701ba266f..0000000000 --- a/roles/fedmsg/gateway/slave/files/stunnel.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=stunnel -After=network.target -Documentation=https://infrastructure.fedoraproject.org/infra/docs/fedmsg-websocket.txt - -[Service] -ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf -Type=forking -User=root -Group=root -Restart=on-failure - -[Install] -WantedBy=multi-user.target diff --git a/roles/fedmsg/gateway/slave/templates/fedmsg-gateway-slave.py.j2 b/roles/fedmsg/gateway/slave/templates/fedmsg-gateway-slave.py.j2 deleted file mode 100644 index 68e449eaed..0000000000 --- a/roles/fedmsg/gateway/slave/templates/fedmsg-gateway-slave.py.j2 +++ /dev/null @@ -1,39 +0,0 @@ -config = { - # Tell fedmsg-gateway where its special outgoing port is. haproxy will - # locally connect back to us here - 'fedmsg.consumers.gateway.port': 9942, - - # Set this number to near, but not quite the fs.file-limit. Try 160000. - 'fedmsg.consumers.gateway.high_water_mark': 160000, - - # Here is the addres of the master gateway on busgateway01. We'll get all - # our messages from here and forward them out fedmsg.consumers.gateway.port - 'endpoints': { - 'fedmsg-gateway-master': [ - 'tcp://busgateway01:9940', - ], - } - -} - -# This option adds an IPC socket by which we can monitor hub health. -try: - import os - import psutil - - pid = os.getpid() - proc = [p for p in psutil.process_iter() if p.pid == pid][0] - - # proc.name is a method on modern versions of psutil. - name = proc.name - if callable(name): - name = name() - - config['moksha.monitoring.socket'] = \ - 'ipc:///var/run/fedmsg/monitoring-%s.socket' % name - config['moksha.monitoring.socket.mode'] = '770' -except (OSError, ImportError): - # We run into issues when trying to import psutil from mod_wsgi on rhel7 - # but this feature is of no concern in that context, so just fail quietly. - # https://github.com/jmflinuxtx/kerneltest-harness/pull/17#issuecomment-48007837 - pass diff --git a/roles/fedmsg/gateway/slave/templates/stunnel-conf.j2 b/roles/fedmsg/gateway/slave/templates/stunnel-conf.j2 deleted file mode 100644 index ab5ce51565..0000000000 --- a/roles/fedmsg/gateway/slave/templates/stunnel-conf.j2 +++ /dev/null @@ -1,8 +0,0 @@ -cert = /etc/pki/tls/certs/wildcard-2024.fedoraproject.org.combined.cert -key = /etc/pki/tls/private/wildcard-2024.fedoraproject.org.key -pid = /var/run/stunnel.pid - -[{{ stunnel_service }}] - -accept = {{ stunnel_source_port }} -connect = {{ stunnel_destination_port }} diff --git a/roles/fedmsg/hub/defaults/main.yml b/roles/fedmsg/hub/defaults/main.yml deleted file mode 100644 index 8b9baeb527..0000000000 --- a/roles/fedmsg/hub/defaults/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -# This is false by default. You have to override it when including the role. ---- -enable_websocket_server: false - -# Absolute memory limit in megabytes for fedmsg-hub and fedmsg-bub-3 -# services. Zero means infinity (no limit). -fedmsg_hub_memory_limit_mb: 0 - -# Restart fedmsg-hub.service on failure. -fedmsg_hub_auto_restart: false diff --git a/roles/fedmsg/hub/files/websockets.py b/roles/fedmsg/hub/files/websockets.py deleted file mode 100644 index 9563b6b9c0..0000000000 --- a/roles/fedmsg/hub/files/websockets.py +++ /dev/null @@ -1,9 +0,0 @@ -config = { - # The presence of this will cause fedmsg-hub to start its own websocket - # server along with it. - 'moksha.livesocket.websocket.port': 9919, -} - -# And... this is a hack to get python-txws to work with python-six on epel7 -import six -six.PY2 = not six.PY3 diff --git a/roles/fedmsg/hub/handlers/main.yml b/roles/fedmsg/hub/handlers/main.yml deleted file mode 100644 index fa63196832..0000000000 --- a/roles/fedmsg/hub/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: Restart nrpe - service: name=nrpe state=restarted diff --git a/roles/fedmsg/hub/templates/fedmsg-hub-systemd.conf.j2 b/roles/fedmsg/hub/templates/fedmsg-hub-systemd.conf.j2 deleted file mode 100644 index 05a76d7b56..0000000000 --- a/roles/fedmsg/hub/templates/fedmsg-hub-systemd.conf.j2 +++ /dev/null @@ -1,25 +0,0 @@ -[Service] -{% if fedmsg_hub_memory_limit_mb|int %} -# Limit max RAM usage for fedmsg-hub. Also don't let fedmsg-hub use -# more that half of swap available in the system, so that we don't get -# Nagios alerts about low swap. We would rather have fedmsg-hub OOM -# and be auto-restarted. -{% if ansible_distribution_major_version|int > 7 %} -MemorySwapMax={{ (ansible_memory_mb.swap.total / 2) | int }}M -MemoryMax={{fedmsg_hub_memory_limit_mb}}M -{% else %} -MemoryLimit={{fedmsg_hub_memory_limit_mb}}M -LimitAS={{ (fedmsg_hub_memory_limit_mb|int + (ansible_memory_mb.swap.total / 2)) | int }}M -{% endif %} -{% endif %} - -LimitNOFILE=16384 - -{% if fedmsg_hub_auto_restart %} -Restart=on-failure -{% if env == 'staging' %} -RestartSec=600 -{% else %} -RestartSec=10 -{% endif %} -{% endif %} diff --git a/roles/fedmsg/irc/templates/fas-credentials.py b/roles/fedmsg/irc/templates/fas-credentials.py deleted file mode 100644 index 76416d2178..0000000000 --- a/roles/fedmsg/irc/templates/fas-credentials.py +++ /dev/null @@ -1,9 +0,0 @@ -config = dict( - fas_credentials=dict( - username="fedoradummy", - password="{{ fedoraDummyUserPassword }}", - {% if env == 'staging' %} - base_url="https://accounts.stg.fedoraproject.org/", - {% endif %} - ), -) diff --git a/roles/fedmsg/irc/templates/ircbot.py b/roles/fedmsg/irc/templates/ircbot.py deleted file mode 100644 index 7e67e3cb95..0000000000 --- a/roles/fedmsg/irc/templates/ircbot.py +++ /dev/null @@ -1,726 +0,0 @@ -config = dict( - irc=[ - dict( - network='irc.libera.chat', - port=6667, - make_pretty=True, - make_terse=True, - - {% if env == 'staging' %} - nickname='fedmsg-stg', - channel='fedora-fedmsg-stg', - {% else %} - nickname='fedmsg-bot', - channel='fedora-fedmsg', - {% endif %} - - filters=dict( - topic=[ - # Ignore some of the koji spamminess - 'buildsys.package.list.change', - 'buildsys.repo.init', - 'buildsys.repo.done', - 'buildsys.untag', - 'buildsys.tag', - # And some of the FAF/ABRT spamminess - 'faf.report.threshold1', - 'faf.problem.threshold1', - # And some resultsdb spam - 'resultsdb.result.new', - ], - body=[], - ), - ), - - # For fedora-admin -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-admin', -# {% else %} -# nickname='fm-admin', -# {% endif %} -# channel='fedora-admin', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=[ -# "^((?!(fedora-infrastructure)).)*$", -# ], -# ), -# ), -# -# # For fedora-apps -## dict( -## network='irc.libera.chat', -## port=6667, -## make_pretty=True, -## make_terse=True, -## -## {% if env == 'staging' %} -## nickname='fm-stg-apps', -## {% else %} -## nickname='fm-apps', -## {% endif %} -## channel='fedora-apps', -## filters=dict( -## topic=[ -## '^((?!(github\.create|github\.issue\.|github\.pull_request|github\.commit_comment|github\.star|pagure)).)*$', -## ], -## body=[ -## "^((?!fedora-infra).)*$", -## ], -## ), -## ), -# -# # For that commops crew! -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='commops-bot-s', -# {% else %} -# nickname='commops-bot', -# {% endif %} -# channel='fedora-commops', -# filters=dict( -# topic=[ -# '^((?!(happinesspacket|fedora_elections|meetbot\.meeting\.item\.help|fedocal\.meeting\.new|fedocal\.meeting\.update|fedocal\.calendar|anitya\.distro\.add)).)*$', -# ], -# ), -# ), -# # A second bot for that commops crew that watches for the term "commops" -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='commops-watch-s', -# {% else %} -# nickname='commops-watch', -# {% endif %} -# channel='fedora-commops', -# filters=dict( -# topic=[ -# '^((?!(pagure.pull-request.new|pagure.issue.new)).)*$', -# ], -# body=['^((?!fedora-commops).)*$'], -# ), -# ), -# # The planet is currently no longer sending messages -# # # A third one to listen for new Community Blog posts -# # dict( -# # network='irc.libera.chat', -# # port=6667, -# # make_pretty=True, -# # make_terse=True, -# -# # {% if env == 'staging' %} -# # nickname='fm-commblog-s', -# # {% else %} -# # nickname='fm-commblog', -# # {% endif %} -# # channel='fedora-commops', -# # filters=dict( -# # topic=[ -# # '^((?!(planet)).)*$', -# # ], -# # body=['^((?!communityblog.fedoraproject.org).)*$'], -# # ), -# # ), -# # dict( -# # network='irc.libera.chat', -# # port=6667, -# # make_pretty=True, -# # make_terse=True, -# -# # {% if env == 'staging' %} -# # nickname='fm-planet-s', -# # {% else %} -# # nickname='fm-planet', -# # {% endif %} -# # channel='fedora-planet', -# # filters=dict( -# # topic=[ -# # '^((?!(planet)).)*$', -# # ], -# # ), -# # ), -# -# # For that python3 porting fad. AMAZING! -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fedmsg-python-s', -# {% else %} -# nickname='fedmsg-python', -# {% endif %} -# channel='fedora-python', -# filters=dict( -# topic=[ -# '^((?!(github\.create|github\.issue\.open|github\.pull_request\.open)).)*$', -# ], -# body=[ -# '^((?!(fedora-python)).)*$', -# ], -# ), -# ), -# -# # We no longer run askbot -# # # Just for the Ask Fedora crew in #fedora-ask -# # dict( -# # network='irc.libera.chat', -# # port=6667, -# # make_pretty=True, -# # make_terse=True, -# -# # {% if env == 'staging' %} -# # nickname='fm-stg-ask', -# # {% else %} -# # nickname='fm-ask', -# # {% endif %} -# # channel='fedora-ask', -# # # Only show AskFedora messages -# # filters=dict( -# # topic=['^((?!(askbot.post.edit|askbot.flag_offensive.add)).)*$'], -# # ), -# # ), -# - # Show only compose msgs to the releng crew. - dict( - network='irc.libera.chat', - port=6667, - make_pretty=True, - make_terse=True, - - {% if env == 'staging' %} - nickname='fm-stg-releng', - {% else %} - nickname='fm-releng', - {% endif %} - channel='fedora-releng', - filters=dict( - topic=[ - '^((?!(compose.rawhide|compose.{{ FedoraBranchedNumber }}|pungi.compose.status|pagure)).)*$', - ], - body=[ - '^((?!(pagure.io\/releng/failed-composes|pagure.io\/releng\/compose-tracker|pagure.io\/pungi|pagure.io\/fedora-comps|pagure.io\/fedora-kickstarts|compose\/updates|linux\/development|rpms\/fedora-repos|rpms\/fedora-release|rpms\/fedora-packager)).)*$', - ], - ), - ), - -# # We no longer run trac -# # # The proyectofedora crew wants trac messages. -# # dict( -# # network='irc.libera.chat', -# # port=6667, -# # make_pretty=True, -# # make_terse=True, -# -# # {% if env == 'staging' %} -# # nickname='fm-stg-pfi', -# # {% else %} -# # nickname='fm-pfi', -# # {% endif %} -# # channel='#proyecto-fedora', -# # # If the word proyecto appears in any message, forward it. -# # filters=dict( -# # body=['^((?!proyecto).)*$'], -# # ), -# # ), -# -# # Similarly for #fedora-latam. -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-latam', -# {% else %} -# nickname='fm-latam', -# {% endif %} -# channel='#fedora-latam', -# # If the word fedora-latam appears in any message, forward it. -# filters=dict( -# body=['^((?!fedora-latam).)*$'], -# ), -# ), -# -# # And for #fedora-g11n -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-g11n', -# {% else %} -# nickname='fm-g11n', -# {% endif %} -# channel='#fedora-g11n', -# # If the word i18n/g11n appears in any of below topic message, forward it. -# filters=dict( -# topic=[ -# '^((?!(trac|pagure|planet|mailman|meetbot\.meeting\.complete)).)*$', -# ], -# body=['^((?!(i18n|g11n)).)*$'], -# ), -# ), -# -# # And #ipsilon -# {% if env == "production" %} -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# nickname='fm-ipsilon', -# channel='#ipsilon', -# # If the word ipsilon appears in any message, forward it. -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!ipsilonpagure).)*$'], -# ), -# ), -# {% endif %} -# -# # For pagure -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-pagure', -# {% else %} -# nickname='fm-pagure', -# {% endif %} -# channel='#pagure', -# filters=dict( -# topic=[ -# '^((?!(github\.star|pagure)).)*$', -# ], -# body=[ -# "^((?!(u'name': u'pagure'|u'name': u'pagure-importer')).)*$", -# ], -# ), -# ), -# -# # Hook up the design-team -# {% if env == "production" %} -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# nickname='fm-design', -# channel='#fedora-design', -# -# filters=dict( -# topic=[ -# '^((?!(github\.(issue|pull_request)\.opened|mailman|nuancier|pagure\.(issue|pull-request)\.new)).)*$', -# ], -# body=[ -# "^((?!(u'name': u'design'|design-team|fedora-design)).)*$", -# ], -# ), -# ), -# {% endif %} -# -# # And #fedora-docs wants in on the action -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# make_short=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-docs', -# {% else %} -# nickname='fm-docs', -# {% endif %} -# channel='#fedora-docs', -# filters=dict( -# body=['^((?!\/srv\/git\/docs).)*$'], -# ), -# ), -# -# # And #fedora-websites -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-web', -# {% else %} -# nickname='fm-web', -# {% endif %} -# channel='#fedora-websites', -# # If the word fedora-websites appears in any message, forward it. -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!fedora-websites).)*$'], -# ), -# ), -# -# # And #fedora-mktg -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-mktg', -# {% else %} -# nickname='fm-mktg', -# {% endif %} -# channel='#fedora-mktg', -# # If the word fedora-mktg appears in any pagure message, forward it. -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!fedora-mktg).)*$'], -# ), -# ), -# -# # And #fedora-modularity-bots -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-mod', -# {% else %} -# nickname='fm-mod', -# {% endif %} -# channel='#fedora-modularity-bots', -# # If the word modularity appears in any message, forward it. -# filters=dict( -# topic=[ -# # Ignore some of the ansible and copr spamminess -# 'org.fedoraproject.*.copr.*', -# 'org.fedoraproject.*.ansible.*', -# # Oh, and koji builds. We have a lot of those now... -# 'org.fedoraproject.*.buildsys.*', -# ], -# body=['^((?!(modularity|Modularity)).)*$'], -# ), -# ), -# -# # And #fedora-diversity -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-diversity', -# {% else %} -# nickname='fm-diversity', -# {% endif %} -# channel='#fedora-diversity', -# # If the word diversity appears in a new Pagure issue, pull -# # request, or comment, forward it. -# filters=dict( -# topic=['^((?!(' -# 'pagure.pull-request.new|' -# 'pagure.issue.new|' -# 'pagure.issue.comment.added)).)*$', -# ], -# body=['^((?!(diversity|Diversity)).)*$'], -# ), -# ), -# -# # And #fedora-magazine -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-magazine', -# {% else %} -# nickname='fm-magazine', -# {% endif %} -# channel='#fedora-magazine', -# # If the word magazine appears in any message, forward it. -# filters=dict( -# topic=[ -# '^((?!(pagure|planet|badges|fas.group|mailman|meetbot\.meeting)).)*$', -# ], -# body=['^((?!(magazine|Magazine)).)*$', -# '((?!(fedoramagazine-tips)).)*$', -# "u'namespace': u'Fedora-Council'"], -# ), -# ), -# -# # And #fedora-rust -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-rust', -# {% else %} -# nickname='fm-rust', -# {% endif %} -# channel='fedora-rust', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=[ -# "^((?!((u)?'namespace': (u)?'fedora-rust')).)*$", -# ], -# ), -# ), -# -# # And #rit-foss -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-rit', -# {% else %} -# nickname='fm-rit', -# {% endif %} -# channel='rit-foss', -# filters=dict( -# topic=[ -# '^((?!(mailman)).)*$', -# ], -# body=[ -# "^((?!(fossrit)).)*$", -# ], -# ), -# ), -# -# # For #fedora-workstation -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-workstation', -# {% else %} -# nickname='fm-workstation', -# {% endif %} -# channel='#fedora-workstation', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=[ -# "^((?!(fedora-workstation)).)*$", -# ], -# ), -# ), -# -# # For #koji -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-koji', -# {% else %} -# nickname='fm-koji', -# {% endif %} -# channel='koji', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!(pagure.io\/koji)).)*$', -# ], -# ), -# ), -# -# # For #fedora-join -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-join', -# {% else %} -# nickname='fm-join', -# {% endif %} -# channel='fedora-join', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!(fedora-join)).)*$', -# ], -# ), -# ), -# -# # For #fedora-neuro -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-neuro', -# {% else %} -# nickname='fm-neuro', -# {% endif %} -# channel='fedora-neuro', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!(neuro)).)*$', -# ], -# ), -# ), -# -# # Hook up #fedora-badges with badges messages -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-badges', -# {% else %} -# nickname='fm-badges', -# {% endif %} -# channel='#fedora-badges', -# filters=dict( -# topic=[ -# '^((?!(pagure.*(new|added)|mailman)).)*$', -# ], -# body=['^((?!(fedora-badges|badges)).)*$'], -# ), -# ), -# -# # channel #centos-ci with centos-infra messages -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-centos-infra', -# {% else %} -# nickname='fm-centos-infra', -# {% endif %} -# channel='#centos-ci', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!(centos-infra)).)*$'], -# ), -# ), -# -# # And #fedora-podcast -# dict( -# network='irc.libera.chat', -# port=6667, -# make_pretty=True, -# make_terse=True, -# -# {% if env == 'staging' %} -# nickname='fm-stg-podcast', -# {% else %} -# nickname='fm-podcast', -# {% endif %} -# channel='fedora-podcast', -# filters=dict( -# topic=[ -# '^((?!(pagure)).)*$', -# ], -# body=['^((?!(fedora-podcast)).)*$'], -# ), -# ), - - ], - - ### Possible colors are ### - # "white", - # "black", - # "blue", - # "green", - # "red", - # "brown", - # "purple", - # "orange", - # "yellow", - # "light green", - # "teal", - # "light cyan", - # "light blue", - # "pink", - # "grey", - # "light grey", - irc_color_lookup = { - "fas": "light blue", - "bodhi": "green", - "git": "red", - "wiki": "purple", - "logger": "orange", - "buildsys": "yellow", - "fedoraplanet": "light green", - "trac": "pink", - "askbot": "light cyan", - "fedbadges": "brown", - "fedocal": "purple", - "copr": "red", - "anitya": "light cyan", - "fmn": "light blue", - "hotness": "light green", - }, - - # This may be 'notice' or 'msg' - irc_method='msg', -) diff --git a/roles/git/checks/files/check-perms.py b/roles/git/checks/files/check-perms.py index 43543bed80..d88776e82b 100755 --- a/roles/git/checks/files/check-perms.py +++ b/roles/git/checks/files/check-perms.py @@ -10,7 +10,7 @@ import optparse from stat import * from subprocess import call, PIPE, Popen -ALL_CHECKS = ['bare', 'shared', 'mail-hook', 'fedmsg-hook', 'perms', +ALL_CHECKS = ['bare', 'shared', 'mail-hook', 'perms', 'post-update-hook', 'update-hook'] DEFAULT_CHECKS = ['bare', 'shared', 'perms', 'post-update-hook'] @@ -223,7 +223,6 @@ def set_post_receive_hook_version3(gitdir, fix=False): # Remove the old hooks hooks = [ os.path.join(dest_prefix, 'post-receive-email'), - os.path.join(dest_prefix, 'post-receive-fedmsg'), os.path.join(dest_prefix, 'post-receive-alternativearch'), # These two hooks are setup by pagure but are already part of the # main post-receive hook @@ -441,10 +440,6 @@ def main(): if not opts.fix or not set_post_receive_hook_version2(gitdir): problems.append(gitdir) - if 'fedmsg-hook' in checks: - if not set_post_receive_hook_version3(gitdir, fix=opts.fix): - problems.append(gitdir) - if 'post-update-hook' in checks and not check_post_update_hook(gitdir, opts.fix): problems.append(gitdir) diff --git a/roles/git/hooks/files/post-receive-fedmsg b/roles/git/hooks/files/post-receive-fedmsg deleted file mode 100755 index f0602f2d83..0000000000 --- a/roles/git/hooks/files/post-receive-fedmsg +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env python - -import getpass -import os -import subprocess as sp -import sys - -from collections import defaultdict - -import pygit2 - -import fedmsg -import fedmsg.config - -# Use $GIT_DIR to determine where this repo is. -abspath = os.path.abspath(os.environ['GIT_DIR']) -if "/requests/" in abspath: - sys.exit(0) - -# This assumes git root dir is named "repo_name.git" -repo_name = '.'.join(abspath.split(os.path.sep)[-1].split('.')[:-1]) -namespace = abspath.split(os.path.sep)[-2] - -username = getpass.getuser() - -repo = pygit2.Repository(abspath) - -print "Emitting a message to the fedmsg bus." -config = fedmsg.config.load_config([], None) -config['active'] = True -config['endpoints']['relay_inbound'] = config['relay_inbound'] -fedmsg.init(name='relay_inbound', cert_prefix='scm', **config) - - -def revs_between(head, base): - """ Yield revisions between HEAD and BASE. """ - - # pygit2 can't do a rev-list yet, so we have to shell out.. silly. - cmd = '/usr/bin/git rev-list %s...%s' % (head.id, base.id) - proc = sp.Popen(cmd.split(), stdout=sp.PIPE, stderr=sp.PIPE, cwd=abspath) - stdout, stderr = proc.communicate() - if proc.returncode != 0: - raise IOError('git rev-list failed: %r, err: %r' % (stdout, stderr)) - - for line in stdout.decode('utf-8').strip().split('\n'): - yield line.strip() - - -def build_stats(commit): - files = defaultdict(lambda: defaultdict(int)) - - # Calculate diffs against all parent commits - diffs = [repo.diff(parent, commit) for parent in commit.parents] - # Unless this is the first commit, with no parents. - diffs = diffs or [commit.tree.diff_to_tree(swap=True)] - - for diff in diffs: - for patch in diff: - if hasattr(patch, 'new_file_path'): - path = patch.new_file_path - else: - path = patch.delta.new_file.path - - if hasattr(patch, 'additions'): - files[path]['additions'] += patch.additions - files[path]['deletions'] += patch.deletions - files[path]['lines'] += patch.additions + patch.deletions - else: - files[path]['additions'] += patch.line_stats[1] - files[path]['deletions'] += patch.line_stats[2] - files[path]['lines'] += patch.line_stats[1] \ - + patch.line_stats[2] - - total = defaultdict(int) - for name, stats in files.items(): - total['additions'] += stats['additions'] - total['deletions'] += stats['deletions'] - total['lines'] += stats['lines'] - total['files'] += 1 - - return files, total - - -seen = [] - - -def getlogin(): - try: - return os.getlogin() - except: - return os.environ['USER'] - - -# Read in all the rev information git-receive-pack hands us. -lines = [line.split() for line in sys.stdin.readlines()] -for line in lines: - base, head, branch = line - branch = '/'.join(branch.split('/')[2:]) - - try: - head = repo.revparse_single(head) - except KeyError: - # This means they are deleting this branch.. and we don't have a fedmsg - # for that (yet?). It is disallowed by dist-git in Fedora anyways. - continue - - try: - base = repo.revparse_single(base) - revs = revs_between(head, base) - except KeyError: - revs = [head.id] - - def _build_commit(rev): - commit = repo.revparse_single(unicode(rev)) - - # Tags are a little funny, and vary between versions of pygit2, so we'll - # just ignore them as far as fedmsg is concerned. - if isinstance(commit, pygit2.Tag): - return None - - files, total = build_stats(commit) - - return dict( - name=commit.author.name, - email=commit.author.email, - username=username, - summary=commit.message.split('\n')[0], - message=commit.message, - stats=dict( - files=files, - total=total, - ), - rev=unicode(rev), - path=abspath, - repo=repo_name, - namespace=namespace, - branch=branch, - agent=getlogin(), - ) - - commits = map(_build_commit, revs) - - print "* Publishing information for %i commits" % len(commits) - for commit in reversed(commits): - if commit is None: - continue - - # Keep track of whether or not we have already published this commit on - # another branch or not. It is conceivable that someone could make a - # commit to a number of branches, and push them all at the same time. - # Make a note in the fedmsg payload so we can try to reduce spam at a - # later stage. - if commit['rev'] in seen: - commit['seen'] = True - else: - commit['seen'] = False - seen.append(commit['rev']) - - fedmsg.publish( - topic="receive", - msg=dict(commit=commit), - modname="git", - ) diff --git a/roles/github2fedmsg/files/11776.patch b/roles/github2fedmsg/files/11776.patch deleted file mode 100644 index 7da48dd9c5..0000000000 --- a/roles/github2fedmsg/files/11776.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/github2fedmsg/views/webhooks.py b/github2fedmsg/views/webhooks.py -index be6b707..0637143 100644 ---- a/github2fedmsg/views/webhooks.py -+++ b/github2fedmsg/views/webhooks.py -@@ -167,10 +167,19 @@ def build_fas_lookup(payload): - usernames = set() - - # Trawl through every possible corner we can to find github usernames -+ # Fix for https://pagure.io/fedora-infrastructure/issue/11776 - if 'commits' in payload: - for commit in payload['commits']: -- usernames.add(commit['committer']['username']) -- usernames.add(commit['author']['username']) -+ if 'committer' in commit: -+ if 'username' in commit['committer']: -+ usernames.add(commit['committer']['username']) -+ elif 'name' in commit['committer']: -+ usernames.add(commit['committer']['name']) -+ if 'author' in commit: -+ if 'username' in commit['author']: -+ usernames.add(commit['author']['username']) -+ elif 'name' in commit['author']: -+ usernames.add(commit['author']['name']) - - if 'pusher' in payload: - usernames.add(payload['pusher']['name']) diff --git a/roles/github2fedmsg/files/github2fedmsg.wsgi b/roles/github2fedmsg/files/github2fedmsg.wsgi deleted file mode 100644 index b339df050e..0000000000 --- a/roles/github2fedmsg/files/github2fedmsg.wsgi +++ /dev/null @@ -1,16 +0,0 @@ -import sys -sys.stdout = sys.stderr - -import __main__ -__main__.__requires__ = __requires__ = ["github2fedmsg", "sqlalchemy>=0.8"]; -import pkg_resources -pkg_resources.require(__requires__) - -import os -os.environ['PYTHON_EGG_CACHE'] = '/var/www/.python-eggs' - -from pyramid.paster import get_app, setup_logging -ini_path = '/etc/github2fedmsg/github2fedmsg.ini' -setup_logging(ini_path) - -application = get_app(ini_path, 'main') diff --git a/roles/github2fedmsg/files/openid.py b/roles/github2fedmsg/files/openid.py deleted file mode 100644 index 8fbbfbfba0..0000000000 --- a/roles/github2fedmsg/files/openid.py +++ /dev/null @@ -1,407 +0,0 @@ -from __future__ import absolute_import - -import datetime -import re -import logging - -from openid.consumer import consumer -from openid.extensions import ax -from openid.extensions import sreg - -from pyramid.request import Response -from pyramid.httpexceptions import HTTPFound -from pyramid.security import NO_PERMISSION_REQUIRED - -from velruse.api import ( - AuthenticationComplete, - AuthenticationDenied, - register_provider, -) -from velruse.exceptions import MissingParameter -from velruse.exceptions import ThirdPartyFailure - - -log = logging.getLogger(__name__) - -# Setup our attribute objects that we'll be requesting -ax_attributes = dict( - nickname='http://axschema.org/namePerson/friendly', - email='http://axschema.org/contact/email', - full_name='http://axschema.org/namePerson', - birthday='http://axschema.org/birthDate', - gender='http://axschema.org/person/gender', - postal_code='http://axschema.org/contact/postalCode/home', - country='http://axschema.org/contact/country/home', - timezone='http://axschema.org/pref/timezone', - language='http://axschema.org/pref/language', - name_prefix='http://axschema.org/namePerson/prefix', - first_name='http://axschema.org/namePerson/first', - last_name='http://axschema.org/namePerson/last', - middle_name='http://axschema.org/namePerson/middle', - name_suffix='http://axschema.org/namePerson/suffix', - web='http://axschema.org/contact/web/default', - thumbnail='http://axschema.org/media/image/default', -) - -#Change names later to make things a little bit clearer -alternate_ax_attributes = dict( - nickname='http://schema.openid.net/namePerson/friendly', - email='http://schema.openid.net/contact/email', - full_name='http://schema.openid.net/namePerson', - birthday='http://schema.openid.net/birthDate', - gender='http://schema.openid.net/person/gender', - postal_code='http://schema.openid.net/contact/postalCode/home', - country='http://schema.openid.net/contact/country/home', - timezone='http://schema.openid.net/pref/timezone', - language='http://schema.openid.net/pref/language', - name_prefix='http://schema.openid.net/namePerson/prefix', - first_name='http://schema.openid.net/namePerson/first', - last_name='http://schema.openid.net/namePerson/last', - middle_name='http://schema.openid.net/namePerson/middle', - name_suffix='http://schema.openid.net/namePerson/suffix', - web='http://schema.openid.net/contact/web/default', -) - -# Translation dict for AX attrib names to sreg equiv -trans_dict = dict( - full_name='fullname', - birthday='dob', - postal_code='postcode', -) - -attributes = ax_attributes - - -class OpenIDAuthenticationComplete(AuthenticationComplete): - """OpenID auth complete""" - - -def includeme(config): - config.add_directive('add_openid_login', add_openid_login) - - -def add_openid_login(config, - realm=None, - storage=None, - login_path='/login/openid', - callback_path='/login/openid/callback', - name='openid'): - """ - Add a OpenID login provider to the application. - - `storage` should be an object conforming to the - `openid.store.interface.OpenIDStore` protocol. This will default - to `openid.store.memstore.MemoryStore`. - """ - provider = OpenIDConsumer(name, realm, storage) - - config.add_route(provider.login_route, login_path) - config.add_view(provider, attr='login', route_name=provider.login_route, - permission=NO_PERMISSION_REQUIRED) - - config.add_route(provider.callback_route, callback_path, - use_global_views=True, - factory=provider.callback) - - register_provider(config, name, provider) - - -class OpenIDConsumer(object): - """OpenID Consumer base class - - Providors using specialized OpenID based authentication subclass this. - - """ - def __init__(self, - name, - _type=None, - realm=None, - storage=None, - context=AuthenticationComplete): - self.openid_store = storage - self.name = name - self.type = _type - self.context = context - self.realm_override = realm - - self.login_route = 'velruse.%s-url' % name - self.callback_route = 'velruse.%s-callback' % name - - _openid_store = None - - def _get_openid_store(self): - if self._openid_store is None: - from openid.store.memstore import MemoryStore - self._openid_store = MemoryStore() - return self._openid_store - - def _set_openid_store(self, val): - self._openid_store = val - - openid_store = property(_get_openid_store, _set_openid_store) - - def _get_realm(self, request): - if self.realm_override is not None: - return self.realm_override - return request.host_url - - def _lookup_identifier(self, request, identifier): - """Extension point for inherited classes that want to change or set - a default identifier""" - return identifier - - def _update_authrequest(self, request, authrequest): - """Update the authrequest with the default extensions and attributes - we ask for - - This method doesn't need to return anything, since the extensions - should be added to the authrequest object itself. - - """ - # Add on the Attribute Exchange for those that support that - ax_request = ax.FetchRequest() - for attrib in attributes.values(): - ax_request.add(ax.AttrInfo(attrib)) - authrequest.addExtension(ax_request) - - # Form the Simple Reg request - sreg_request = sreg.SRegRequest( - optional=['nickname', 'email', 'fullname', 'dob', 'gender', - 'postcode', 'country', 'language', 'timezone'], - ) - authrequest.addExtension(sreg_request) - - def _get_access_token(self, request_token): - """Called to exchange a request token for the access token - - This method doesn't by default return anything, other OpenID+Oauth - consumers should override it to do the appropriate lookup for the - access token, and return the access token. - - """ - - def login(self, request): - log.debug('Handling OpenID login') - - # Load default parameters that all Auth Responders take - openid_url = request.params.get('openid_identifier') - - # Let inherited consumers alter the openid identifier if desired - openid_url = self._lookup_identifier(request, openid_url) - - if not openid_url: - log.error('Velruse: no openid_url') - raise MissingParameter('No openid_identifier was found') - - openid_session = {} - oidconsumer = consumer.Consumer(openid_session, None) - - try: - log.debug('About to try OpenID begin') - authrequest = oidconsumer.begin(openid_url) - except consumer.DiscoveryFailure: - log.debug('OpenID begin DiscoveryFailure') - raise - - if authrequest is None: - log.debug('OpenID begin returned empty') - raise ThirdPartyFailure("OpenID begin returned nothing") - - log.debug('Updating authrequest') - - # Update the authrequest - self._update_authrequest(request, authrequest) - - realm = self._get_realm(request) - # TODO: add a csrf check to the return_to URL - return_to = request.route_url(self.callback_route) - request.session['openid_session'] = openid_session - - # OpenID 2.0 lets Providers request POST instead of redirect, this - # checks for such a request. - if authrequest.shouldSendRedirect(): - log.debug('About to initiate OpenID redirect') - redirect_url = authrequest.redirectURL( - realm=realm, - return_to=return_to, - immediate=False) - return HTTPFound(location=redirect_url) - else: - log.debug('About to initiate OpenID POST') - html = authrequest.htmlMarkup( - realm=realm, - return_to=return_to, - immediate=False) - return Response(body=html) - - def _update_profile_data(self, request, user_data, credentials): - """Update the profile data using an OAuth request to fetch more data""" - - def callback(self, request): - """Handle incoming redirect from OpenID Provider""" - log.debug('Handling processing of response from server') - - openid_session = request.session.get('openid_session', None) - if not openid_session: - raise ThirdPartyFailure("No OpenID Session has begun.") - - # Delete the temporary token data used for the OpenID auth - del request.session['openid_session'] - - # Setup the consumer and parse the information coming back - oidconsumer = consumer.Consumer(openid_session, None) - return_to = request.route_url(self.callback_route) - info = oidconsumer.complete(request.params, return_to) - - if info.status in [consumer.FAILURE, consumer.CANCEL]: - return AuthenticationDenied("OpenID failure", - provider_name=self.name, - provider_type=self.type) - elif info.status == consumer.SUCCESS: - openid_identity = info.identity_url - if info.endpoint.canonicalID: - # If it's an i-name, use the canonicalID as its secure even if - # the old one is compromised - openid_identity = info.endpoint.canonicalID - - user_data = extract_openid_data( - identifier=openid_identity, - sreg_resp=sreg.SRegResponse.fromSuccessResponse(info), - ax_resp=ax.FetchResponse.fromSuccessResponse(info) - ) - # Did we get any OAuth info? - oauth = info.extensionResponse( - 'http://specs.openid.net/extensions/oauth/1.0', False - ) - cred = {} - if oauth and 'request_token' in oauth: - access_token = self._get_access_token(oauth['request_token']) - if access_token: - cred.update(access_token) - - # See if we need to update our profile data with an OAuth call - self._update_profile_data(request, user_data, cred) - - return self.context(profile=user_data, - credentials=cred, - provider_name=self.name, - provider_type=self.type) - else: - raise ThirdPartyFailure("OpenID failed.") - - -class AttribAccess(object): - """Uniform attribute accessor for Simple Reg and Attribute Exchange - values""" - def __init__(self, sreg_resp, ax_resp): - self.sreg_resp = sreg_resp or {} - self.ax_resp = ax_resp or ax.AXKeyValueMessage() - - def get(self, key, ax_only=False): - """Get a value from either Simple Reg or AX""" - # First attempt to fetch it from AX - v = self.ax_resp.getSingle(attributes[key]) - if v: - return v - if ax_only: - return None - - # Translate the key if needed - if key in trans_dict: - key = trans_dict[key] - - # Don't attempt to fetch keys that aren't valid sreg fields - if key not in sreg.data_fields: - return None - - return self.sreg_resp.get(key) - - -def extract_openid_data(identifier, sreg_resp, ax_resp): - """Extract the OpenID Data from Simple Reg and AX data - - This normalizes the data to the appropriate format. - - """ - attribs = AttribAccess(sreg_resp, ax_resp) - - account = {} - accounts = [account] - - ud = {'accounts': accounts} - if 'google.com' in identifier: - account['domain'] = 'google.com' - elif 'yahoo.com' in identifier: - account['domain'] = 'yahoo.com' - elif 'aol.com' in identifier: - account['domain'] = 'aol.com' - else: - account['domain'] = 'openid.net' - account['username'] = identifier - - # Sort out the display name and preferred username - if account['domain'] == 'google.com': - # Extract the first bit as the username since Google doesn't return - # any usable nickname info - email = attribs.get('email') - if email: - ud['preferredUsername'] = re.match('(^.*?)@', email).groups()[0] - else: - ud['preferredUsername'] = attribs.get('nickname') - - # We trust that Google and Yahoo both verify their email addresses - if account['domain'] in ['google.com', 'yahoo.com']: - ud['verifiedEmail'] = attribs.get('email', ax_only=True) - else: - ud['emails'] = [attribs.get('email')] - - # Parse through the name parts, assign the properly if present - name = {} - name_keys = ['name_prefix', 'first_name', 'middle_name', 'last_name', - 'name_suffix'] - pcard_map = {'first_name': 'givenName', 'middle_name': 'middleName', - 'last_name': 'familyName', - 'name_prefix': 'honorificPrefix', - 'name_suffix': 'honorificSuffix'} - full_name_vals = [] - for part in name_keys: - val = attribs.get(part) - if val: - full_name_vals.append(val) - name[pcard_map[part]] = val - full_name = ' '.join(full_name_vals).strip() - if not full_name: - full_name = attribs.get('full_name') - - name['formatted'] = full_name - ud['name'] = name - - ud['displayName'] = full_name or ud.get('preferredUsername') - - urls = attribs.get('web') - if urls: - ud['urls'] = [urls] - - gender = attribs.get('gender') - if gender: - ud['gender'] = {'M': 'male', 'F': 'female'}.get(gender) - - birthday = attribs.get('birthday') - if birthday: - try: - ud['birthday'] = datetime.datetime.strptime( - birthday, '%Y-%m-%d').date() - except ValueError: - pass - - thumbnail = attribs.get('thumbnail') - if thumbnail: - ud['photos'] = [{'type': 'thumbnail', 'value': thumbnail}] - ud['thumbnailUrl'] = thumbnail - - # Now strip out empty values - for k, v in ud.items(): - if not v or (isinstance(v, list) and not v[0]): - del ud[k] - - return ud diff --git a/roles/github2fedmsg/templates/github2fedmsg.conf b/roles/github2fedmsg/templates/github2fedmsg.conf deleted file mode 100644 index 912418c68a..0000000000 --- a/roles/github2fedmsg/templates/github2fedmsg.conf +++ /dev/null @@ -1,16 +0,0 @@ -Alias /static /usr/lib/python2.7/site-packages/github2fedmsg/static -Alias /pngs /usr/share/badges/pngs - -WSGIDaemonProcess github2fedmsg user=apache group=apache maximum-requests=1000 display-name=github2fedmsg processes={{wsgi_procs}} threads={{wsgi_threads}} -WSGISocketPrefix run/wsgi -WSGIRestrictStdout On -WSGIRestrictSignal Off -WSGIPythonOptimize 1 - -WSGIScriptAlias / /usr/share/github2fedmsg/github2fedmsg.wsgi - - - WSGIProcessGroup github2fedmsg - Require all granted - - diff --git a/roles/github2fedmsg/templates/github2fedmsg.ini b/roles/github2fedmsg/templates/github2fedmsg.ini deleted file mode 100644 index 2df8b26449..0000000000 --- a/roles/github2fedmsg/templates/github2fedmsg.ini +++ /dev/null @@ -1,97 +0,0 @@ -[pipeline:main] -pipeline = - tw2 - github2fedmsg - -[filter:proxy-prefix] -use = egg:PasteDeploy#prefix -prefix = /github2fedmsg -scheme = https - -[filter:tw2] -use = egg:tw2.core#middleware -#script_name = / -res_prefix = /github2fedmsg/resources - -[app:github2fedmsg] -use = egg:github2fedmsg - -filter-with = proxy-prefix - -#pyramid.reload_templates = true -pyramid.default_locale_name = en -pyramid.includes = - pyramid_tm - -{% if env != 'staging' %} -sqlalchemy.url = postgresql://{{github2fedmsgDBUser}}:{{github2fedmsgDBPassword}}@db-github2fedmsg/github2fedmsg -{% else %} -sqlalchemy.url = postgresql://{{github2fedmsgStgDBUser}}:{{github2fedmsgStgDBPassword}}@db-github2fedmsg/github2fedmsg -{% endif %} - -mako.directories=github2fedmsg:templates - -{% if env != 'staging' %} -github.secret_oauth_access_token = {{github2fedmsg_gh_secret_oauth_access_token}} -velruse.github.consumer_key = {{github2fedmsg_gh_app_key}} -velruse.github.consumer_secret = {{github2fedmsg_gh_app_secret}} -velruse.github.scope = read:org,admin:repo_hook -velruse.openid.identifier = https://id.fedoraproject.org/ -velruse.openid.realm = https://apps.fedoraproject.org/github2fedmsg -github.callback = https://apps.fedoraproject.org/github2fedmsg/webhook -github.secret = {{github2fedmsgGHSecret}} - -session.secret="{{github2fedmsgSessionSecret}}" -authnsecret="{{github2fedmsgAuthnSecret}}" -{% else %} -github.secret_oauth_access_token = {{github2fedmsg_gh_secret_oauth_access_token_staging}} -velruse.github.consumer_key = {{github2fedmsg_gh_app_key_staging}} -velruse.github.consumer_secret = {{github2fedmsg_gh_app_secret_staging}} -velruse.github.scope = read:org,admin:repo_hook -velruse.openid.identifier = https://id.stg.fedoraproject.org/ -velruse.openid.realm = https://apps.stg.fedoraproject.org/github2fedmsg -github.callback = https://apps.stg.fedoraproject.org/github2fedmsg/webhook -github.secret = {{github2fedmsgGHSecret_staging}} - -session.secret="{{github2fedmsgStgSessionSecret}}" -authnsecret="{{github2fedmsgStgAuthnSecret}}" -{% endif %} - -# Begin logging configuration - -[loggers] -keys = root, github2fedmsg, sqlalchemy - -[handlers] -keys = console - -[formatters] -keys = generic - -[logger_root] -level = INFO -handlers = console - -[logger_github2fedmsg] -level = DEBUG -handlers = -qualname = github2fedmsg - -[logger_sqlalchemy] -level = WARN -handlers = -qualname = sqlalchemy.engine -# "level = INFO" logs SQL queries. -# "level = DEBUG" logs SQL queries and results. -# "level = WARN" logs neither. (Recommended for production systems.) - -[handler_console] -class = StreamHandler -args = (sys.stderr,) -level = NOTSET -formatter = generic - -[formatter_generic] -format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s - -# End logging configuration diff --git a/roles/gitolite/check_fedmsg_hooks/meta/main.yml b/roles/gitolite/check_fedmsg_hooks/meta/main.yml deleted file mode 100644 index edc2fe20eb..0000000000 --- a/roles/gitolite/check_fedmsg_hooks/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: -- { role: git/checks } diff --git a/roles/gitolite/check_fedmsg_hooks/tasks/main.yml b/roles/gitolite/check_fedmsg_hooks/tasks/main.yml deleted file mode 100644 index 957dc65dc1..0000000000 --- a/roles/gitolite/check_fedmsg_hooks/tasks/main.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# tasklist for setting up Gitolite Fedmsg checks - -- name: Schedule check execution - cron: > - name=git-check-perms - cron_file=ansible-git-check-perms - minute="0,30" - user=pagure - job="/usr/local/bin/distgit_check_hook.py" - tags: - - git - - gitolite - - gitolite/check_fedmsg_hooks diff --git a/roles/haproxy/templates/haproxy.cfg b/roles/haproxy/templates/haproxy.cfg index 6a3330fd72..179af56644 100644 --- a/roles/haproxy/templates/haproxy.cfg +++ b/roles/haproxy/templates/haproxy.cfg @@ -2,9 +2,7 @@ global log 127.0.0.1 local0 warning - # Set this to 4096 + 16384 - # 16384 for the fedmsg gateway and 4096 for everybody else. - maxconn 20480 + maxconn 4096 chroot /var/lib/haproxy user haproxy group haproxy @@ -145,15 +143,6 @@ backend geoip-city-backend # IMPORTANT: 10031 will NOT work because of selinux policies -frontend github2fedmsg-frontend - bind 0.0.0.0:10037 - default_backend github2fedmsg-backend - -backend github2fedmsg-backend - balance hdr(appserver) - server github2fedmsg01 github2fedmsg01:80 check inter 10s rise 1 fall 2 - option httpchk GET /github2fedmsg/ - {% if env == "production" %} frontend openqa-frontend bind 0.0.0.0:10044 @@ -298,66 +287,6 @@ backend rabbitmq server rabbitmq03 rabbitmq03:5671 weight 1 maxconn 16384 {% endif %} -# Apache doesn't handle the initial connection here like the other proxy -# entries. This proxy also doesn't use the http mode like the others. -# stunnel should be sitting on port 9939 (public) and redirecting -# connections from there to here, port 9938. This then proxies to the -# fedmsg-hub's websocket server on busgateway01, port 9919. -frontend fedmsg-websockets-frontend - mode tcp - bind 0.0.0.0:9938 - default_backend fedmsg-websockets-backend - -backend fedmsg-websockets-backend - mode tcp - option tcplog - balance roundrobin - maxconn 16384 - timeout queue 5000 - timeout server 86400000 - timeout connect 86400000 - server busgateway01 busgateway01:9919 weight 1 maxconn 16384 - -# This, unlike the websockets entry just above, is listening directly to the -# outside world with no stunnel inbetween. -# Simply redirect tcp connections to a local fedmsg-gateway slave. It should be -# forwarding messages from the master gateway on busgateway01. -frontend fedmsg-raw-zmq-outbound-frontend - mode tcp - bind 0.0.0.0:9940 - default_backend fedmsg-raw-zmq-outbound-backend - -backend fedmsg-raw-zmq-outbound-backend - mode tcp - option tcplog - balance roundrobin - maxconn 16384 - timeout queue 5000 - timeout server 86400000 - timeout connect 86400000 - server localhost 127.0.0.1:9942 weight 1 maxconn 16384 - -# While the above fedmsg-raw-zmq-outbound forwards incoming connections to an -# instance of the "fedmsg-gateway" daemon (which pushes internal messages out), -# this entry forwards incoming connections to a secondary instance of the -# "fedmsg-relay" daemon (which pushes messages *onto* the internal bus). We -# have a primary instance of fedmsg-relay running on app01 for most internal -# use. Here we forward to a secondary one on busgateway01. -frontend fedmsg-raw-zmq-inbound-frontend - mode tcp - bind 0.0.0.0:9941 - default_backend fedmsg-raw-zmq-inbound-backend - -backend fedmsg-raw-zmq-inbound-backend - mode tcp - option tcplog - balance roundrobin - maxconn 16384 - timeout queue 5000 - timeout server 86400000 - timeout connect 86400000 - server busgateway01 busgateway01:9941 weight 1 maxconn 16384 - {% if 'iad2' in inventory_hostname %} frontend zabbix-frontend bind 0.0.0.0:10068 diff --git a/roles/ipsilon/templates/configuration.conf b/roles/ipsilon/templates/configuration.conf index 3c3e92c97c..723108a3e0 100644 --- a/roles/ipsilon/templates/configuration.conf +++ b/roles/ipsilon/templates/configuration.conf @@ -40,7 +40,7 @@ openid identity url template=http://%(username)s.id{{env_suffix}}.fedoraproject. {% if env == 'staging' %} openid trusted roots= {% else %} -openid trusted roots=https://ask.fedoraproject.org/,https://fedorahosted.org/,https://badges.fedoraproject.org,https://apps.fedoraproject.org/datagrepper/,https://apps.fedoraproject.org/calendar/,http://notifications.fedoraproject.org/,http://copr.fedoraproject.org/,https://copr.fedoraproject.org/,https://admin.fedoraproject.org/voting/,https://apps.fedoraproject.org/github2fedmsg,https://admin.fedoraproject.org,https://apps.fedoraproject.org/,https://release-monitoring.org/,http://pagure.io/,http://admin.fedoraproject.org/mirrormanager/,https://koschei.fedoraproject.org/,https://bodhi.fedoraproject.org,https://lists.fedoraproject.org/,https://openqa.fedoraproject.org/,https://src.fedoraproject.org/ +openid trusted roots=https://ask.fedoraproject.org/,https://fedorahosted.org/,https://badges.fedoraproject.org,https://apps.fedoraproject.org/datagrepper/,https://apps.fedoraproject.org/calendar/,http://notifications.fedoraproject.org/,http://copr.fedoraproject.org/,https://copr.fedoraproject.org/,https://admin.fedoraproject.org/voting/,https://admin.fedoraproject.org,https://apps.fedoraproject.org/,https://release-monitoring.org/,http://pagure.io/,http://admin.fedoraproject.org/mirrormanager/,https://koschei.fedoraproject.org/,https://bodhi.fedoraproject.org,https://lists.fedoraproject.org/,https://openqa.fedoraproject.org/,https://src.fedoraproject.org/ {% endif %} {% if env == 'staging' %} openid database url=postgresql://{{ ipsilon_db_user }}:{{ ipsilon_stg_db_pass }}@{{ ipsilon_db_host }}/{{ ipsilon_db_openid_name }} diff --git a/roles/koji_hub/templates/fedora-messaging.toml b/roles/koji_hub/templates/fedora-messaging.toml index 39802eebf8..275f6adf3a 100644 --- a/roles/koji_hub/templates/fedora-messaging.toml +++ b/roles/koji_hub/templates/fedora-messaging.toml @@ -3,14 +3,6 @@ amqp_url = "amqps://koji{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/rabbitmq/kojicert/koji.ca" {% if koji_instance == "secondary" %} diff --git a/roles/messaging/base/templates/messaging.toml.j2 b/roles/messaging/base/templates/messaging.toml.j2 index 56c75e3f76..1ef6b07ee2 100644 --- a/roles/messaging/base/templates/messaging.toml.j2 +++ b/roles/messaging/base/templates/messaging.toml.j2 @@ -1,13 +1,5 @@ amqp_url = "amqps://{{ msg_username }}{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/rabbitmq/{{ msg_username }}/ca.crt" keyfile = "/etc/pki/rabbitmq/{{ msg_username }}/{{ msg_username }}.key" diff --git a/roles/nagios_client/files/scripts/check_fedmsg_consumer_backlog.py b/roles/nagios_client/files/scripts/check_fedmsg_consumer_backlog.py deleted file mode 100644 index 902d610b67..0000000000 --- a/roles/nagios_client/files/scripts/check_fedmsg_consumer_backlog.py +++ /dev/null @@ -1,72 +0,0 @@ -#!/usr/bin/python - -import json -import os -import sys -import zmq - -try: - service = sys.argv[1] - check_consumer = sys.argv[2] - backlog_warning = int(sys.argv[3]) - backlog_critical = int(sys.argv[4]) - if os.path.exists('/var/run/fedmsg/monitoring-%s.socket' % service): - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - elif os.path.exists('/var/run/fedmsg/monitoring-%s-.socket' % service): - fname = '/var/run/fedmsg/monitoring-%s-.socket' % service - elif os.path.exists('/var/run/fedmsg/monitoring-%s-3.socket' % service): - fname = '/var/run/fedmsg/monitoring-%s-3.socket' % service - else: - print("UNKNOWN - socket file does not exists") - sys.exit(3) - - if not os.path.exists(fname): - print("UNKNOWN - %s does not exist" % fname) - sys.exit(3) - - if not os.access(fname, os.W_OK): - print("UNKNOWN - cannot write to %s" % fname) - sys.exit(3) - - connect_to = "ipc:///%s" % fname - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - try: - s.setsockopt(zmq.SUBSCRIBE, '') - except TypeError: - s.setsockopt_string(zmq.SUBSCRIBE, '') - - poller = zmq.Poller() - poller.register(s, zmq.POLLIN) - - timeout = 20000 - - events = dict(poller.poll(timeout)) - if s in events and events[s] == zmq.POLLIN: - msg = s.recv() - msg = json.loads(msg) - else: - print('UNKNOWN - ZMQ timeout. No message received in %i ms' % timeout) - sys.exit(3) - - for consumer in msg['consumers']: - if consumer['name'] == check_consumer: - if consumer['backlog'] is None: - print('ERROR: fedmsg consumer %s is not initialized' % consumer['name']) - sys.exit(3) - elif consumer['backlog'] > backlog_critical: - print('CRITICAL: fedmsg consumer %s backlog value is %i' % (consumer['name'],consumer['backlog'])) - sys.exit(2) - elif consumer['backlog'] > backlog_warning: - print('WARNING: fedmsg consumer %s backlog value is %i' % (consumer['name'],consumer['backlog'])) - sys.exit(1) - else: - print('OK: fedmsg consumer %s backlog value is %i' % (consumer['name'],consumer['backlog'])) - sys.exit(0) - - print("UNKNOWN: fedmsg consumer %s not found" % check_consumer) - sys.exit(3) -except Exception as err: - print("UNKNOWN:", str(err)) - sys.exit(3) diff --git a/roles/nagios_client/files/scripts/check_fedmsg_consumer_exceptions.py b/roles/nagios_client/files/scripts/check_fedmsg_consumer_exceptions.py deleted file mode 100644 index 2e994ea711..0000000000 --- a/roles/nagios_client/files/scripts/check_fedmsg_consumer_exceptions.py +++ /dev/null @@ -1,68 +0,0 @@ -#!/usr/bin/python - -import json -import os -import sys -import zmq - -try: - service = sys.argv[1] - check_consumer = sys.argv[2] - exceptions_warning = int(sys.argv[3]) - exceptions_critical = int(sys.argv[4]) - if os.path.exists('/var/run/fedmsg/monitoring-%s.socket' % service): - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - elif os.path.exists('/var/run/fedmsg/monitoring-%s-.socket' % service): - fname = '/var/run/fedmsg/monitoring-%s-.socket' % service - elif os.path.exists('/var/run/fedmsg/monitoring-%s-3.socket' % service): - fname = '/var/run/fedmsg/monitoring-%s-3.socket' % service - else: - print("UNKNOWN - socket file does not exists") - sys.exit(3) - - if not os.path.exists(fname): - print("UNKNOWN - %s does not exist" % fname) - sys.exit(3) - - if not os.access(fname, os.W_OK): - print("UNKNOWN - cannot write to %s" % fname) - sys.exit(3) - - connect_to = "ipc:///%s" % fname - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - try: - s.setsockopt(zmq.SUBSCRIBE, '') - except TypeError: - s.setsockopt_string(zmq.SUBSCRIBE, '') - poller = zmq.Poller() - poller.register(s, zmq.POLLIN) - - timeout = 20000 - - events = dict(poller.poll(timeout)) - if s in events and events[s] == zmq.POLLIN: - msg = s.recv() - msg = json.loads(msg) - else: - print('UNKNOWN - ZMQ timeout. No message received in %i ms' % timeout) - sys.exit(3) - - for consumer in msg['consumers']: - if consumer['name'] == check_consumer: - if consumer['exceptions'] > exceptions_critical: - print('CRITICAL: fedmsg consumer %s exceptions value is %i' % (consumer['name'],consumer['exceptions'])) - sys.exit(2) - elif consumer['exceptions'] > exceptions_warning: - print('WARNING: fedmsg consumer %s exceptions value is %i' % (consumer['name'],consumer['exceptions'])) - sys.exit(1) - else: - print('OK: fedmsg consumer %s exceptions value is %i' % (consumer['name'],consumer['exceptions'])) - sys.exit(0) - - print("UNKNOWN: fedmsg consumers %s not found" % check_consumer) - sys.exit(3) -except Exception as err: - print("UNKNOWN:", str(err)) - sys.exit(3) diff --git a/roles/nagios_client/files/scripts/check_fedmsg_producer_last_ran.py b/roles/nagios_client/files/scripts/check_fedmsg_producer_last_ran.py deleted file mode 100644 index d41d07a44a..0000000000 --- a/roles/nagios_client/files/scripts/check_fedmsg_producer_last_ran.py +++ /dev/null @@ -1,72 +0,0 @@ -#!/usr/bin/python - -import arrow -import json -import os -import socket -import sys -import time -import zmq - -try: - service = sys.argv[1] - check_producer = sys.argv[2] - elapsed_warning = int(sys.argv[3]) - elapsed_critical = int(sys.argv[4]) - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - - if not os.path.exists(fname): - print("UNKNOWN - %s does not exist" % fname) - sys.exit(3) - - if not os.access(fname, os.W_OK): - print("UNKNOWN - cannot write to %s" % fname) - sys.exit(3) - - connect_to = "ipc:///%s" % fname - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - try: - s.setsockopt(zmq.SUBSCRIBE, '') - except TypeError: - s.setsockopt_string(zmq.SUBSCRIBE, '') - - poller = zmq.Poller() - poller.register(s, zmq.POLLIN) - - timeout = 20000 - - events = dict(poller.poll(timeout)) - if s in events and events[s] == zmq.POLLIN: - msg = s.recv() - msg = json.loads(msg) - else: - print('UNKNOWN - ZMQ timeout. No message received in %i ms' % timeout) - sys.exit(3) - - now = time.time() - - for prod in msg['producers']: - if prod['name'] != check_producer: - continue - diff = now - prod['last_ran'] - then = arrow.get(prod['last_ran']).humanize() - if diff > elapsed_critical: - print("CRITICAL: %s last ran %s (%i seconds ago)" % () - check_producer, then, diff) - sys.exit(2) - elif diff > elapsed_warning: - print("WARNING: %s last ran %s (%i seconds ago)" % () - check_producer, then, diff) - sys.exit(1) - else: - print("OK: %s last ran %s (%i seconds ago)" % () - check_producer, then, diff) - sys.exit(0) - - print("UNKNOWN: fedmsg producer %s not found" % check_producer) - sys.exit(3) -except Exception as err: - print("UNKNOWN:", str(err)) - sys.exit(3) diff --git a/roles/nagios_client/files/scripts/check_fedmsg_producers_consumers.py b/roles/nagios_client/files/scripts/check_fedmsg_producers_consumers.py deleted file mode 100644 index d4e11ab83a..0000000000 --- a/roles/nagios_client/files/scripts/check_fedmsg_producers_consumers.py +++ /dev/null @@ -1,66 +0,0 @@ -#!/usr/bin/python - -import json -import os -import sys -import zmq - -try: - service = sys.argv[1] - check_list = frozenset(sys.argv[2:]) - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - - if not check_list: - print("UNKNOWN - empty list of fedmsg consumers and producers to check") - sys.exit(3) - - if not os.path.exists(fname): - print("UNKNOWN - %s does not exist" % fname) - sys.exit(3) - - if not os.access(fname, os.W_OK): - print("UNKNOWN - cannot write to %s" % fname) - sys.exit(3) - - connect_to = "ipc:///%s" % fname - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - try: - s.setsockopt(zmq.SUBSCRIBE, '') - except TypeError: - s.setsockopt_string(zmq.SUBSCRIBE, '') - poller = zmq.Poller() - poller.register(s, zmq.POLLIN) - - timeout = 20000 - - events = dict(poller.poll(timeout)) - if s in events and events[s] == zmq.POLLIN: - msg = s.recv() - msg = json.loads(msg) - else: - print('UNKNOWN - ZMQ timeout. No message received in %i ms' % timeout) - sys.exit(3) - - for consumer in msg['consumers']: - if consumer['name'] in check_list and not consumer['initialized']: - print('ERROR: fedmsg consumer %s is not initialized' % consumer['name']) - sys.exit(2) - - for producer in msg['producers']: - if producer['name'] in check_list and not producer['initialized']: - print('ERROR: fedmsg producer %s is not initialized' % producer['name']) - sys.exit(2) - - for item in check_list: - if item not in [p['name'] for p in msg['producers'] + msg['consumers']]: - print('ERROR: %s not found among installed plugins' % item) - sys.exit(2) - - print("OK: fedmsg consumer(s) and producer(s) initialized") - sys.exit(0) - -except Exception as err: - print("UNKNOWN:", str(err)) - sys.exit(3) diff --git a/roles/nagios_client/tasks/main.yml b/roles/nagios_client/tasks/main.yml index fbbbadc1fd..d2d60eca78 100644 --- a/roles/nagios_client/tasks/main.yml +++ b/roles/nagios_client/tasks/main.yml @@ -46,10 +46,6 @@ - check_raid.py - check_lock - check_fcomm_queue - - check_fedmsg_consumer_backlog.py - - check_fedmsg_consumer_exceptions.py - - check_fedmsg_producer_last_ran.py - - check_fedmsg_producers_consumers.py - check_rabbitmq_size - check_datanommer_timesince.py - check_memcache_connect @@ -147,13 +143,7 @@ - check_postfix_queue.cfg - check_postfix_redhat.cfg - check_lock.cfg - - check_fedmsg_hub_proc.cfg - - check_fedmsg_irc_proc.cfg - - check_fedmsg_relay_proc.cfg - - check_fedmsg_gateway_proc.cfg - - check_fedmsg_composer_proc.cfg - check_redis_proc.cfg - - check_fedmsg_consumers.cfg - check_datanommer_history.cfg - check_memcache.cfg - check_lock_file_age.cfg @@ -321,17 +311,3 @@ tags: - nagios_client - pagure - -- name: Check if the fedmsg group exists - ansible.builtin.shell: /usr/bin/getent group fedmsg | /usr/bin/wc -l | tr -d ' ' - register: fedmsg_exists - check_mode: no - changed_when: "1 != 1" - tags: - - nagios_client - -- name: Add nrpe user to the fedmsg group if it exists - user: name=nrpe groups=fedmsg append=yes - when: fedmsg_exists.stdout == "1" - tags: - - nagios_client diff --git a/roles/nagios_client/templates/check_datanommer_history.cfg.j2 b/roles/nagios_client/templates/check_datanommer_history.cfg.j2 index c0ffc62d89..79a17d1fe4 100644 --- a/roles/nagios_client/templates/check_datanommer_history.cfg.j2 +++ b/roles/nagios_client/templates/check_datanommer_history.cfg.j2 @@ -1,7 +1,7 @@ # Checks on the datanommer history to make sure we're still receiving messages # of all types. # -# The following are fedmsg/datanommer checks to be run on busgateway01. +# The following are fedora messaging/datanommer checks. # They check for the time since the latest message in any particular category. # The first number is the seconds elapsed until we should raise a warning. # The second number is the seconds elapsed until we should raise an error. diff --git a/roles/nagios_client/templates/check_fedmsg_composer_proc.cfg.j2 b/roles/nagios_client/templates/check_fedmsg_composer_proc.cfg.j2 deleted file mode 100644 index 9e418413ed..0000000000 --- a/roles/nagios_client/templates/check_fedmsg_composer_proc.cfg.j2 +++ /dev/null @@ -1 +0,0 @@ -command[check_fedmsg_composer_proc]={{ libdir }}/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-hub-3' -u apache diff --git a/roles/nagios_client/templates/check_fedmsg_consumers.cfg.j2 b/roles/nagios_client/templates/check_fedmsg_consumers.cfg.j2 deleted file mode 100644 index bffea835a9..0000000000 --- a/roles/nagios_client/templates/check_fedmsg_consumers.cfg.j2 +++ /dev/null @@ -1,46 +0,0 @@ -# Fedmsg checks for consumers and producers -command[check_fedmsg_cp_busgateway_relay]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-relay RelayConsumer MonitoringProducer -{% if (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8) or (ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora') %} -command[check_fedmsg_cp_busgateway_gateway]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-gateway GatewayConsumer MonitoringProducer -{% else %} -command[check_fedmsg_cp_busgateway_gateway]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-gateway- GatewayConsumer MonitoringProducer -{% endif %} -command[check_fedmsg_cp_anitya_relay]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-relay RelayConsumer MonitoringProducer -command[check_fedmsg_cp_app]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-relay RelayConsumer MonitoringProducer -command[check_fedmsg_cp_value]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-irc IRCBotConsumer MonitoringProducer -command[check_fedmsg_cp_badges_backend]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub FedoraBadgesConsumer MonitoringProducer -command[check_fedmsg_cp_notifs_backend]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub FMNConsumer DigestProducer ConfirmationProducer MonitoringProducer -command[check_fedmsg_cp_hotness_backend]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub BugzillaTicketFiler MonitoringProducer -command[check_fedmsg_cp_packages_backend]={{libdir}}/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub CacheInvalidator MonitoringProducer - -command[check_fedmsg_cexceptions_busgateway_relay]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-relay RelayConsumer 1 10 -{% if (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8) or (ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora') %} -command[check_fedmsg_cexceptions_busgateway_gateway]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-gateway GatewayConsumer 1 10 -{% else %} -command[check_fedmsg_cexceptions_busgateway_gateway]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-gateway GatewayConsumer 1 10 -{% endif %} -command[check_fedmsg_cexceptions_anitya_relay]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-relay RelayConsumer 1 10 -command[check_fedmsg_cexceptions_app]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-relay RelayConsumer 1 10 -command[check_fedmsg_cexceptions_value]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-irc IRCBotConsumer 1 10 -command[check_fedmsg_cexceptions_badges_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub FedoraBadgesConsumer 1 10 -command[check_fedmsg_cexceptions_notifs_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub FMNConsumer 1 10 -command[check_fedmsg_cexceptions_hotness_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub BugzillaTicketFiler 1 10 -command[check_fedmsg_cexceptions_packages_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub CacheInvalidator 1 10 - -command[check_fedmsg_cbacklog_busgateway_relay]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-relay RelayConsumer 10 50 -{% if (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8) or (ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora') %} -command[check_fedmsg_cbacklog_busgateway_gateway]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-gateway GatewayConsumer 10 50 -{% else %} -command[check_fedmsg_cbacklog_busgateway_gateway]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-gateway GatewayConsumer 10 50 -{% endif %} -command[check_fedmsg_cbacklog_anitya_relay]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-relay RelayConsumer 10 50 -command[check_fedmsg_cbacklog_app]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-relay RelayConsumer 10 50 -command[check_fedmsg_cbacklog_value]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-irc IRCBotConsumer 10 50 -command[check_fedmsg_cbacklog_badges_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub FedoraBadgesConsumer 25000 35000 -command[check_fedmsg_cbacklog_notifs_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub FMNConsumer 15000 20000 -command[check_fedmsg_cbacklog_bugzilla2fedmsg]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py moksha-hub BugzillaConsumer 10 100 -command[check_fedmsg_cbacklog_hotness_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub BugzillaTicketFiler 1000 5000 -command[check_fedmsg_cbacklog_packages_backend]={{libdir}}/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub CacheInvalidator 30000 40000 - -command[check_fedmsg_fmn_digest_last_ran]={{libdir}}/nagios/plugins/check_fedmsg_producer_last_ran.py fedmsg-hub DigestProducer 90 600 -command[check_fedmsg_fmn_confirm_last_ran]={{libdir}}/nagios/plugins/check_fedmsg_producer_last_ran.py fedmsg-hub ConfirmationProducer 90 600 diff --git a/roles/nagios_client/templates/check_fedmsg_gateway_proc.cfg.j2 b/roles/nagios_client/templates/check_fedmsg_gateway_proc.cfg.j2 deleted file mode 100644 index fbf798648c..0000000000 --- a/roles/nagios_client/templates/check_fedmsg_gateway_proc.cfg.j2 +++ /dev/null @@ -1,5 +0,0 @@ -{% if (( ansible_distribution_major_version == "8" ) and ( ansible_distribution == "RedHat" )) or ((ansible_distribution_major_version|int >= 30) and (ansible_distribution == "Fedora")) %} -command[check_fedmsg_gateway_proc]={{ libdir }}/nagios/plugins/check_procs -c 1:1 --ereg-argument-array='fedmsg-gateway-3' -u fedmsg -{% else %} -command[check_fedmsg_gateway_proc]={{ libdir }}/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-gateway' -u fedmsg -{% endif %} diff --git a/roles/nagios_client/templates/check_fedmsg_hub_proc.cfg.j2 b/roles/nagios_client/templates/check_fedmsg_hub_proc.cfg.j2 deleted file mode 100644 index 17ec341c4a..0000000000 --- a/roles/nagios_client/templates/check_fedmsg_hub_proc.cfg.j2 +++ /dev/null @@ -1 +0,0 @@ -command[check_fedmsg_hub_proc]={{ libdir }}/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-hub' -u fedmsg diff --git a/roles/nagios_client/templates/check_fedmsg_irc_proc.cfg.j2 b/roles/nagios_client/templates/check_fedmsg_irc_proc.cfg.j2 deleted file mode 100644 index 92090dc62d..0000000000 --- a/roles/nagios_client/templates/check_fedmsg_irc_proc.cfg.j2 +++ /dev/null @@ -1 +0,0 @@ -command[check_fedmsg_irc_proc]={{ libdir }}/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-irc' -u fedmsg diff --git a/roles/nagios_client/templates/check_fedmsg_relay_proc.cfg.j2 b/roles/nagios_client/templates/check_fedmsg_relay_proc.cfg.j2 deleted file mode 100644 index c471575715..0000000000 --- a/roles/nagios_client/templates/check_fedmsg_relay_proc.cfg.j2 +++ /dev/null @@ -1 +0,0 @@ -command[check_fedmsg_relay_proc]={{ libdir }}/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-relay' -u fedmsg diff --git a/roles/nagios_server/files/nagios/commands/notify.cfg b/roles/nagios_server/files/nagios/commands/notify.cfg index f39e11a87a..2536d45b3e 100644 --- a/roles/nagios_server/files/nagios/commands/notify.cfg +++ b/roles/nagios_server/files/nagios/commands/notify.cfg @@ -58,18 +58,6 @@ define command{ command_line /usr/bin/echo '{"notificationtype": "$NOTIFICATIONTYPE$", "hostname": "$HOSTNAME$", "servicedesc": "$SERVICEDESC$", "servicestate": "$SERVICESTATE$", "serviceoutput": "$SERVICEOUTPUT$", "hostackauthor": "$HOSTACKAUTHOR$", "serviceackauthor": "$SERVICEACKAUTHOR$"}' | /usr/local/bin/matrix-notify.sh true } -# 'host-notify-by-fedmsg' command definition -define command{ - command_name host-notify-by-fedmsg - command_line /usr/bin/echo '{"type": "$NOTIFICATIONTYPE$", "host": "$HOSTNAME$", "state": "$HOSTSTATE$", "output": "$HOSTOUTPUT$", "host_ack_author": "$HOSTACKAUTHOR$", "service_ack_author": "$SERVICEACKAUTHOR$"}' | fedmsg-logger --cert-prefix nagios --modname nagios --topic host.state.change --json-input - } - -# 'notify-by-fedmsg' command definition -define command{ - command_name notify-by-fedmsg - command_line /usr/bin/echo '{"type": "$NOTIFICATIONTYPE$", "host": "$HOSTNAME$", "state": "$SERVICESTATE$", "service": "$SERVICEDESC$", "output": "$SERVICEOUTPUT$", "host_ack_author": "$HOSTACKAUTHOR$", "service_ack_author": "$SERVICEACKAUTHOR$"}' | fedmsg-logger --cert-prefix nagios --modname nagios --topic service.state.change --json-input - } - # 'host-notify-by-fedora-messaging' command definition define command{ command_name host-notify-by-fedora-messaging diff --git a/roles/nagios_server/files/nagios/contactgroups/fedora-sysadmin-ircbot.cfg b/roles/nagios_server/files/nagios/contactgroups/fedora-sysadmin-ircbot.cfg index c072bda800..53dbef284a 100644 --- a/roles/nagios_server/files/nagios/contactgroups/fedora-sysadmin-ircbot.cfg +++ b/roles/nagios_server/files/nagios/contactgroups/fedora-sysadmin-ircbot.cfg @@ -1,6 +1,6 @@ define contactgroup{ contactgroup_name fedora-sysadmin-ircbot alias Fedora Sysadmin irc Contacts - members ircbot,matrixbot,fedmsg + members ircbot,matrixbot } diff --git a/roles/nagios_server/files/nagios/contacts/fedmsg.cfg b/roles/nagios_server/files/nagios/contacts/fedmsg.cfg deleted file mode 100644 index cd577aa696..0000000000 --- a/roles/nagios_server/files/nagios/contacts/fedmsg.cfg +++ /dev/null @@ -1,10 +0,0 @@ -define contact{ - contact_name fedmsg - alias BUS - service_notification_period 24x7 - host_notification_period 24x7 - service_notification_options w,u,c,r - host_notification_options d,u,r - service_notification_commands notify-by-fedmsg - host_notification_commands host-notify-by-fedmsg -} diff --git a/roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_backlog.py b/roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_backlog.py deleted file mode 100644 index 0a50e9fbd9..0000000000 --- a/roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_backlog.py +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/bin/python - -import json -import os -import sys -import zmq - -try: - service = sys.argv[1] - check_consumer = sys.argv[2] - backlog_warning = int(sys.argv[3]) - backlog_critical = int(sys.argv[4]) - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - - if not os.path.exists(fname): - print("UNKNOWN - %s does not exist" % fname) - sys.exit(3) - - connect_to = "ipc:///%s" % fname - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - try: - s.setsockopt(zmq.SUBSCRIBE, '') - except TypeError: - s.setsockopt_string(zmq.SUBSCRIBE, '') - - poller = zmq.Poller() - poller.register(s, zmq.POLLIN) - - timeout = 10000 - - events = dict(poller.poll(timeout)) - if s in events and events[s] == zmq.POLLIN: - msg = s.recv() - msg = json.loads(msg) - else: - print('UNKNOWN - ZMQ timeout. No message received in %i ms' % timeout) - sys.exit(3) - - for consumer in msg['consumers']: - if consumer['name'] == check_consumer: - if consumer['backlog'] is None: - print('ERROR: fedmsg consumer %s is not initialized' % consumer['name']) - sys.exit(3) - elif consumer['backlog'] > backlog_critical: - print('CRITICAL: fedmsg consumer %s backlog value is %i' % (consumer['name'],consumer['backlog'])) - sys.exit(2) - elif consumer['backlog'] > backlog_warning: - print('WARNING: fedmsg consumer %s backlog value is %i' % (consumer['name'],consumer['backlog'])) - sys.exit(1) - else: - print('OK: fedmsg consumer %s backlog value is %i' % (consumer['name'],consumer['backlog'])) - sys.exit(0) - - print("UNKNOWN: fedmsg consumer %s not found" % check_consumer) - sys.exit(3) -except Exception as err: - print("UNKNOWN:", str(err)) - sys.exit(3) diff --git a/roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_exceptions.py b/roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_exceptions.py deleted file mode 100644 index b3ecda8fe9..0000000000 --- a/roles/nagios_server/files/nagios/plugins/check_fedmsg_consumer_exceptions.py +++ /dev/null @@ -1,56 +0,0 @@ -#!/usr/bin/python - -import json -import os -import sys -import zmq - -try: - service = sys.argv[1] - check_consumer = sys.argv[2] - exceptions_warning = int(sys.argv[3]) - exceptions_critical = int(sys.argv[4]) - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - - if not os.path.exists(fname): - print("UNKNOWN - %s does not exist" % fname) - sys.exit(3) - - connect_to = "ipc:///%s" % fname - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - try: - s.setsockopt(zmq.SUBSCRIBE, '') - except TypeError: - s.setsockopt_string(zmq.SUBSCRIBE, '') - poller = zmq.Poller() - poller.register(s, zmq.POLLIN) - - timeout = 10000 - - events = dict(poller.poll(timeout)) - if s in events and events[s] == zmq.POLLIN: - msg = s.recv() - msg = json.loads(msg) - else: - print('UNKNOWN - ZMQ timeout. No message received in %i ms' % timeout) - sys.exit(3) - - for consumer in msg['consumers']: - if consumer['name'] == check_consumer: - if consumer['exceptions'] > exceptions_critical: - print('CRITICAL: fedmsg consumer %s exceptions value is %i' % (consumer['name'],consumer['exceptions'])) - sys.exit(2) - elif consumer['exceptions'] > exceptions_warning: - print('WARNING: fedmsg consumer %s exceptions value is %i' % (consumer['name'],consumer['exceptions'])) - sys.exit(1) - else: - print('OK: fedmsg consumer %s exceptions value is %i' % (consumer['name'],consumer['exceptions'])) - sys.exit(0) - - print("UNKNOWN: fedmsg consumers %s not found" % check_consumer) - sys.exit(3) -except Exception as err: - print("UNKNOWN:", str(err)) - sys.exit(3) diff --git a/roles/nagios_server/files/nagios/plugins/check_fedmsg_producers_consumers.py b/roles/nagios_server/files/nagios/plugins/check_fedmsg_producers_consumers.py deleted file mode 100644 index 4423afffa4..0000000000 --- a/roles/nagios_server/files/nagios/plugins/check_fedmsg_producers_consumers.py +++ /dev/null @@ -1,62 +0,0 @@ -#!/usr/bin/python - -import json -import os -import sys -import zmq - -try: - service = sys.argv[1] - check_list = frozenset(sys.argv[2:]) - fname = '/var/run/fedmsg/monitoring-%s.socket' % service - - if not check_list: - print("UNKNOWN - empty list of fedmsg consumers and producers to check") - sys.exit(3) - - if not os.path.exists(fname): - print("UNKNOWN - %s does not exist" % fname) - sys.exit(3) - - connect_to = "ipc:///%s" % fname - ctx = zmq.Context() - s = ctx.socket(zmq.SUB) - s.connect(connect_to) - try: - s.setsockopt(zmq.SUBSCRIBE, '') - except TypeError: - s.setsockopt_string(zmq.SUBSCRIBE, '') - poller = zmq.Poller() - poller.register(s, zmq.POLLIN) - - timeout = 10000 - - events = dict(poller.poll(timeout)) - if s in events and events[s] == zmq.POLLIN: - msg = s.recv() - msg = json.loads(msg) - else: - print('UNKNOWN - ZMQ timeout. No message received in %i ms' % timeout) - sys.exit(3) - - for consumer in msg['consumers']: - if consumer['name'] in check_list and not consumer['initialized']: - print('ERROR: fedmsg consumer %s is not initialized' % consumer['name']) - sys.exit(2) - - for producer in msg['producers']: - if producer['name'] in check_list and not producer['initialized']: - print('ERROR: fedmsg producer %s is not initialized' % producer['name']) - sys.exit(2) - - for item in check_list: - if item not in [p['name'] for p in msg['producers'] + msg['consumers']]: - print('ERROR: %s not found among installed plugins' % item) - sys.exit(2) - - print("OK: fedmsg consumer(s) and producer(s) initialized") - sys.exit(0) - -except Exception as err: - print("UNKNOWN:", str(err)) - sys.exit(3) diff --git a/roles/nagios_server/files/nagios/services/iad2_internal/fedmsg.cfg b/roles/nagios_server/files/nagios/services/iad2_internal/fedmsg.cfg deleted file mode 100644 index ea0d9eb87f..0000000000 --- a/roles/nagios_server/files/nagios/services/iad2_internal/fedmsg.cfg +++ /dev/null @@ -1,284 +0,0 @@ -## There are lots of different sections in this now-enormous file -## Each one starts with a 'BEGIN' comment. - - -# BEGIN, check for the existance of processes -define service { - hostgroup_name proxies - service_description Check fedmsg-gateway consumers backlog - check_command check_by_nrpe!check_fedmsg_cbacklog_busgateway_gateway - use defaulttemplate -} - -define service { - hostgroup_name proxies - service_description Check for existence fedmsg-gateway proc - check_command check_by_nrpe!check_fedmsg_gateway_proc - use defaulttemplate -} - -define service { - hostgroup_name proxies - service_description Check fedmsg consumers and producers gateway - check_command check_by_nrpe!check_fedmsg_cp_busgateway_gateway - use defaulttemplate -} - -define service { - hostgroup_name proxies - service_description Check fedmsg-gateway consumers exceptions - check_command check_by_nrpe!check_fedmsg_cexceptions_busgateway_gateway - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check for fedmsg-hub proc - check_command check_by_nrpe!check_fedmsg_hub_proc - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check for fedmsg-gateway proc - check_command check_by_nrpe!check_fedmsg_gateway_proc - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check for fedmsg-relay proc - check_command check_by_nrpe!check_fedmsg_relay_proc - use defaulttemplate -} - -# TODO: Uncomment this if it comes back in iad -#define service { -# host_name packages03.iad2.fedoraproject.org -# service_description Check for fedmsg-hub proc -# check_command check_by_nrpe!check_fedmsg_hub_proc -# use defaulttemplate -#} - - -# BEGIN, check datanommer history -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent buildsys/koji messages - check_command check_by_nrpe!check_datanommer_buildsys - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent git messages - check_command check_by_nrpe!check_datanommer_git - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent bodhi compose messages - check_command check_by_nrpe!check_datanommer_bodhi_composes - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent bodhi messages - check_command check_by_nrpe!check_datanommer_bodhi - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent wiki messages - check_command check_by_nrpe!check_datanommer_wiki - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent compose messages - check_command check_by_nrpe!check_datanommer_compose - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent meetbot messages - check_command check_by_nrpe!check_datanommer_meetbot - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent fedoraplanet messages - check_command check_by_nrpe!check_datanommer_planet - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent copr finished build messages - check_command check_by_nrpe!check_datanommer_copr - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent badges messages - check_command check_by_nrpe!check_datanommer_badges - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent fedocal messages - check_command check_by_nrpe!check_datanommer_fedocal - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent ansible messages - check_command check_by_nrpe!check_datanommer_ansible - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent hotness messages - check_command check_by_nrpe!check_datanommer_hotness - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent mailman messages - check_command check_by_nrpe!check_datanommer_mailman - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent bugzilla messages - check_command check_by_nrpe!check_datanommer_bugzilla - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent github messages - check_command check_by_nrpe!check_datanommer_github - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent kerneltest messages - check_command check_by_nrpe!check_datanommer_kerneltest - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent fmn messages - check_command check_by_nrpe!check_datanommer_fmn - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent rpm sign messages - check_command check_by_nrpe!check_datanommer_rpmsign - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent mdapi messages - check_command check_by_nrpe!check_datanommer_mdapi - use defaulttemplate -} -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check datanommer for recent resultsdb messages - check_command check_by_nrpe!check_datanommer_resultsdb - use defaulttemplate -} - - -# BEGIN, check consumers and producers -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check fedmsg consumers and producers relay - check_command check_by_nrpe!check_fedmsg_cp_busgateway_relay - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check fedmsg consumers and producers gateway - check_command check_by_nrpe!check_fedmsg_cp_busgateway_gateway - use defaulttemplate -} - -#define service { -# host_name bugzilla2fedmsg01.iad2.fedoraproject.org -# service_description Check fedmsg consumers and producers hub -# check_command check_by_nrpe!check_fedmsg_cp_bugzilla2fedmsg -# use defaulttemplate -#} - -# TODO: Uncomment this if it comes back in iad -#define service { -# host_name packages03.iad2.fedoraproject.org -# service_description Check fedmsg consumers and producers hub -# check_command check_by_nrpe!check_fedmsg_cp_packages_backend -# use defaulttemplate -#} - -# BEGIN exceptions counter -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check fedmsg-relay consumers exceptions - check_command check_by_nrpe!check_fedmsg_cexceptions_busgateway_relay - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check fedmsg-gateway consumers exceptions - check_command check_by_nrpe!check_fedmsg_cexceptions_busgateway_gateway - use defaulttemplate -} - -#define service { -# host_name bugzilla2fedmsg01.iad2.fedoraproject.org -# service_description Check fedmsg-hub consumers exceptions -# check_command check_by_nrpe!check_fedmsg_cexceptions_bugzilla2fedmsg -# use defaulttemplate -#} - -# TODO: Uncomment this if it comes back in iad -#define service { -# host_name packages03.iad2.fedoraproject.org -# service_description Check fedmsg-hub consumers exceptions -# check_command check_by_nrpe!check_fedmsg_cexceptions_packages_backend -# use defaulttemplate -#} - -# BEGIN backlog checking -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check fedmsg-relay consumers backlog - check_command check_by_nrpe!check_fedmsg_cbacklog_busgateway_relay - use defaulttemplate -} - -define service { - host_name busgateway01.iad2.fedoraproject.org - service_description Check fedmsg-gateway consumers backlog - check_command check_by_nrpe!check_fedmsg_cbacklog_busgateway_gateway - use defaulttemplate -} - -#define service { -# host_name bugzilla2fedmsg01.iad2.fedoraproject.org -# service_description Check fedmsg-hub consumers backlog -# check_command check_by_nrpe!check_fedmsg_cbacklog_bugzilla2fedmsg -# use defaulttemplate -#} - -# TODO: Uncomment this if it comes back in iad -#define service { -# host_name packages03.iad2.fedoraproject.org -# service_description Check fedmsg-hub consumers backlog -# check_command check_by_nrpe!check_fedmsg_cbacklog_packages_backend -# use defaulttemplate -#} diff --git a/roles/nagios_server/tasks/main.yml b/roles/nagios_server/tasks/main.yml index 23bc0fc716..2a786151a9 100644 --- a/roles/nagios_server/tasks/main.yml +++ b/roles/nagios_server/tasks/main.yml @@ -187,7 +187,6 @@ - certgetter.cfg - db_backups.cfg - disk.cfg - - fedmsg.cfg - file_age.cfg - koji.cfg - locking.cfg @@ -208,7 +207,6 @@ - certgetter.cfg - db_backups.cfg - disk.cfg - - fedmsg.cfg - file_age.cfg - koji.cfg - locking.cfg diff --git a/roles/nagios_server/templates/nagios/services/websites.cfg.j2 b/roles/nagios_server/templates/nagios/services/websites.cfg.j2 index 6b7df3d82e..cca65c3c7a 100644 --- a/roles/nagios_server/templates/nagios/services/websites.cfg.j2 +++ b/roles/nagios_server/templates/nagios/services/websites.cfg.j2 @@ -169,15 +169,6 @@ define service { # servicegroups fas #} -define service { - hostgroup_name github2fedmsg - service_description http-github2fedmsg-internal - check_command check_website!localhost!/github2fedmsg/!stuff - max_check_attempts 8 - use internalwebsitetemplate - event_handler restart_httpd -} - define service { hostgroup_name ipa service_description http-ipa-internal diff --git a/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 b/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 index d2b69a66eb..264c4b3dc3 100644 --- a/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 +++ b/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 @@ -328,12 +328,6 @@ command[check_saslauthd]=/usr/lib64/nagios/plugins/check_procs -c 1:10 -C 'sasla command[check_readonly_fs]=/usr/lib64/nagios/plugins/check_readonly_fs command[check_postfix_queue]=/usr/lib64/nagios/plugins/check_postfix_queue -w 2 -c 5 command[check_merged_file_age]=/usr/lib64/nagios/plugins/check_file_age -w 120 -c 300 /var/log/merged/messages.log -command[check_fedmsg_relay_proc]=/usr/lib64/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-relay' -u fedmsg -command[check_fedmsg_hub_proc]=/usr/lib64/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-hub' -u fedmsg -command[check_fedmsg_gateway_proc]=/usr/lib64/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-gateway' -u fedmsg -command[check_fedmsg_irc_proc]=/usr/lib64/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-irc' -u fedmsg -command[check_fedmsg_tweet_proc]=/usr/lib64/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-tweet' -u fedmsg -command[check_fedmsg_composer_proc]=/usr/lib64/nagios/plugins/check_procs -c 1:1 -C 'fedmsg-hub-3' -u apache command[check_haproxy_conns]=/usr/lib64/nagios/plugins/check_haproxy_conns.py command[check_redis_proc]=/usr/lib64/nagios/plugins/check_procs -c 1:1 -C 'redis-server' -u redis command[check_openvpn_link]=/usr/lib64/nagios/plugins/check_ping -H 192.168.1.41 -w 375.0,20% -c 500,60% @@ -342,7 +336,7 @@ command[check_memcache_connect]=/usr/lib64/nagios/plugins/check_memcache_connect command[check_mirrorlist_docker_proxy]=/usr/lib64/nagios/plugins/check_tcp -H localhost -p 18081 command[check_mailman_api]=/usr/lib64/nagios/plugins/check_http -H localhost -p 8001 -u /3.0 -# The following are fedmsg/datanommer checks to be run on busgateway01. +# The following are fedora mesaging/datanommer checks. # They check for the time since the latest message in any particular category. # The first number is the seconds elapsed until we should raise a warning. # The second number is the seconds elapsed until we should raise an error. @@ -379,36 +373,6 @@ command[check_datanommer_trac]=/usr/lib64/nagios/plugins/check_datanommer_timesi command[check_datanommer_rpmsign]=/usr/lib64/nagios/plugins/check_datanommer_timesince.py org.fedoraproject.prod.buildsys.rpm.sign 10800 14400 command[check_datanommer_wiki]=/usr/lib64/nagios/plugins/check_datanommer_timesince.py wiki 259200 1814400 -# Fedmsg checks for consumers and producers -command[check_fedmsg_cp_busgateway_relay]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-relay RelayConsumer MonitoringProducer -command[check_fedmsg_cp_busgateway_gateway]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-gateway GatewayConsumer MonitoringProducer -command[check_fedmsg_cp_app]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-relay RelayConsumer MonitoringProducer -command[check_fedmsg_cp_value]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-irc IRCBotConsumer MonitoringProducer -command[check_fedmsg_cp_badges_backend]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub FedoraBadgesConsumer MonitoringProducer -command[check_fedmsg_cp_notifs_backend]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub FMNConsumer DigestProducer ConfirmationProducer MonitoringProducer -command[check_fedmsg_cp_hotness_backend]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub BugzillaTicketFiler MonitoringProducer -command[check_fedmsg_cp_packages_backend]=/usr/lib64/nagios/plugins/check_fedmsg_producers_consumers.py fedmsg-hub CacheInvalidator MonitoringProducer - -command[check_fedmsg_cexceptions_busgateway_relay]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-relay RelayConsumer 1 10 -command[check_fedmsg_cexceptions_busgateway_gateway]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-gateway GatewayConsumer 1 10 -command[check_fedmsg_cexceptions_app]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-relay RelayConsumer 1 10 -command[check_fedmsg_cexceptions_value]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-irc IRCBotConsumer 1 10 -command[check_fedmsg_cexceptions_badges_backend]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub FedoraBadgesConsumer 1 10 -command[check_fedmsg_cexceptions_notifs_backend]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub FMNConsumer 1 10 -command[check_fedmsg_cexceptions_hotness_backend]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub BugzillaTicketFiler 1 10 -command[check_fedmsg_cexceptions_packages_backend]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_exceptions.py fedmsg-hub CacheInvalidator 1 10 - -command[check_fedmsg_cbacklog_busgateway_relay]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-relay RelayConsumer 10 50 -command[check_fedmsg_cbacklog_busgateway_gateway]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-gateway GatewayConsumer 10 50 -command[check_fedmsg_cbacklog_app]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-relay RelayConsumer 10 50 -command[check_fedmsg_cbacklog_value]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-irc IRCBotConsumer 10 50 -command[check_fedmsg_cbacklog_badges_backend]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub FedoraBadgesConsumer 25000 35000 -command[check_fedmsg_cbacklog_notifs_backend]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub FMNConsumer 10 50 -command[check_fedmsg_cbacklog_hotness_backend]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub BugzillaTicketFiler 100 500 -command[check_fedmsg_cbacklog_packages_backend_hub]=/usr/lib64/nagios/plugins/check_fedmsg_consumer_backlog.py fedmsg-hub CacheInvalidator 30000 40000 - -command[check_fedmsg_fmn_digest_last_ran]=/usr/lib64/nagios/plugins/check_fedmsg_producer_last_ran.py fedmsg-hub DigestProducer 90 600 -command[check_fedmsg_fmn_confirm_last_ran]=/usr/lib64/nagios/plugins/check_fedmsg_producer_last_ran.py fedmsg-hub ConfirmationProducer 30 300 command[check_systemd_units]=/usr/lib64/nagios/plugins/check_systemd_units # The following are 'action commands' where by an actual action is performed # like restarting httpd diff --git a/roles/openshift-apps/badges/templates/fm-fedbadges.toml b/roles/openshift-apps/badges/templates/fm-fedbadges.toml index 7135fd3bc5..098bf3c476 100644 --- a/roles/openshift-apps/badges/templates/fm-fedbadges.toml +++ b/roles/openshift-apps/badges/templates/fm-fedbadges.toml @@ -6,14 +6,6 @@ amqp_url = "amqps://fedbadges{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedorapr callback = "fedbadges.consumer:FedoraBadgesConsumer" passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/ca/cacert.pem" certfile = "/etc/pki/fedora-messaging/crt/fedbadges-cert.pem" diff --git a/roles/openshift-apps/badges/templates/fm-tahrir.toml b/roles/openshift-apps/badges/templates/fm-tahrir.toml index af468c2a38..6781a4b450 100644 --- a/roles/openshift-apps/badges/templates/fm-tahrir.toml +++ b/roles/openshift-apps/badges/templates/fm-tahrir.toml @@ -5,14 +5,6 @@ amqp_url = "amqps://tahrir{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/ca/cacert.pem" certfile = "/etc/pki/fedora-messaging/crt/tahrir-cert.pem" diff --git a/roles/openshift-apps/datanommer/templates/fedora-messaging-config.toml b/roles/openshift-apps/datanommer/templates/fedora-messaging-config.toml index 3be159cc72..5edb075e8c 100644 --- a/roles/openshift-apps/datanommer/templates/fedora-messaging-config.toml +++ b/roles/openshift-apps/datanommer/templates/fedora-messaging-config.toml @@ -3,14 +3,6 @@ amqp_url = "amqps://datanommer:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpu # Just check if the queue exist, don't try to create it (the server does not allow it). passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/cacert.pem" keyfile = "/etc/pki/fedora-messaging/datanommer-key.pem" diff --git a/roles/openshift-apps/elections/templates/fedora-messaging.toml b/roles/openshift-apps/elections/templates/fedora-messaging.toml index a1b2562a92..31d3ccee16 100644 --- a/roles/openshift-apps/elections/templates/fedora-messaging.toml +++ b/roles/openshift-apps/elections/templates/fedora-messaging.toml @@ -5,14 +5,6 @@ # Broker address amqp_url = "amqps://elections{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/rabbitmq/ca/elections.ca" keyfile = "/etc/pki/rabbitmq/key/elections.key" diff --git a/roles/openshift-apps/fedocal/templates/fedora-messaging.toml b/roles/openshift-apps/fedocal/templates/fedora-messaging.toml index c662676f78..50fb3df9c0 100644 --- a/roles/openshift-apps/fedocal/templates/fedora-messaging.toml +++ b/roles/openshift-apps/fedocal/templates/fedora-messaging.toml @@ -5,14 +5,6 @@ # Broker address amqp_url = "amqps://fedocal{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/rabbitmq/ca/fedocal.ca" keyfile = "/etc/pki/rabbitmq/key/fedocal.key" diff --git a/roles/openshift-apps/firmitas/templates/certlist.yml.j2 b/roles/openshift-apps/firmitas/templates/certlist.yml.j2 index 27f322803e..1aa6f1ded9 100644 --- a/roles/openshift-apps/firmitas/templates/certlist.yml.j2 +++ b/roles/openshift-apps/firmitas/templates/certlist.yml.j2 @@ -687,22 +687,6 @@ mediawiki.stg: time: null path: mediawiki.stg.crt user: firmitas-automata -messaging-bridge.stg.fedoraproject.org: - certstat: - cstarted: true - cstopped: false - daystobt: -2196 - daystodd: 1454 - issuauth: RabbitMQ STAGING CA - serialno: 267647577447577504390734654857817688935 - stopdate: 2028-10-01 15:06:09 - strtdate: 2018-10-04 15:06:09 - notistat: - done: false - link: null - time: null - path: messaging-bridge.stg.fedoraproject.org.crt - user: firmitas-automata mirrormanager.stg: certstat: cstarted: true diff --git a/roles/openshift-apps/fmn/templates/api.toml b/roles/openshift-apps/fmn/templates/api.toml index 79da4108a5..b27356f125 100644 --- a/roles/openshift-apps/fmn/templates/api.toml +++ b/roles/openshift-apps/fmn/templates/api.toml @@ -5,14 +5,6 @@ amqp_url = "amqps://fmn{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/ca/cacert.pem" certfile = "/etc/pki/fedora-messaging/crt/fmn-cert.pem" diff --git a/roles/openshift-apps/greenwave/templates/config.toml b/roles/openshift-apps/greenwave/templates/config.toml index ad9500dcb1..023ed3dc4e 100644 --- a/roles/openshift-apps/greenwave/templates/config.toml +++ b/roles/openshift-apps/greenwave/templates/config.toml @@ -4,12 +4,6 @@ amqp_url = "amqps://greenwave{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - publish_exchange = "amq.topic" passive_declares = true diff --git a/roles/openshift-apps/greenwave/templates/greenwave.py b/roles/openshift-apps/greenwave/templates/greenwave.py index f4a0e03324..437d509217 100644 --- a/roles/openshift-apps/greenwave/templates/greenwave.py +++ b/roles/openshift-apps/greenwave/templates/greenwave.py @@ -47,17 +47,10 @@ config = dict( {% if env == 'staging' %} environment='stg', - relay_inbound=["tcp://busgateway01.stg.iad2.fedoraproject.org:9941"], greenwave_api_url='https://greenwave.stg.fedoraproject.org/api/v1.0', - # STG greenwave should listen to the STG bus. - endpoints=dict( - staging_gateway=[ - 'tcp://stg.fedoraproject.org:9940', - ], ), {% else %} environment='prod', - relay_inbound=["tcp://busgateway01.iad2.fedoraproject.org:9941"], greenwave_api_url='https://greenwave.fedoraproject.org/api/v1.0' {% endif %} ) diff --git a/roles/openshift-apps/kerneltest/templates/fedora-messaging.toml b/roles/openshift-apps/kerneltest/templates/fedora-messaging.toml index 2779b6a1aa..d6b82f83e8 100644 --- a/roles/openshift-apps/kerneltest/templates/fedora-messaging.toml +++ b/roles/openshift-apps/kerneltest/templates/fedora-messaging.toml @@ -3,14 +3,6 @@ amqp_url = "amqps://kerneltest{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedorap # Just check if the queue exist, don't try to create it (the server does not allow it). passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/cacert.pem" keyfile = "/etc/pki/fedora-messaging/kerneltest-key.pem" diff --git a/roles/openshift-apps/koschei/templates/fedora-messaging.toml.j2 b/roles/openshift-apps/koschei/templates/fedora-messaging.toml.j2 index cc73dd455e..2bfb471dbf 100644 --- a/roles/openshift-apps/koschei/templates/fedora-messaging.toml.j2 +++ b/roles/openshift-apps/koschei/templates/fedora-messaging.toml.j2 @@ -1,5 +1,4 @@ amqp_url = "amqps://koschei{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -topic_prefix = "org.fedoraproject.{{ fedmsg_env }}" passive_declares = true [tls] diff --git a/roles/openshift-apps/messaging-bridges/files/imagestream.yml b/roles/openshift-apps/messaging-bridges/files/imagestream.yml deleted file mode 100644 index 56d4540821..0000000000 --- a/roles/openshift-apps/messaging-bridges/files/imagestream.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -apiVersion: image.openshift.io/v1 -kind: ImageStream -metadata: - name: fedmsg-migration-tools -spec: - lookupPolicy: - local: false -status: - dockerImageRepository: "" diff --git a/roles/openshift-apps/messaging-bridges/files/service.yml b/roles/openshift-apps/messaging-bridges/files/service.yml deleted file mode 100644 index dc29483a5a..0000000000 --- a/roles/openshift-apps/messaging-bridges/files/service.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: messaging-bridges - name: rabbitmq -spec: - ports: - - name: amqp - port: 5672 - protocol: TCP - targetPort: 5672 - nodePort: 0 - selector: {} diff --git a/roles/openshift-apps/messaging-bridges/templates/amqp-to-zmq.toml b/roles/openshift-apps/messaging-bridges/templates/amqp-to-zmq.toml deleted file mode 100644 index f10e10b2a9..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/amqp-to-zmq.toml +++ /dev/null @@ -1,67 +0,0 @@ -amqp_url = "amqps://messaging-bridge{{ env_suffix }}.fedoraproject.org:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -publish_exchange = "amq.topic" -passive_declares = true - -[[bindings]] -queue = "amqp_to_zmq" -exchange = "amq.topic" -routing_keys = ["#"] - -[tls] -ca_cert = "/etc/pki/rabbitmq/ca/rabbitmq-ca.crt" -keyfile = "/etc/pki/rabbitmq/key/rabbitmq-fedmsg-migration-tools.key" -certfile = "/etc/pki/rabbitmq/crt/rabbitmq-fedmsg-migration-tools.crt" - -[client_properties] -app = "AMQP to ZMQ" - -[queues.amqp_to_zmq] -durable = true -auto_delete = false -exclusive = false -arguments = {} - -[consumer_config] -publish_endpoint = "tcp://busgateway01{{ env_suffix }}.iad2.fedoraproject.org:9941" -remote_publish = true - -[qos] -prefetch_size = 0 -prefetch_count = 25 - -[log_config] -version = 1 -disable_existing_loggers = true -[log_config.filters.ratelimit] -"()" = "fedmsg_migration_tools.filters.RateLimiter" -rate = 120 -[log_config.formatters.simple] -format = "%(asctime)s [%(name)s %(levelname)s] %(message)s" -datefmt = "%Y-%m-%d %H:%M:%S" -[log_config.handlers.console] -class = "logging.StreamHandler" -formatter = "simple" -stream = "ext://sys.stdout" -[log_config.handlers.email] -class = "logging.handlers.SMTPHandler" -filters = ["ratelimit"] -formatter = "simple" -mailhost = "bastion" -fromaddr = "fedmsg-migration-tools@fedoraproject.org" -toaddrs = ["abompard@fedoraproject.org"] -subject = "ERROR: fedmsg-migration-tools amqp-to-zmq bridge" -[log_config.loggers.fedora_messaging] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.loggers.fedmsg_migration_tools] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.loggers.fedmsg] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.root] -level = "WARNING" -handlers = ["console", "email"] diff --git a/roles/openshift-apps/messaging-bridges/templates/buildconfig.yml.j2 b/roles/openshift-apps/messaging-bridges/templates/buildconfig.yml.j2 deleted file mode 100644 index 1210c2b0b9..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/buildconfig.yml.j2 +++ /dev/null @@ -1,31 +0,0 @@ ---- -apiVersion: build.openshift.io/v1 -kind: BuildConfig -metadata: - name: messaging-bridges-build - labels: - environment: "fedmsg-migration-tools" -spec: - output: - to: - kind: ImageStreamTag - name: fedmsg-migration-tools:latest - source: - type: Git - git: - uri: https://github.com/fedora-infra/fedmsg-migration-tools.git - strategy: - type: Source - sourceStrategy: - from: - kind: ImageStreamTag - namespace: openshift - name: python:3.6 - triggers: -{% if fedmsg_migration_tools_github_secret is defined %} - - type: GitHub - github: - secret: "{{ fedmsg_migration_tools_github_secret }}" -{% endif %} - - type: ConfigChange - - type: ImageChange diff --git a/roles/openshift-apps/messaging-bridges/templates/config.toml b/roles/openshift-apps/messaging-bridges/templates/config.toml deleted file mode 100644 index 93904a335f..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/config.toml +++ /dev/null @@ -1,37 +0,0 @@ -amqp_url = "amqps://messaging-bridge{{ env_suffix }}.fedoraproject.org:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub" -publish_exchange = "amq.topic" -passive_declares = true - -[tls] -ca_cert = "/etc/pki/rabbitmq/ca/rabbitmq-ca.crt" -keyfile = "/etc/pki/rabbitmq/key/rabbitmq-fedmsg-migration-tools.key" -certfile = "/etc/pki/rabbitmq/crt/rabbitmq-fedmsg-migration-tools.crt" - -[client_properties] -app = "fedmsg-migration-tools" - -[qos] -prefetch_size = 0 -prefetch_count = 25 - -[log_config] -version = 1 -disable_existing_loggers = true -[log_config.formatters.simple] -format = "%(asctime)s [%(name)s %(levelname)s] %(message)s" -datefmt = "%Y-%m-%d %H:%M:%S" -[log_config.handlers.console] -class = "logging.StreamHandler" -formatter = "simple" -stream = "ext://sys.stdout" -[log_config.loggers.fedora_messaging] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.loggers.fedmsg_migration_tools] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.root] -level = "WARNING" -handlers = ["console"] diff --git a/roles/openshift-apps/messaging-bridges/templates/configmap.yml.j2 b/roles/openshift-apps/messaging-bridges/templates/configmap.yml.j2 deleted file mode 100644 index 46f6aef486..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/configmap.yml.j2 +++ /dev/null @@ -1,27 +0,0 @@ -{% macro load_file(filename) %}{% include filename %}{%- endmacro -%} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: fedora-messaging-configmap - labels: - app: messaging-bridges -data: - config.toml: |- - {{ load_file('config.toml') | indent }} - amqp-to-zmq.toml: |- - {{ load_file('amqp-to-zmq.toml') | indent }} - zmq-to-amqp.toml: |- - {{ load_file('zmq-to-amqp.toml') | indent }} - verify-missing.toml: |- - {{ load_file('verify-missing.toml') | indent }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: fedmsg-configmap - labels: - app: messaging-bridges -data: - fedmsg-migration-tools.py: |- - {{ load_file('fedmsg-migration-tools.py') | indent }} diff --git a/roles/openshift-apps/messaging-bridges/templates/deploymentconfig.yml b/roles/openshift-apps/messaging-bridges/templates/deploymentconfig.yml deleted file mode 100644 index 98e29c4d27..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/deploymentconfig.yml +++ /dev/null @@ -1,234 +0,0 @@ ---- -apiVersion: apps.openshift.io/v1 -kind: List -metadata: {} -items: -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - labels: - app: messaging-bridges - name: amqp-to-zmq - spec: - replicas: {{ (env == 'production') | ternary(1, 0) }} - selector: - deploymentconfig: amqp-to-zmq - strategy: - resources: {} - template: - metadata: - labels: - app: messaging-bridges - deploymentconfig: amqp-to-zmq - spec: - containers: - - name: fedmsg-migration-tools - image: fedmsg-migration-tools:latest - env: - - name: APP_SCRIPT - value: "./.s2i/amqp-to-zmq" - - name: FEDORA_MESSAGING_CONF - value: "/etc/fedora-messaging/amqp-to-zmq.toml" - volumeMounts: - - name: config-volume - mountPath: /etc/fedora-messaging/ - readOnly: true - - name: fedmsg-config-volume - mountPath: /etc/fedmsg.d/ - readOnly: true - - name: fedmsg-key-volume - mountPath: /etc/pki/fedmsg/key - readOnly: true - - name: fedmsg-crt-volume - mountPath: /etc/pki/fedmsg/crt - readOnly: true - - name: rabbitmq-ca-volume - mountPath: /etc/pki/rabbitmq/ca - readOnly: true - - name: rabbitmq-key-volume - mountPath: /etc/pki/rabbitmq/key - readOnly: true - - name: rabbitmq-crt-volume - mountPath: /etc/pki/rabbitmq/crt - readOnly: true - volumes: - - name: config-volume - configMap: - name: fedora-messaging-configmap - - name: fedmsg-config-volume - configMap: - name: fedmsg-configmap - - name: fedmsg-key-volume - secret: - secretName: fedmsg-key - - name: fedmsg-crt-volume - secret: - secretName: fedmsg-cert - - name: rabbitmq-ca-volume - secret: - secretName: rabbitmq-ca - - name: rabbitmq-key-volume - secret: - secretName: rabbitmq-key - - name: rabbitmq-crt-volume - secret: - secretName: rabbitmq-cert - - triggers: - - type: ConfigChange - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - fedmsg-migration-tools - from: - kind: ImageStreamTag - name: fedmsg-migration-tools:latest ---- -apiVersion: apps.openshift.io/v1 -kind: List -metadata: {} -items: -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - labels: - app: messaging-bridges - name: zmq-to-amqp - spec: - replicas: {{ (env == 'production') | ternary(1, 0) }} - selector: - deploymentconfig: zmq-to-amqp - strategy: - resources: {} - template: - metadata: - labels: - app: messaging-bridges - deploymentconfig: zmq-to-amqp - spec: - containers: - - name: fedmsg-migration-tools - image: fedmsg-migration-tools:latest - env: - - name: APP_SCRIPT - value: "./.s2i/zmq-to-amqp" - - name: FEDMSG_MIGRATION_TOOLS_CONF - value: "/etc/fedora-messaging/zmq-to-amqp.toml" - volumeMounts: - - name: config-volume - mountPath: /etc/fedora-messaging/ - readOnly: true - - name: fedmsg-config-volume - mountPath: /etc/fedmsg.d/ - readOnly: true - - name: rabbitmq-ca-volume - mountPath: /etc/pki/rabbitmq/ca - readOnly: true - - name: rabbitmq-key-volume - mountPath: /etc/pki/rabbitmq/key - readOnly: true - - name: rabbitmq-crt-volume - mountPath: /etc/pki/rabbitmq/crt - readOnly: true - volumes: - - name: config-volume - configMap: - name: fedora-messaging-configmap - - name: fedmsg-config-volume - configMap: - name: fedmsg-configmap - - name: rabbitmq-ca-volume - secret: - secretName: rabbitmq-ca - - name: rabbitmq-key-volume - secret: - secretName: rabbitmq-key - - name: rabbitmq-crt-volume - secret: - secretName: rabbitmq-cert - - triggers: - - type: ConfigChange - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - fedmsg-migration-tools - from: - kind: ImageStreamTag - name: fedmsg-migration-tools:latest ---- -apiVersion: apps.openshift.io/v1 -kind: List -metadata: {} -items: -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - labels: - app: messaging-bridges - name: verify-missing - spec: - replicas: {{ (env == 'production') | ternary(1, 0) }} - selector: - deploymentconfig: verify-missing - strategy: - resources: {} - template: - metadata: - labels: - app: messaging-bridges - deploymentconfig: verify-missing - spec: - containers: - - name: fedmsg-migration-tools - image: fedmsg-migration-tools:latest - env: - - name: APP_SCRIPT - value: "./.s2i/verify-missing" - - name: FEDMSG_MIGRATION_TOOLS_CONF - value: "/etc/fedora-messaging/verify-missing.toml" - volumeMounts: - - name: config-volume - mountPath: /etc/fedora-messaging/ - readOnly: true - - name: fedmsg-config-volume - mountPath: /etc/fedmsg.d/ - readOnly: true - - name: rabbitmq-ca-volume - mountPath: /etc/pki/rabbitmq/ca - readOnly: true - - name: rabbitmq-key-volume - mountPath: /etc/pki/rabbitmq/key - readOnly: true - - name: rabbitmq-crt-volume - mountPath: /etc/pki/rabbitmq/crt - readOnly: true - volumes: - - name: config-volume - configMap: - name: fedora-messaging-configmap - - name: fedmsg-config-volume - configMap: - name: fedmsg-configmap - - name: rabbitmq-ca-volume - secret: - secretName: rabbitmq-ca - - name: rabbitmq-key-volume - secret: - secretName: rabbitmq-key - - name: rabbitmq-crt-volume - secret: - secretName: rabbitmq-cert - - triggers: - - type: ConfigChange - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - fedmsg-migration-tools - from: - kind: ImageStreamTag - name: fedmsg-migration-tools:latest diff --git a/roles/openshift-apps/messaging-bridges/templates/fedmsg-migration-tools.py b/roles/openshift-apps/messaging-bridges/templates/fedmsg-migration-tools.py deleted file mode 100644 index 5dbb789710..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/fedmsg-migration-tools.py +++ /dev/null @@ -1,76 +0,0 @@ -import socket - -hostname = socket.gethostname().split('.', 1)[0] -config = { - 'sign_messages': True, - 'active': True, - 'cert_prefix': 'fedmsg-migration-tools', - 'certnames': {'fedmsg-migration-tools.{}'.format(socket.gethostname()): 'fedmsg-migration-tools'}, - 'relay_inbound': 'tcp://busgateway01{{ env_suffix }}.iad2.fedoraproject.org:9941', -{% if env == 'staging' %} -# stg should listen to the stg bus - 'endpoints': { - 'staging_gateway': ['tcp://stg.fedoraproject.org:9940'] - }, - 'environment': 'stg', -{% else %} - 'environment': 'prod', -{% endif %} - "validate_signatures": True, - "crypto_backend": 'x509', - "crypto_validate_backends": ['x509'], - "ssldir": "/opt/app-root/etc/pki/fedmsg", - "crl_location": "https://fedoraproject.org/fedmsg/crl.pem", - "crl_cache": "/tmp/fedmsg/crl.pem", - "crl_cache_expiry": 3600, - "ca_cert_location": "https://fedoraproject.org/fedmsg/ca.crt", - "ca_cert_cache": "/tmp/fedmsg/ca.crt", - "ca_cert_cache_expiry": 0, # Never expires - # A mapping of fully qualified topics to a list of cert names for which - # a valid signature is to be considered authorized. Messages on topics not - # listed here are considered automatically authorized. - # ** policy dynamically generated from inventory vars - # See ansible/filter_plugins/fedmsg.py for this inversion filter. - "routing_policy": { - {% for topic, certs in groups | invert_fedmsg_policy(hostvars, env) %} - "{{topic}}": [ - {% for cert in certs %} - "{{ cert }}", -{% endfor %} - "fedmsg-migration-tools-fedmsg-migration-tools{{env_suffix}}.fedoraproject.org", - ], -{% endfor %} - }, - # Set this to True if you want messages to be dropped that aren't - # explicitly whitelisted in the routing_policy. - # When this is False, only messages that have a topic in the routing_policy - # but whose cert names aren't in the associated list are dropped; messages - # whose topics do not appear in the routing_policy are not dropped. - "routing_nitpicky": False, - # Logging - "logging": { - "version": 1, - "loggers": { - "fedmsg_migration_tools": { - "handlers": ["console"], "propagate": False, "level": "DEBUG"}, - "fedmsg": { - "handlers": ["console"], "propagate": False, "level": "DEBUG"}, - "moksha": { - "handlers": ["console"], "propagate": False, "level": "DEBUG"}, - }, - "handlers": { - "console": { - "formatter": "bare", - "class": "logging.StreamHandler", - "stream": "ext://sys.stdout", - "level": "DEBUG" - } - }, - "formatters": { - "bare": { - "datefmt": "%Y-%m-%d %H:%M:%S", - "format": "[%(asctime)s][%(name)10s %(levelname)7s] %(message)s" - }, - }, - }, -} diff --git a/roles/openshift-apps/messaging-bridges/templates/verify-missing.toml b/roles/openshift-apps/messaging-bridges/templates/verify-missing.toml deleted file mode 100644 index 53cd8b9609..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/verify-missing.toml +++ /dev/null @@ -1,79 +0,0 @@ -[zmq_to_amqp] -# The AMQP exchange to publish to. -exchange = "zmq.topic" -# A list of topics to filter the incoming ZMQ messages on; by default all -# messages are forwarded to AMQP. -topics = [""] -# A list of strings in the ZeroMQ socket format (e.g. "tcp://host:socket") -zmq_endpoints = [ -{% if env == 'staging' %} - "tcp://stg.fedoraproject.org:9940", -{% else %} - "tcp://fedoraproject.org:9940", -{% endif %} - #"tcp://release-monitoring.org:9940", -] - -[verify_missing] -# The queue to setup -[verify_missing.queue] -queue = "amqp_bridge_verify_missing" -durable = true -auto_delete = false -exclusive = false -arguments = { x-message-ttl = 60000 } -# The exchanges to declare -[[verify_missing.exchanges]] -exchange = "amq.topic" -exchange_type = "topic" -durable = true -[[verify_missing.exchanges]] -exchange = "zmq.topic" -exchange_type = "topic" -durable = true -# The bindings to use for the AMQP queue -[[verify_missing.bindings]] -exchange = "zmq.topic" -queue = "amqp_bridge_verify_missing" -routing_keys = ["#"] -[[verify_missing.bindings]] -exchange = "amq.topic" -queue = "amqp_bridge_verify_missing" -routing_keys = ["#"] - -[log_config] -version = 1 -disable_existing_loggers = true -[log_config.filters.ratelimit] -"()" = "fedmsg_migration_tools.filters.RateLimiter" -rate = 120 -[log_config.formatters.simple] -format = "%(asctime)s [%(name)s %(levelname)s] %(message)s" -datefmt = "%Y-%m-%d %H:%M:%S" -[log_config.handlers.console] -class = "logging.StreamHandler" -formatter = "simple" -stream = "ext://sys.stdout" -[log_config.handlers.email] -class = "logging.handlers.SMTPHandler" -formatter = "simple" -filters = ["ratelimit"] -mailhost = "bastion" -fromaddr = "fedmsg-migration-tools@fedoraproject.org" -toaddrs = ["abompard@fedoraproject.org"] -subject = "ERROR: fedmsg-migration-tools verify-missing service ({{ env }})" -[log_config.loggers.fedmsg_migration_tools] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.loggers.fedora_messaging] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.loggers.fedmsg] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.root] -level = "WARNING" -handlers = ["console", "email"] diff --git a/roles/openshift-apps/messaging-bridges/templates/zmq-to-amqp.toml b/roles/openshift-apps/messaging-bridges/templates/zmq-to-amqp.toml deleted file mode 100644 index 0205d1ce30..0000000000 --- a/roles/openshift-apps/messaging-bridges/templates/zmq-to-amqp.toml +++ /dev/null @@ -1,52 +0,0 @@ -[zmq_to_amqp] -# The AMQP exchange to publish to. -exchange = "zmq.topic" -# A list of topics to filter the incoming ZMQ messages on; by default all -# messages are forwarded to AMQP. -topics = [""] -# A list of strings in the ZeroMQ socket format (e.g. "tcp://host:socket") -zmq_endpoints = [ -{% if env == 'staging' %} - "tcp://stg.fedoraproject.org:9940", -{% else %} - "tcp://fedoraproject.org:9940", -{% endif %} - #"tcp://release-monitoring.org:9940", -] - -[log_config] -version = 1 -disable_existing_loggers = true -[log_config.filters.ratelimit] -"()" = "fedmsg_migration_tools.filters.RateLimiter" -rate = 120 -[log_config.formatters.simple] -format = "%(asctime)s [%(name)s %(levelname)s] %(message)s" -datefmt = "%Y-%m-%d %H:%M:%S" -[log_config.handlers.console] -class = "logging.StreamHandler" -formatter = "simple" -stream = "ext://sys.stdout" -[log_config.handlers.email] -class = "logging.handlers.SMTPHandler" -filters = ["ratelimit"] -formatter = "simple" -mailhost = "bastion" -fromaddr = "fedmsg-migration-tools@fedoraproject.org" -toaddrs = ["abompard@fedoraproject.org"] -subject = "ERROR: fedmsg-migration-tools zmq-to-amqp bridge" -[log_config.loggers.fedora_messaging] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.loggers.fedmsg_migration_tools] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.loggers.fedmsg] -level = "INFO" -propagate = false -handlers = ["console"] -[log_config.root] -level = "WARNING" -handlers = ["console", "email"] diff --git a/roles/openshift-apps/mirrormanager/templates/fedora-messaging.toml b/roles/openshift-apps/mirrormanager/templates/fedora-messaging.toml index 8dc09dc375..94e3be3737 100644 --- a/roles/openshift-apps/mirrormanager/templates/fedora-messaging.toml +++ b/roles/openshift-apps/mirrormanager/templates/fedora-messaging.toml @@ -3,14 +3,6 @@ amqp_url = "amqps://mirrormanager{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedo # Just check if the queue exist, don't try to create it (the server does not allow it). passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/ca/cacert.pem" keyfile = "/etc/pki/fedora-messaging/key/key.pem" diff --git a/roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml b/roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml deleted file mode 100644 index 8f29dc1dc6..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -apiVersion: v1 -data: - dashboards.yml: | - apiVersion: 1 - - providers: - # an unique provider name. Required - - name: 'Preset Dashboards' - # Org id. Default to 1 - orgId: 1 - # name of the dashboard folder. - folder: '' - # folder UID. will be automatically generated if not specified - folderUid: '' - # provider type. Default to 'file' - type: file - # disable dashboard deletion - disableDeletion: false - # how often Grafana will scan for changed dashboards - updateIntervalSeconds: 10 - # allow updating provisioned dashboards from the UI - allowUiUpdates: false - options: - # path to dashboard files on disk. Required when using the 'file' type - path: /var/lib/grafana/dashboards - # use folder names from filesystem to create folders in Grafana - foldersFromFilesStructure: true -kind: ConfigMap -metadata: - name: grafana-dashboards-provision diff --git a/roles/openshift-apps/monitor-dashboard/files/dashboards.yaml b/roles/openshift-apps/monitor-dashboard/files/dashboards.yaml deleted file mode 100644 index 1198cf94fc..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/dashboards.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -apiVersion: 1 - -providers: - # an unique provider name. Required - - name: 'Preset Dashboards' - # Org id. Default to 1 - orgId: 1 - # name of the dashboard folder. - folder: '' - # folder UID. will be automatically generated if not specified - folderUid: '' - # provider type. Default to 'file' - type: file - # disable dashboard deletion - disableDeletion: false - # how often Grafana will scan for changed dashboards - updateIntervalSeconds: 10 - # allow updating provisioned dashboards from the UI - allowUiUpdates: false - options: - # path to dashboard files on disk. Required when using the 'file' type - path: /var/lib/grafana/dashboards - # use folder names from filesystem to create folders in Grafana - foldersFromFilesStructure: true diff --git a/roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml b/roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml deleted file mode 100644 index a8e23259f0..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: v1 -kind: Route -metadata: - name: datagrepper - labels: - app: datagrepper -spec: - # host: waiverdb.stg.fedoraproject.org - port: - targetPort: datagrepper - to: - kind: Service - name: datagrepper - tls: - termination: Edge - insecureEdgeTerminationPolicy: Redirect diff --git a/roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml b/roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml deleted file mode 100644 index 2dfc67ec49..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: datagrepper - labels: - app: datagrepper -spec: - selector: - app: datagrepper - service: datagrepper - ports: - - name: datagrepper - port: 8080 - targetPort: 8080 diff --git a/roles/openshift-apps/monitor-dashboard/files/dockerfile-datagrepper b/roles/openshift-apps/monitor-dashboard/files/dockerfile-datagrepper deleted file mode 100644 index 7598b61357..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/dockerfile-datagrepper +++ /dev/null @@ -1,15 +0,0 @@ -FROM fedora:32 -LABEL \ - name="datagrepper" \ - vendor="Fedora Infrastructure" \ - license="MIT" -RUN dnf -y install fedora-messaging python3 python3-fedmsg python3-gunicorn python3-pip python3-psycopg2 git -RUN git clone https://github.com/fedora-infra/datagrepper.git /srv/datanommer && \ - cd /srv/datanommer && \ - python3 -m pip install -r requirements.txt && \ - python3 -m pip install . --no-use-pep517 && \ - mkdir -p /usr/share/datagrepper && \ - cp /srv/datanommer/apache/datagrepper.wsgi /usr/share/datagrepper/datagrepper.wsgi && \ - cp /srv/datanommer/fedmsg.d/example-datagrepper.py /etc/fedmsg.d/datagrepper.py -env DATAGREPPER_CONFIG=/srv/datanommer/apache/datagrepper.cfg -CMD ["gunicorn", "-b", "0.0.0.0:8080", "-w", "4", "--log-level", "DEBUG", "-t", "180", "datagrepper.app:app"] diff --git a/roles/openshift-apps/monitor-dashboard/files/imagestream.yml b/roles/openshift-apps/monitor-dashboard/files/imagestream.yml deleted file mode 100644 index 5e863cd49a..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/imagestream.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: image.openshift.io/v1 -items: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - name: datagrepper - labels: - build: datagrepper -kind: List -metadata: {} diff --git a/roles/openshift-apps/monitor-dashboard/files/notifiers.yaml b/roles/openshift-apps/monitor-dashboard/files/notifiers.yaml deleted file mode 100644 index 324530692f..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/notifiers.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: grafana-notifiers - labels: - app: monitor-dashboard -data: - notifiers.yml: |- - notifiers: - - name: Monitor Gating Dashboard Alerts - type: googlechat - uid: l7OKaKpGk - # either - org_id: 1 - is_default: false - send_reminder: false - frequency: 1h - disable_resolve_message: false - # See `Supported Settings` section for settings supported for each - # alert notification type. - settings: - uploadImage: false - autoResolve: true - httpMethod: POST - severity: critical - url: https://chat.googleapis.com/v1/spaces/AAAAgMlYYeQ/messages?key=AIzaSyDdI0hCZtE6vySjMm-WEfRq3CPzqKqqsHI&token=bu44RPo8FAICEBrtCkvAzuwe9Pnvcq1PJVfaIvMqtVk%3D diff --git a/roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml b/roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml deleted file mode 100644 index a1d2c092d2..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: v1 -kind: Route -metadata: - name: postgrest - labels: - app: postgrest -spec: - # host: waiverdb.stg.fedoraproject.org - port: - targetPort: postgrest - to: - kind: Service - name: postgrest - tls: - termination: Edge - insecureEdgeTerminationPolicy: Redirect diff --git a/roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml b/roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml deleted file mode 100644 index b1b8c2e89d..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: postgrest - labels: - app: postgrest -spec: - selector: - app: postgrest - service: postgrest - ports: - - name: postgrest - port: 8080 - targetPort: 3000 diff --git a/roles/openshift-apps/monitor-dashboard/files/prest_route.yml b/roles/openshift-apps/monitor-dashboard/files/prest_route.yml deleted file mode 100644 index 7feef9695e..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/prest_route.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: v1 -kind: Route -metadata: - name: prest - labels: - app: prest -spec: - # host: waiverdb.stg.fedoraproject.org - port: - targetPort: prest - to: - kind: Service - name: prest - tls: - termination: Edge - insecureEdgeTerminationPolicy: Redirect diff --git a/roles/openshift-apps/monitor-dashboard/files/prest_service.yml b/roles/openshift-apps/monitor-dashboard/files/prest_service.yml deleted file mode 100644 index 4a579091d3..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/prest_service.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: prest - labels: - app: prest -spec: - selector: - app: prest - service: prest - ports: - - name: prest - port: 8080 - targetPort: 3000 diff --git a/roles/openshift-apps/monitor-dashboard/files/route.yml b/roles/openshift-apps/monitor-dashboard/files/route.yml deleted file mode 100644 index b60bf4ac9a..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/route.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - name: monitor-dashboard - labels: - app: monitor-dashboard -spec: - # host: waiverdb.stg.fedoraproject.org - port: - targetPort: web - to: - kind: Service - name: monitor-dashboard-web - tls: - termination: reencrypt - insecureEdgeTerminationPolicy: Redirect diff --git a/roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml b/roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml deleted file mode 100644 index f9fc719e08..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: monitor-dashboard-web - annotations: - serviceaccounts.openshift.io/oauth-redirectreference.primary: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"monitor-dashboard-web"}}' diff --git a/roles/openshift-apps/monitor-dashboard/files/service.yml b/roles/openshift-apps/monitor-dashboard/files/service.yml deleted file mode 100644 index 8e3ef2e09e..0000000000 --- a/roles/openshift-apps/monitor-dashboard/files/service.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: monitor-dashboard-web - labels: - app: dashboard - annotations: - service.alpha.openshift.io/serving-cert-secret-name: grafana-tls -spec: - selector: - app: monitor-dashboard - service: web - ports: - - name: web - port: 8443 - targetPort: 8443 diff --git a/roles/openshift-apps/monitor-dashboard/templates/buildconfig.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/buildconfig.yml.j2 deleted file mode 100644 index 0b8cfbe673..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/buildconfig.yml.j2 +++ /dev/null @@ -1,39 +0,0 @@ -{% macro load_file(filename) %}{% include filename %}{%- endmacro -%} -apiVersion: build.openshift.io/v1 -items: -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - labels: - build: datagrepper - name: datagrepper - spec: - runPolicy: Serial - source: - dockerfile: |- - FROM fedora:32 - LABEL \ - name="datagrepper" \ - vendor="Fedora Infrastructure" \ - license="MIT" - RUN dnf -y install fedora-messaging python3 python3-fedmsg python3-gunicorn python3-pip python3-psycopg2 git - RUN git clone https://github.com/fedora-infra/datagrepper.git /srv/datanommer && \ - cd /srv/datanommer && \ - python3 -m pip install -r requirements.txt && \ - python3 -m pip install . --no-use-pep517 && \ - mkdir -p /usr/share/datagrepper && \ - cp /srv/datanommer/apache/datagrepper.wsgi /usr/share/datagrepper/datagrepper.wsgi && \ - cp /srv/datanommer/fedmsg.d/example-datagrepper.py /etc/fedmsg.d/datagrepper.py - env DATAGREPPER_CONFIG=/srv/datanommer/apache/datagrepper.cfg - CMD ["gunicorn", "-b", "0.0.0.0:8080", "-w", "4", "--log-level", "DEBUG", "-t", "180", "datagrepper.app:app"] - type: Dockerfile - strategy: - type: Docker - dockerStrategy: - noCache: false - output: - to: - kind: ImageStreamTag - name: datagrepper:latest -kind: List -metadata: {} diff --git a/roles/openshift-apps/monitor-dashboard/templates/configmap.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/configmap.yml.j2 deleted file mode 100644 index 01cfce295d..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/configmap.yml.j2 +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: grafana-datasources - labels: - app: monitor-dashboard -data: - datasource.yml: |- - apiVersion: 1 - datasources: - - name: Datanommer - type: postgres - url: db-datanommer02.iad2.fedoraproject.org:5432 - database: datanommer - user: datanommer_ro - secureJsonData: - password: {{ datanommer_ro_password }} - jsonData: - default: true - sslmode: "disable" # disable/require/verify-ca/verify-full - maxOpenConns: 0 # Grafana v5.4+ - maxIdleConns: 2 # Grafana v5.4+ - connMaxLifetime: 14400 # Grafana v5.4+ - postgresVersion: 1200 # 903=9.3, 904=9.4, 905=9.5, 906=9.6, 1000=10 - timescaledb: false - - name: Promscale - type: prometheus - url: https://promscale.apps.ocp.ci.centos.org/ - access: proxy - basicAuth: false - withCredentials: false - isDefault: false diff --git a/roles/openshift-apps/monitor-dashboard/templates/dashboard_anitya.json.j2 b/roles/openshift-apps/monitor-dashboard/templates/dashboard_anitya.json.j2 deleted file mode 100644 index 4580515884..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/dashboard_anitya.json.j2 +++ /dev/null @@ -1,282 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "gnetId": null, - "graphTooltip": 0, - "id": 2, - "links": [], - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "description": "", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "hiddenSeries": false, - "id": 6, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "SELECT\n date(\"timestamp\") AS time,\n count(*)\nFROM\n messages\nWHERE\n topic like '%project.add%' AND\n $__timeFilter(\"timestamp\")\ngroup by\n time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "New projects per day", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 8 - }, - "hiddenSeries": false, - "id": 4, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "SELECT\n date(\"timestamp\") AS time,\n count(*)\nFROM\n messages\nWHERE\n topic like '%version.update%' AND\n $__timeFilter(\"timestamp\")\ngroup by\n time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Updates per day", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "schemaVersion": 26, - "style": "dark", - "tags": [], - "templating": { - "list": [] - }, - "time": { - "from": "now-7d", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Anitya", - "uid": "8Zi9LU5Mz", - "version": 5 - } \ No newline at end of file diff --git a/roles/openshift-apps/monitor-dashboard/templates/dashboard_config.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/dashboard_config.yml.j2 deleted file mode 100644 index c569f25959..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/dashboard_config.yml.j2 +++ /dev/null @@ -1,15 +0,0 @@ -{%- macro load_file(filename) %}{% include filename %}{%- endmacro -%} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: grafana-dashboards - labels: - app: monitor-dashboard -data: - dashboard_monitor_gating.json: |- - {{ load_file('dashboard_monitor_gating.json.j2') | indent(6) }} - dashboard_anitya.json: |- - {{ load_file('dashboard_anitya.json.j2') | indent(6) }} - dashboard_fedora_coreos_updates.json: |- - {{ load_file('dashboard_fedora_coreos_updates.json.j2') | indent(6) }} diff --git a/roles/openshift-apps/monitor-dashboard/templates/dashboard_fedora_coreos_updates.json.j2 b/roles/openshift-apps/monitor-dashboard/templates/dashboard_fedora_coreos_updates.json.j2 deleted file mode 100644 index a354ccb4b3..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/dashboard_fedora_coreos_updates.json.j2 +++ /dev/null @@ -1,497 +0,0 @@ -{ - "__inputs": [ ], - "__requires": [ ], - "annotations": { - "list": [ ] - }, - "editable": false, - "gnetId": null, - "graphTooltip": 0, - "hideControls": false, - "id": null, - "links": [ ], - "refresh": "", - "rows": [ - { - "collapse": false, - "collapsed": false, - "panels": [ - { - "aliasColors": { }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "$datasource", - "fill": 1, - "gridPos": { }, - "id": 2, - "legend": { - "alignAsTable": true, - "avg": false, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [ ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [ ], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "sum by(os_version) (zincati_identity_os_info)", - "format": "time_series", - "intervalFactor": 2, - "legendFormat":{{ '"{{os_version}}"' }}, - "refId": "A" - } - ], - "thresholds": [ ], - "timeFrom": null, - "timeShift": null, - "title": "OS versions", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ ] - }, - "yaxes": [ - { - "decimals": 0, - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - } - ] - }, - { - "aliasColors": { }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "$datasource", - "fill": 1, - "gridPos": { }, - "id": 3, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [ ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [ ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "zincati_identity_rollout_wariness != 0", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": {{ '"{{instance}}"' }}, - "refId": "A" - } - ], - "thresholds": [ ], - "timeFrom": null, - "timeShift": null, - "title": "Static rollout wariness", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ ] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "Agent identity", - "titleSize": "h6", - "type": "row" - }, - { - "collapse": false, - "collapsed": false, - "panels": [ - { - "aliasColors": { }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "$datasource", - "fill": 1, - "gridPos": { }, - "id": 4, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [ ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [ ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "quantile_over_time(0.99, (time() - zincati_update_agent_last_refresh_timestamp)[15m:])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": {{ '"{{instance}}"' }}, - "refId": "A" - } - ], - "thresholds": [ ], - "timeFrom": null, - "timeShift": null, - "title": "Agent refresh period (p99)", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ ] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - } - ] - }, - { - "aliasColors": { }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "$datasource", - "fill": 1, - "gridPos": { }, - "id": 5, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [ ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [ ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (kind) (rate(zincati_cincinnati_update_checks_errors_total[5m]))", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": {{'"kind: {{kind}}"'}}, - "refId": "A" - } - ], - "thresholds": [ ], - "timeFrom": null, - "timeShift": null, - "title": "Cincinnati client error-rate", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ ] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - } - ] - }, - { - "aliasColors": { }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "$datasource", - "fill": 1, - "gridPos": { }, - "id": 6, - "legend": { - "alignAsTable": true, - "avg": false, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [ ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [ ], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (os_version) ((zincati_cincinnati_booted_release_is_deadend) + on (instance) group_left(os_version) (0*zincati_identity_os_info))", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": {{ '"{{os_version}}"' }}, - "refId": "A" - } - ], - "thresholds": [ ], - "timeFrom": null, - "timeShift": null, - "title": "Deadends detected", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ ] - }, - "yaxes": [ - { - "decimals": 0, - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "Agent details", - "titleSize": "h6", - "type": "row" - } - ], - "schemaVersion": 14, - "style": "dark", - "tags": [ ], - "templating": { - "list": [ - { - "current": { - "text": "Prometheus", - "value": "Prometheus" - }, - "hide": 0, - "label": null, - "name": "datasource", - "options": [ ], - "query": "prometheus", - "refresh": 1, - "regex": "", - "type": "datasource" - } - ] - }, - "time": { - "from": "now-7d", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "Fedora CoreOS updates (Zincati)", - "version": 0 - } \ No newline at end of file diff --git a/roles/openshift-apps/monitor-dashboard/templates/dashboard_monitor_gating.json.j2 b/roles/openshift-apps/monitor-dashboard/templates/dashboard_monitor_gating.json.j2 deleted file mode 100644 index ab83b6ddb0..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/dashboard_monitor_gating.json.j2 +++ /dev/null @@ -1,3057 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "gnetId": null, - "graphTooltip": 0, - "id": 2, - "iteration": 1603378842428, - "links": [], - "panels": [ - { - "datasource": "Datanommer", - "description": "", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "gridPos": { - "h": 5, - "w": 18, - "x": 0, - "y": 0 - }, - "id": 39, - "options": { - "content": "# Monitor-gating analysis\n\nAnalysis of runs of the https://pagure.io/fedora-ci/monitor-gating project over time.\n\nNotes on triaging problems here: https://hackmd.io/3NWpzzutTDu8CXFrIT1JqQ?both ", - "mode": "markdown" - }, - "pluginVersion": "7.1.0", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": false, - "rawSql": "SELECT\n $__time(time_column),\n value1\nFROM\n metric_table\nWHERE\n $__timeFilter(time_column)\n", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Monitor-gating analysis", - "type": "text" - }, - { - "alert": { - "alertRuleTags": {}, - "conditions": [ - { - "evaluator": { - "params": [ - 15 - ], - "type": "lt" - }, - "operator": { - "type": "and" - }, - "query": { - "params": [ - "A", - "5m", - "now" - ] - }, - "reducer": { - "params": [], - "type": "max" - }, - "type": "query" - } - ], - "executionErrorState": "alerting", - "for": "10m", - "frequency": "10m", - "handler": 1, - "message": "Less than 10 runs in the last day.", - "name": "Tests per day alert", - "noDataState": "keep_state", - "notifications": [ - { - "uid": "l7OKaKpGk" - } - ] - }, - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null, - "filterable": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 5, - "w": 3, - "x": 18, - "y": 0 - }, - "hiddenSeries": false, - "id": 41, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select now() as time, count(*) from messages where topic like '%gating%end%' and \"timestamp\" > now() - interval '1 day'\r\n", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [ - { - "colorMode": "critical", - "fill": true, - "line": true, - "op": "lt", - "value": 15 - } - ], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Test runs last 24 hours", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "alert": { - "alertRuleTags": {}, - "conditions": [ - { - "evaluator": { - "params": [ - 5 - ], - "type": "gt" - }, - "operator": { - "type": "and" - }, - "query": { - "params": [ - "A", - "5m", - "now" - ] - }, - "reducer": { - "params": [], - "type": "avg" - }, - "type": "query" - } - ], - "executionErrorState": "alerting", - "for": "5m", - "frequency": "1m", - "handler": 1, - "message": "More than 5 failures", - "name": "Failures last 24 hours alert", - "noDataState": "no_data", - "notifications": [] - }, - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "description": "", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 5, - "w": 3, - "x": 21, - "y": 0 - }, - "hiddenSeries": false, - "id": 43, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select now() as time, count(*) from messages where topic like '%gating%end%fail' and \"timestamp\" > now() - interval '1 day'\r\n", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [ - { - "colorMode": "critical", - "fill": true, - "line": true, - "op": "gt", - "value": 5 - } - ], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Failures last 24 hours", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "datasource": "Datanommer", - "description": "Percentage of successful runs (as noted by monitor-gating sending org.fedoraproject.prod.monitor-gating.$test.end.success message) out of all of org.fedoraproject.prod.monitor-gating.$test.end.* messages ", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [ - { - "from": "", - "id": 1, - "text": "", - "to": "", - "type": 1 - } - ], - "max": 100, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 0, - "y": 5 - }, - "id": 8, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": true - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with c as (select count(*) as finished_gating_runs from messages where topic like '%gating%$test%.end.%' and $__timeFilter(\"timestamp\")),\r\ns as (select count(*) as ci_completed from messages where topic like '%gating%$test%.end%succe%' and $__timeFilter(\"timestamp\"))\r\nselect (s.ci_completed*100)/c.finished_gating_runs as percent_ci_done from c,s\r\n", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Full Run Success in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "Percentage of runs that reached the step in the build where the package was successfully cloned, its version was bumped and it was pushed again.", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 3, - "y": 5 - }, - "id": 9, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": false - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select * from messages where topic like 'org.fedoraproject.prod.monitor-gating.$test%' and $__timeFilter(\"timestamp\")),\r\nc as (select count(*) as finished_gating_runs from t where topic like '%end%'),\r\ns as (select count(*) as ci_completed from t where (topic like '%succeeded' or ((topic like '%failed' or topic like '%error') and _msg::jsonb#>>'{output_text}' ~ '.*Pushing changes\\s+\\[DONE\\].*')))\r\nselect ((s.ci_completed)*100)/c.finished_gating_runs as percent_ci_done from c,s", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Pagure Success in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "Percentage of runs that reached the step of Koji successfully finishing the package build.", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 6, - "y": 5 - }, - "id": 11, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": false - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select * from messages where topic like 'org.fedoraproject.prod.monitor-gating.$test%' and $__timeFilter(\"timestamp\")),\r\nc as (select count(*) as finished_gating_runs from t where topic like '%end%'),\r\ns as (select count(*) as ci_completed from t where (topic like '%succeeded' or ((topic like '%failed' or topic like '%error') and _msg::jsonb#>>'{output_text}' ~ '.*uilding the package.+\\[DONE\\]')))\r\nselect ((s.ci_completed)*100)/c.finished_gating_runs as percent_ci_done from c,s", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Koji Success in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "Percentage of runs that successfuly reached the step of initial creation of the update in Bodhi", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 9, - "y": 5 - }, - "id": 10, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": false - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select * from messages where topic like 'org.fedoraproject.prod.monitor-gating.$test%' and $__timeFilter(\"timestamp\")),\r\nc as (select count(*) as finished_gating_runs from t where topic like '%end%'),\r\ns as (select count(*) as ci_completed from t where (topic like '%succeeded' or ((topic like '%failed' or topic like '%error') and _msg::jsonb#>>'{output_text}' ~ 'bodhi[^\\n]+\\[DONE\\]')))\r\nselect ((s.ci_completed)*100)/c.finished_gating_runs as percent_ci_done from c,s", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Bodhi Success in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "Percentage of runs, where it reached the notification for the test failing in CI in a given time-limit.", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 12, - "y": 5 - }, - "id": 7, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": false - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select * from messages where topic like 'org.fedoraproject.prod.monitor-gating.$test%' and $__timeFilter(\"timestamp\")),\r\nc as (select count(*) as finished_gating_runs from t where topic like '%end%'),\r\ns as (select count(*) as ci_completed from t where (topic like '%succeeded' or ((topic like '%failed' or topic like '%error') and _msg::jsonb#>>'{output_text}' LIKE '%CI (complete) results in datagrepper returned error%')))\r\nselect ((s.ci_completed)*100)/c.finished_gating_runs as percent_ci_done from c,s", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "CI Fast & Correct in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "Percentage of runs where resultsdb send out the notification for learning about the result in the given time-limit.", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 15, - "y": 5 - }, - "id": 14, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": false - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select * from messages where topic like 'org.fedoraproject.prod.monitor-gating.$test%' and $__timeFilter(\"timestamp\")),\r\nc as (select count(*) as finished_gating_runs from t where topic like '%end%'),\r\ns as (select count(*) as ci_completed from t where (topic like '%succeeded' or ((topic like '%failed' or topic like '%error') and _msg::jsonb#>>'{output_text}' ~ 'resultsdb results in datagrepper returned FAILED[^\\n]+\\[DONE\\]')))\r\nselect ((s.ci_completed)*100)/c.finished_gating_runs as percent_ci_done from c,s", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "ResultsDB Fast & Correct in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "Percentage of runs that reached the Greenwave gating a release of a backage based on a failed CI run", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 18, - "y": 5 - }, - "id": 12, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": false - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select * from messages where topic like 'org.fedoraproject.prod.monitor-gating.$test%' and $__timeFilter(\"timestamp\")),\r\nc as (select count(*) as finished_gating_runs from t where topic like '%end%'),\r\ns as (select count(*) as ci_completed from t where (topic like '%succeeded' or ((topic like '%failed' or topic like '%error') and _msg::jsonb#>>'{output_text}' ~ 'greenwave results in datagrepper returned False[^\\n]+\\[DONE\\]')))\r\nselect ((s.ci_completed)*100)/c.finished_gating_runs as percent_ci_done from c,s", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Greenwave Fast & Correct in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "Percentage of runs successfully waived", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 3, - "x": 21, - "y": 5 - }, - "id": 13, - "options": { - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "/^percent_ci_done$/", - "values": false - }, - "showThresholdLabels": true, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "table", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select * from messages where topic like 'org.fedoraproject.prod.monitor-gating.$test%' and $__timeFilter(\"timestamp\")),\r\nc as (select count(*) as finished_gating_runs from t where topic like '%end%'),\r\ns as (select count(*) as ci_completed from t where (topic like '%succeeded' or ((topic like '%failed' or topic like '%error') and _msg::jsonb#>>'{output_text}' ~ 'greenwave results in datagrepper returned True[^\\n]+\\[DONE\\]')))\r\nselect ((s.ci_completed)*100)/c.finished_gating_runs as percent_ci_done from c,s", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Waiverdb Fast & Correct in %", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 20 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 0, - "y": 12 - }, - "id": 17, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \"timestamp\" as time, CAST(array_to_string(REGEXP_MATCHES(_msg::jsonb->'output'->>-1, 'Ran for (\\d+).*'),'') as integer)/60 from messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median run in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 6, - "y": 12 - }, - "id": 37, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \r\n \"timestamp\" as time,\r\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*updates-candidate.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \r\n - \r\n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*uilding the package.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\r\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median build in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 12, - "y": 12 - }, - "id": 26, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*running.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*bodhi to CI.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median queue in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 15, - "y": 12 - }, - "id": 30, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*resultsdb results in datagrepper returned FAILED[^\\n]+\\[.*D.*\\]\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*complete.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) AND topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median to resultsdb", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 18, - "y": 12 - }, - "id": 29, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*greenwave results in datagrepper returned False.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*resultsdb results in datagrepper returned FAILED[^\\n]+\\[.*D.*\\]\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) AND topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median from resultsbd to greenwave", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 21, - "y": 12 - }, - "id": 28, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*greenwave results in datagrepper returned True.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*greenwave results in datagrepper returned False.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) AND topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median from unwaived to waived", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 5, - "w": 3, - "x": 6, - "y": 16 - }, - "id": 25, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n timestamp as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*testing-.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*updates-candidate.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median signing in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 12, - "y": 16 - }, - "id": 27, - "options": { - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*complete.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*running.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Median testing in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": {}, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 20 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 0, - "y": 20 - }, - "id": 31, - "options": { - "reduceOptions": { - "calcs": [ - "max" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \"timestamp\" as time, CAST(array_to_string(REGEXP_MATCHES(_msg::jsonb->'output'->>-1, 'Ran for (\\d+).*'),'') as integer)/60 from messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Max run in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 10 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 12, - "y": 20 - }, - "id": 34, - "options": { - "reduceOptions": { - "calcs": [ - "max" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*running.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*bodhi to CI.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Max queue in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 10 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 15, - "y": 20 - }, - "id": 36, - "options": { - "reduceOptions": { - "calcs": [ - "max" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI results in resultsdb.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*complete.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) AND topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Max to resultsdb", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 10 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 6, - "y": 21 - }, - "id": 32, - "options": { - "reduceOptions": { - "calcs": [ - "max" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*updates-candidate.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Building the package.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Max build in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 10 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 12, - "y": 24 - }, - "id": 35, - "options": { - "reduceOptions": { - "calcs": [ - "max" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*complete.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*running.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Max testing in minutes", - "type": "gauge" - }, - { - "datasource": "Datanommer", - "description": "", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 10 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 6, - "y": 25 - }, - "id": 33, - "options": { - "reduceOptions": { - "calcs": [ - "max" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "7.2.1", - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n timestamp as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*testing-.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*updates-candidate.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Max signing in minutes", - "type": "gauge" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 29 - }, - "hiddenSeries": false, - "id": 23, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select timestamp as time, CAST(array_to_string(REGEXP_MATCHES(_msg::jsonb->'output'->>-1, 'Ran for (\\d+).*'),'') as integer)/60 from messages where topic like '%gating%$test%.end.%' and $__timeFilter(\"timestamp\") order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Time to complete in minutes", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 37 - }, - "hiddenSeries": false, - "id": 18, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*updates-candidate.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Building the package.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Time for build in minutes", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 45 - }, - "hiddenSeries": false, - "id": 19, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n timestamp as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*testing-.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*Retrieving koji tags:.*updates-candidate.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Time for signing in minutes", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 53 - }, - "hiddenSeries": false, - "id": 20, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*running.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*bodhi to CI.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where $__timeFilter(\"timestamp\") and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Time in queue in minutes", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 61 - }, - "hiddenSeries": false, - "id": 21, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*complete.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*running.*DONE.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) and topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Time in testing", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": { - "align": null - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 69 - }, - "hiddenSeries": false, - "id": 22, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select \n \"timestamp\" as time,\n EXTRACT (MINUTES FROM (TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI results in resultsdb.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME \n - \n TO_TIMESTAMP(substring(jsonb_path_query_first(_msg::jsonb,'$.output[*] ? (@ like_regex \".*CI.*complete.*D.*\")')::text,2,8), 'HH24:MI:SS')::TIME)::TIME) as interval\nfrom messages where ($__timeFilter(\"timestamp\")) AND topic like '%gating%$test%.end.%' order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Time from testing to resultsdb", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 12, - "w": 24, - "x": 0, - "y": 77 - }, - "hiddenSeries": false, - "id": 15, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "7.2.1", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with t as (select date(\"timestamp\") as time, topic from messages where $__timeFilter(\"timestamp\") and topic like '%gating%'),\nc as (select time, count(*) as finished_gating_runs from t where topic like '%gating%$test%.end.%' group by time),\ns as (select time, count(*) as successful_gating_runs from t where topic like '%gating%$test%.end%succe%' group by time)\nselect s.time as time, (s.successful_gating_runs*100)/c.finished_gating_runs as percent_succesful from c,s where c.time = s.time order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Monitor Gating Success Percentage", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "refresh": false, - "schemaVersion": 26, - "style": "dark", - "tags": [], - "templating": { - "list": [ - { - "allValue": null, - "current": { - "selected": false, - "text": "single", - "value": "single" - }, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "test", - "options": [ - { - "selected": true, - "text": "single", - "value": "single" - }, - { - "selected": false, - "text": "multi", - "value": "multi" - } - ], - "query": "single, multi", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - } - ] - }, - "time": { - "from": "now-2d", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ] - }, - "timezone": "", - "title": "Monitor Gating", - "uid": "6q2qpcvGz", - "version": 1 -} \ No newline at end of file diff --git a/roles/openshift-apps/monitor-dashboard/templates/dashboard_package_tests.json.j2 b/roles/openshift-apps/monitor-dashboard/templates/dashboard_package_tests.json.j2 deleted file mode 100644 index f8b65f05c8..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/dashboard_package_tests.json.j2 +++ /dev/null @@ -1,347 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "gnetId": null, - "graphTooltip": 0, - "id": 1, - "links": [], - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 11, - "w": 24, - "x": 0, - "y": 0 - }, - "hiddenSeries": false, - "id": 2, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.5", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select date(\"timestamp\") as time, count(*) as infra_fail_count from test_query_tb where topic like '%test.error' and _msg::jsonb#>>'{error,reason}' like '%Infra%' group by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - }, - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select date(\"timestamp\") as time, count(*) as execution_error_count from test_query_tb where topic like '%test.error' and _msg::jsonb#>>'{error,reason}' like '%exec%' group by time", - "refId": "B", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - }, - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "select date(\"timestamp\") as time, count(*) as faild_or_complete_total from test_query_tb where topic like '%test.error' or topic like '%test.complete' group by time", - "refId": "C", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Package tests completion and error counts", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Datanommer", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 11, - "w": 24, - "x": 0, - "y": 11 - }, - "hiddenSeries": false, - "id": 3, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.5", - "pointradius": 2, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with \n complete as (\n select date(\"timestamp\") as time, count(*) as faild_or_complete_total \n from test_query_tb where topic like '%test.error' or topic like '%test.complete' group by time),\n infra as (select date(\"timestamp\") as time, count(*) as infra_fail_count from test_query_tb where topic like '%test.error' and _msg::jsonb#>>'{error,reason}' like '%Infra%' group by time)\nselect infra.time as time, (infra.infra_fail_count*100)/complete.faild_or_complete_total as infra_failure_percent from infra, complete where infra.time = complete.time order by time", - "refId": "A", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - }, - { - "format": "time_series", - "group": [], - "metricColumn": "none", - "rawQuery": true, - "rawSql": "with \r\n complete as (\r\n select date(\"timestamp\") as time, count(*) as faild_or_complete_total \r\n from test_query_tb where topic like '%test.error' or topic like '%test.complete' group by time),\r\n infra as (select date(\"timestamp\") as time, count(*) as infra_fail_count from test_query_tb where topic like '%test.error' and _msg::jsonb#>>'{error,reason}' like '%execution%' group by time)\r\nselect infra.time as time, (infra.infra_fail_count*100)/complete.faild_or_complete_total as execution_error_percent from infra, complete where infra.time = complete.time order by time", - "refId": "B", - "select": [ - [ - { - "params": [ - "value" - ], - "type": "column" - } - ] - ], - "timeColumn": "time", - "where": [ - { - "name": "$__timeFilter", - "params": [], - "type": "macro" - } - ] - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Percent of failed package tests ", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "schemaVersion": 26, - "style": "dark", - "tags": [], - "templating": { - "list": [] - }, - "time": { - "from": "now/y", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "15m", - "30m", - "1h", - "2h", - "1d" - ] - }, - "timezone": "", - "title": "Package tests completion and errors", - "uid": "PDzad5DMk", - "version": 3 - } \ No newline at end of file diff --git a/roles/openshift-apps/monitor-dashboard/templates/datagrepper_configmap.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/datagrepper_configmap.yml.j2 deleted file mode 100644 index bf3c209a85..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/datagrepper_configmap.yml.j2 +++ /dev/null @@ -1,49 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: datagrepper - labels: - app: datagrepper -data: - datagrepper.py: |- - # Configuration for the datagrepper webapp. - config = { - # We don't actually want to run the datanommer consumer on this machine. - 'datanommer.enabled': False, - - # Note that this is connecting to db02. That's fine for now, but we want to - # move the db for datanommer to a whole other db host in the future. We - # expect the amount of data it generates to grow pretty steadily over time - # and we don't want *read* operations on that database to slow down all our - # other apps. - 'datanommer.sqlalchemy.url': 'postgresql://datanommer_ro:{{ datanommer_ro_password }}@db-datanommer02.iad2.fedoraproject.org/datanommer', - 'fedmenu_url': 'https://apps.fedoraproject.org/fedmenu', - 'fedmenu_data_url': 'https://apps.fedoraproject.org/js/data.js', - - # Only allow ajax/websockets connections back to our domains. - # https://github.com/fedora-infra/datagrepper/pull/192 - 'content_security_policy': 'connect-src https://*.fedoraproject.org wss://*.fedoraproject.org' - } - daragrepper.cfg: |- - from datetime import timedelta - - ### Secret key for the Flask application - SECRET_KEY = '{{ datagrepperCookieSecret }}' - - ### Unhappy mako - MAKO_OUTPUT_ENCODING='utf-8' - - DATAGREPPER_BASE_URL='https://apps.fedoraproject.org/datagrepper/' - - DATAGREPPER_CACHE_BACKEND='dogpile.cache.memcached' - - DATAGREPPER_CACHE_KWARGS={'arguments': {'url': ['memcached01.phx2.fedoraproject.org:11211']}} - - SQLALCHEMY_DATABASE_URI='postgresql+psycopg2://{{ datagrepper_app_user }}:{{ datagrepper_app_password }}@db01.iad2.fedoraproject.org:5432/datagrepper' - - DATAGREPPER_OPENID_ENDPOINT='id.fedoraproject.org' - - RUNNER_LOCKFILE='/var/run/fedmsg/datagrepper.lock' - JOB_OUTPUT_DIR='/var/cache/datagrepper' - JOB_EXPIRY=timedelta(days=7) diff --git a/roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml.j2 deleted file mode 100644 index a9ab335fe9..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml.j2 +++ /dev/null @@ -1,63 +0,0 @@ ---- -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -metadata: - name: datagrepper - labels: - app: datagrepper -spec: - strategy: - resources: {} - replicas: 1 - test: false - selector: - name: datagrepper - template: - metadata: - labels: - name: datagrepper - app: datagrepper - service: datagrepper - name: datagrepper - spec: - volumes: - - configMap: - name: datagrepper - name: datagrepper - containers: - - name: datagrepper - image: datagrepper - command: ["gunicorn"] - args: - - "-b" - - "0.0.0.0:8080" - - "-w" - - "4" - - "--log-level" - - "DEBUG" - - "-t" - - "175" - - "datagrepper.app:app" - ports: - - containerPort: 8080 - env: - - name: "DATAGREPPER_CONFIG" - value: "/srv/datanommer/apache/datagrepper.cfg" - volumeMounts: - - mountPath: /etc/fedmsg.d/datagrepper.py - subPath: datagrepper.py - name: datagrepper - - mountPath: /srv/datanommer/fedmsg.d/datagrepper.cfg - subPath: datagrepper.cfg - name: datagrepper - triggers: - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - datagrepper - from: - kind: ImageStreamTag - name: datagrepper:latest - namespace: monitor-dashboard - - type: ConfigChange diff --git a/roles/openshift-apps/monitor-dashboard/templates/deploymentconfig.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/deploymentconfig.yml.j2 deleted file mode 100644 index 0910ec41c6..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/deploymentconfig.yml.j2 +++ /dev/null @@ -1,91 +0,0 @@ ---- -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -metadata: - labels: - app: monitor-dashboard - name: monitor-dashboard -spec: - replicas: 1 - selector: - app: monitor-dashboard - deploymentconfig: monitor-dashboard - template: - metadata: - labels: - app: monitor-dashboard - deploymentconfig: monitor-dashboard - spec: - containers: - - args: - - "-provider=openshift" - - "-openshift-service-account=monitor-dashboard-web" - - "-upstream=http://localhost:3000" - - "-client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token" - - "-cookie-secret=9876543210" - - "-tls-cert=/etc/tls/private/tls.crt" - - "-tls-key=/etc/tls/private/tls.key" - - "-pass-basic-auth=false" - - "-skip-auth-regex=(public|api/snapshots/.+|dashboard/snapshot/.+)" - image: quay.io/openshift/origin-oauth-proxy:4.9.0 - name: oauth-proxy - ports: - - containerPort: 8443 - volumeMounts: - - mountPath: /etc/tls/private - name: grafana-tls - - env: - - name: GF_INSTALL_PLUGINS - value: "grafana-clock-panel,simpod-json-datasource,grafana-googlesheets-datasource" - - name: GF_AUTH_BASIC_ENABLED - value: 'true' - - name: GF_AUTH_PROXY_ENABLED - value: 'true' - - name: GF_AUTH_PROXY_HEADER_NAME - value: X-Forwarded-User - - name: GF_AUTH_PROXY_HEADER_PROPERTY - value: username - - name: GF_AUTH_PROXY_AUTO_SIGN_UP - value: 'true' - - name: GF_AUTH_DISABLE_LOGIN_FORM - value: 'false' - - name: GF_SECURITY_ADMIN_PASSWORD - value: 'nbusr123' - - name: GF_SECURITY_ADMIN_USER - value: 'admin' - - name: GF_USERS_ALLOW_SIGN_UP - value: 'false' - - name: 'GF_USERS_AUTO_ASSIGN_ORG_ROLE' - value: 'Admin' - - name: 'V' - value: '13' - image: registry.hub.docker.com/grafana/grafana:latest - name: dashboard - ports: - - containerPort: 3000 -# volumeMounts: -# - mountPath: /etc/grafana/provisioning/notifiers -# name: grafana-notifiers -# - mountPath: /etc/grafana/provisioning/datasources -## name: grafana-datasources -# - mountPath: /etc/grafana/provisioning/dashboards -# name: grafana-dashboards-provision -# - mountPath: /var/lib/grafana/dashboards -# name: grafana-dashboards - serviceAccountName: monitor-dashboard-web - volumes: - - name: grafana-tls - secret: - secretName: grafana-tls -# - configMap: -# name: grafana-datasources -# name: grafana-datasources -# - configMap: -# name: grafana-dashboards-provision -# name: grafana-dashboards-provision -# - configMap: -# name: grafana-notifiers -# name: grafana-notifiers -# - configMap: -# name: grafana-dashboards -# name: grafana-dashboards diff --git a/roles/openshift-apps/monitor-dashboard/templates/postgrest_deploymentconfig.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/postgrest_deploymentconfig.yml.j2 deleted file mode 100644 index 6b4db27508..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/postgrest_deploymentconfig.yml.j2 +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -metadata: - name: postgrest - labels: - app: postgrest -spec: - strategy: - resources: {} - replicas: 1 - test: false - selector: - name: postgrest - template: - metadata: - labels: - name: postgrest - app: postgrest - service: postgrest - name: postgrest - spec: - containers: - - name: postgrest - image: registry.hub.docker.com/postgrest/postgrest:latest - ports: - - containerPort: 3000 - env: - - name: "PGRST_DB_URI" - value: "postgresql://datanommer_ro:{{ datanommer_ro_password }}@db-datanommer02.iad2.fedoraproject.org/datanommer" - - name: "PGRST_DB_ANON_ROLE" - value: "datanommer_ro" - - name: "PGRST_MAX_ROWS" - value: "25" - - name: "PGRST_OPENAPI_SERVER_PROXY_URI" - value: "https://postgrest-monitor-dashboard.app.os.fedoraproject.org/" - triggers: - - type: ConfigChange diff --git a/roles/openshift-apps/monitor-dashboard/templates/prest_deploymentconfig.yml.j2 b/roles/openshift-apps/monitor-dashboard/templates/prest_deploymentconfig.yml.j2 deleted file mode 100644 index cf835c113a..0000000000 --- a/roles/openshift-apps/monitor-dashboard/templates/prest_deploymentconfig.yml.j2 +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -metadata: - name: prest - labels: - app: prest -spec: - strategy: - resources: {} - replicas: 1 - test: false - selector: - name: prest - template: - metadata: - labels: - name: prest - app: prest - service: prest - name: prest - spec: - containers: - - name: prest - image: registry.hub.docker.com/prest/prest:v1 - ports: - - containerPort: 3000 - env: - - name: PREST_HTTP_PORT - value: "3000" - - name: PREST_PG_HOST - value: db-datanommer02.iad2.fedoraproject.org - - name: PREST_PG_USER - value: datanommer_ro - - name: PREST_PG_PASS - value: "{{ datanommer_ro_password }}" - - name: PREST_PG_DATABASE - value: datanommer - triggers: - - type: ConfigChange diff --git a/roles/openshift-apps/noggin/templates/fedora-messaging.toml b/roles/openshift-apps/noggin/templates/fedora-messaging.toml index e1c9313743..1f09f614b5 100644 --- a/roles/openshift-apps/noggin/templates/fedora-messaging.toml +++ b/roles/openshift-apps/noggin/templates/fedora-messaging.toml @@ -3,14 +3,6 @@ amqp_url = "amqps://noggin:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub # Just check if the queue exist, don't try to create it (the server does not allow it). passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/cacert.pem" keyfile = "/etc/pki/fedora-messaging/noggin-key.pem" diff --git a/roles/openshift-apps/poddlers/templates/fedora-messaging.toml b/roles/openshift-apps/poddlers/templates/fedora-messaging.toml index d18ce527a9..7e2d5f1a39 100644 --- a/roles/openshift-apps/poddlers/templates/fedora-messaging.toml +++ b/roles/openshift-apps/poddlers/templates/fedora-messaging.toml @@ -9,14 +9,6 @@ callback = "toddlers.plugins.{{ toddler.callback }}" # to (this is done in the ansible playbook) passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/rabbitmq/ca/toddlers.ca" keyfile = "/etc/pki/rabbitmq/key/toddlers.key" diff --git a/roles/openshift-apps/webhook2fedmsg/templates/fedora-messaging.toml.j2 b/roles/openshift-apps/webhook2fedmsg/templates/fedora-messaging.toml.j2 index 2c1acfe5bd..da695fa583 100644 --- a/roles/openshift-apps/webhook2fedmsg/templates/fedora-messaging.toml.j2 +++ b/roles/openshift-apps/webhook2fedmsg/templates/fedora-messaging.toml.j2 @@ -3,14 +3,6 @@ amqp_url = "amqps://webhook2fedmsg{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fed # Just check if the queue exist, don't try to create it (the server does not allow it). passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/cacert.pem" keyfile = "/etc/pki/fedora-messaging/webhook2fedmsg-key.pem" diff --git a/roles/packages3/web/files/distmappings.py b/roles/packages3/web/files/distmappings.py deleted file mode 100644 index 84f0f784f5..0000000000 --- a/roles/packages3/web/files/distmappings.py +++ /dev/null @@ -1,86 +0,0 @@ -# Global list of koji tags we care about -tags = ({'name': 'Rawhide', 'tag': 'f43'}, - - {'name': 'Fedora 42', 'tag': 'f42-updates'}, - {'name': 'Fedora 42', 'tag': 'f42'}, - {'name': 'Fedora 42 Testing', 'tag': 'f42-updates-testing'}, - - {'name': 'Fedora 41', 'tag': 'f41-updates'}, - {'name': 'Fedora 41', 'tag': 'f41'}, - {'name': 'Fedora 41 Testing', 'tag': 'f41-updates-testing'}, - - {'name': 'Fedora 40', 'tag': 'f40-updates'}, - {'name': 'Fedora 40', 'tag': 'f40'}, - {'name': 'Fedora 40 Testing', 'tag': 'f40-updates-testing'}, - - {'name': 'Fedora 39', 'tag': 'f39-updates'}, - {'name': 'Fedora 39', 'tag': 'f39'}, - {'name': 'Fedora 39 Testing', 'tag': 'f39-updates-testing'}, - - {'name': 'Fedora 38', 'tag': 'f38-updates'}, - {'name': 'Fedora 38', 'tag': 'f38'}, - {'name': 'Fedora 38 Testing', 'tag': 'f38-updates-testing'}, - - {'name': 'Fedora 37', 'tag': 'f37-updates'}, - {'name': 'Fedora 37', 'tag': 'f37'}, - {'name': 'Fedora 37 Testing', 'tag': 'f37-updates-testing'}, - - {'name': 'Fedora 36', 'tag': 'f36-updates'}, - {'name': 'Fedora 36', 'tag': 'f36'}, - {'name': 'Fedora 36 Testing', 'tag': 'f36-updates-testing'}, - - {'name': 'Fedora 35', 'tag': 'f35-updates'}, - {'name': 'Fedora 35', 'tag': 'f35'}, - {'name': 'Fedora 35 Testing', 'tag': 'f35-updates-testing'}, - - {'name': 'Fedora 34', 'tag': 'f34-updates'}, - {'name': 'Fedora 34', 'tag': 'f34'}, - {'name': 'Fedora 34 Testing', 'tag': 'f34-updates-testing'}, - - - {'name': 'Fedora 33', 'tag': 'f33-updates'}, - {'name': 'Fedora 33', 'tag': 'f33'}, - {'name': 'Fedora 33 Testing', 'tag': 'f33-updates-testing'}, - - - {'name': 'Fedora 32', 'tag': 'f32-updates'}, - {'name': 'Fedora 32', 'tag': 'f32'}, - {'name': 'Fedora 32 Testing', 'tag': 'f32-updates-testing'}, - - {'name': 'Fedora 31', 'tag': 'f31-updates'}, - {'name': 'Fedora 31', 'tag': 'f31'}, - {'name': 'Fedora 31 Testing', 'tag': 'f31-updates-testing'}, - - {'name': 'Fedora 30', 'tag': 'f30-updates'}, - {'name': 'Fedora 30', 'tag': 'f30'}, - {'name': 'Fedora 30 Testing', 'tag': 'f30-updates-testing'}, - - {'name': 'Fedora 29', 'tag': 'f29-updates'}, - {'name': 'Fedora 29', 'tag': 'f29'}, - {'name': 'Fedora 29 Testing', 'tag': 'f29-updates-testing'}, - - {'name': 'Fedora 28', 'tag': 'f28-updates'}, - {'name': 'Fedora 28', 'tag': 'f28'}, - {'name': 'Fedora 28 Testing', 'tag': 'f28-updates-testing'}, - - {'name': 'Fedora 27', 'tag': 'f27-updates'}, - {'name': 'Fedora 27', 'tag': 'f27'}, - {'name': 'Fedora 27 Testing', 'tag': 'f27-updates-testing'}, - - {'name': 'Fedora 26', 'tag': 'f26-updates'}, - {'name': 'Fedora 26', 'tag': 'f26'}, - {'name': 'Fedora 26 Testing', 'tag': 'f26-updates-testing'}, - - {'name': 'Fedora 25', 'tag': 'f25:updates'}, - {'name': 'Fedora 25', 'tag': 'f25'}, - {'name': 'Fedora 25 Testing', 'tag': 'f25-updates-testing'}, - - {'name': 'EPEL 8', 'tag': 'epel8'}, - {'name': 'EPEL 8 Testing', 'tag': 'epel8-testing'}, - {'name': 'EPEL 8 Staging', 'tag': 'epel8-staging'}, - - ) - -tags_to_name_map = {} -for t in tags: - tags_to_name_map[t['tag']] = t['name'] diff --git a/roles/packages3/web/files/fedmsg-hub-forward-compat b/roles/packages3/web/files/fedmsg-hub-forward-compat deleted file mode 100644 index 239f620546..0000000000 --- a/roles/packages3/web/files/fedmsg-hub-forward-compat +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/python -__requires__ = ['fedmsg>=0.13.1', 'WebOb>=0.9.7', 'sqlalchemy>=0.7'] -import sys -from pkg_resources import load_entry_point - -if __name__ == '__main__': - sys.exit( - load_entry_point('fedmsg', 'console_scripts', 'fedmsg-hub')() - ) diff --git a/roles/packages3/web/files/package_128x128.png b/roles/packages3/web/files/package_128x128.png deleted file mode 100644 index d566f361a293b665c83333df04fd141224bf4af6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12266 zcmVPx#24YJ`L;(K){{a7>y{D4^000SaNLh0L01ejw01ejxLMWSf00007bV*G`2ipoC z6elHo33RFe03ZNKL_t(|+URDSl`LtjfbjD@H=U%2x%e6i85myaI_5LK5=g-rU^ezRo?b zz2+GGW6rtOm~+j2&bc=v=O&&FJNur!_gZ_cHD15*8)J?I>^ycJJCEVxw)b5L0JuHA z?mYexK5l>S56*Q8am`gb7vvwE0{rjSyzaJZuKLWa*Ic=~d+(Y@mq*|oF;9P-II#xj z_^FQR=xy)2@;3nB2`_jzzVO}`%Vj^bN#xa=rJzx5hmwx3-fBXZNB;ntD^-FdX z;L-TtX5k3M%fv*)%y5p?IX<75KmWz|{=lDq=6}6n{G_M|w_g2&I|}eSW%uJ418|TzD{M`#{Yil?E(ZBuA0C3S2{{y$Y`$hQhhrjEQ6XtfrJpJ*(|MFeu zUGhzr?x%JM1VB{)Rj5jMil`Ss>pgid5Z}Jw8(w=a_E){Cob@)c|nGRqw}N|JI9fgq3zW?})*ZdJKdD#c>xpzK)M*+6g zoqy~tgZI9C-CL{Qz2u5NiC2iDA%gZGkw%TvQPZGt{HD*n`}50RX^ffA@QLFu+6o*ni#IasD%ZWbpp2AO7Xt<7W1`qV#-fnzvo>?LYc=8|~-z z5B;=`CWql108KzJ#{wNVga9HCRUm*wcoA(|PpubtX>ag?=Uw{BKRXBjpZ)LOjio2}o7e)vP%a_t_GRPa}>e-j?_w4dtZ7>7u9=SSXhhI4wk55WeMD8RtFuf7^zy6ErlPcD6P_g)hIJs$1HcVh)A_ovbnTaN?zU`C0_1s^Emw$HYkNo8)0O0!HybMo!-CzCVRe%RR_6s=U zJASSgz!g^j0PeW%m(QN@e7O)k2f*bZetfVv2ADu_07#jMqM#!{L-;#DcPIdmLP@c* zcI=)_4`^oBZCFwhF$vg`7obi_)V|LIM@$5O;j|^}T~}Ox{o5|PPFnrmr@ij4jsw8; zzww=T+K+zp(TxG*>YvBwo^k?Dz4*<8&+hquKlcpg=Gm&a4CJ0o@sdS%3J`;cG`<01 zXYzAG%G;CGc6tCn1ZX|**ra3EM}G_eu6@g8m|ZxGZ+Xq9AKf7E{ty4uc@vB-SI~0^ zbh#3JO%O06xpg9r!X^+i01ieCMp6zXYo$pU*jQ$;M(C)?k(awH1$c_1JpjWhs{>`yKA1bs974c_?K=Bxq z2n{oF128qpM6?e7dmn%6Gv73UKJQs?`1nl#aP5EnHazPm{`T}&fE)h!wYd11?+6z3 zr>}ebXxx04f-hs{%ZTWFB^TK<7X`)&BBB(_JJ9B!l!VKXZ0Q9bE*|%mo+&}k)OAY1 zF$O?7QAgpUCVT+UwG#))%>c6AJIzj+Hp2qcWdt1-NJ^ptB7&d?jLeJ%ASMM9bkgE6 zG-+?V_Sc^NXU}}{<^PhN`%CTbymlX6`HsVPgn-tszkFftEWod*lA~a;3?(KGxmn?+T~}Zk3g30^HBqk7a~KO}vpp9$AiCkm z;X7qz$7sg0^W&K@W@knij~X=WIz39reX?>C&4|>mQ7~xjvdM?U3n&z%1P*B|p-~V) zcP;Ls^UvCMC2;u7r*$ph%m3%c0RVHe^RIWTP)cR9E(G^h4~~L%#$sJv_>{Z=$L}Q1 z5uY3tfbHMuH~KK4U=TZk5=|x(h;IQEFcgjjjseF&!$89d$AqStNeN^M8{v3TJz!dm zAbm!C!3bR;37xW22S6yxWQYLg7>is3~d?F1?wq#gth zA^{_RI!9=BKNiixSx~>;RsRgJ)Co1O6e9BiR!LATByp}JCTuY?96@*QUOe+xUx@R6 z__vRo-qpayxfd_Y%|TTN>7pdBX*~d0i|1Y;I?Hz*m8v~p?6+r{D)fjmV%ES>`3M~U z?Y)Pphe`{T7LXPY4`|!Jr!8h@7x34A`rmN>5@G&=XTi6M-15mmqX)0rm0OD?w5O->%~+-~4p=Be&p&Yu}F(x({=Y z`&PK|LQs-U36g*@@B+0^QTGBEdV#JNk!W^y1`BfwZv=qfdF8&-GYh!xU9Wid`Hy}4 zhj)!uRYeHof)J7dFq`;otU8iA3FHOAIg{qm5GxR(2SF!zH7R2U!V>6=7oM4M&z-m8 z=zVu%VPO`#=4LQAGs0-(0^3(4gcQTb`q4YF|Bipag!kf%$2<||J?3k$cK^-rYfBO2 zXdU&dY)&3^89|*q5)rJed)~3d-la(b^#w$GJ>sP0UBTdiUz<;G(SI!xrO;R zhHPNp=@kM#_Rg0)_puj#<6kT`%PM|C)(Vr0?*SlJ+&_2mzZWp)ynYb|f_HI9b$?Af zfUN^$BoUz*&Eb|${{_~Tk6~ecY(fBoiDLpvy(C>Ef^3)UuH?>TUgZoB1+U;Bpt+1`Fy5kZc|FWR-R09`&t9of-c z_~h=({5*Hx3hUa76cIe&2NKW>ia;hbn7Tk0LIQ zf;`RzZ3!SU(T)hr4emWoXk`%#I*WOk!E8H5({R^abkf&A0oC1*bH5gH|K~xg_u-3Q zxEtqP@I)*uc(ljvNv$Cp7m_-5FfSzaoB+|n{2b=z=H3Y4XaC|qorCB7%E9eb0GfXR zuKV4WfA5~N&WB%H(pbg|8jqUbd&ATSbb6wPhe9Wq6p?%3Bc+y~N2_yj~Cd`I~ zlGI58?ocu~l0#Hf1Gx`1_Pwrj41gOf-}fafEba!)jxd@VV~!d$jRWhc!J=5$g?L3P zf*BR8t$Wbi*;v$NkQ~SDcdX#7b1%TI(JI;#_Zb0)hEwYWV%@pw1soF=_w2^P%=;7Lc@dZr9$Ij$HsQ!TL=}Hd#Go-8?-}gwopc^so!#8FT0=Rl}@-q+kvMr@(F$ zkb3gl(AeZ*yLnIkNeR@2o+AJPCIzd<@}$AxCB@?W2x~{~#9jN3;Ap!CZf=gYo--#Hh;uO3m8>*VpgsMB}gEtb}^vTo)LT=W*H z7og9Vt?)agqn>0UFnBbE8_mPF>zJ%OfYlR6aOVww4(FPf269aG0Enqbp1MVVRKO~s z#t>f_g2PLKNlVzbFu{mdap(RC&OGxR%<(dG?brYd)Vu&8)do}-ckOn+`HBa=k)C<` zP1_m*yw@uh_nrY+x`UF&X02JpYu?3ESgH*J)Hm~{C0ZRv0GAUfV}!v7CNWk$RcipLno|wYkSVl2I3{=o?mOnOcK>ml zw{MKe@*x~vXUxy;!roaAU0do%v(!OE1r}feoFm$^XAce>n7ImA`SER4fVo|JUOY1z zW6iI3>*#x-b6%tGtRFq_%h*9Ou0N7D;I15uRM_DL)XV_nuzc(gmJaX7%y(Dy(?cRsEW*IVB>C@U03lPJxVt!!`^9u|A9ys#jsW|npE5NnyeCZW? z&;45Xl?OB|o8U@1XRV*iiRBF&edjLcahw~tW(@EMD@#YPeDo03SC2y1PhjoD1K7QL z7xwPjjs17rhSik`mR8pBz|mzat$2(^jFEF_;;VBE?pnhhA{~fUYK6}oiU(M_SdNAX zw;wox$=%2Bg!31m?JDj)!I&E@VE4>A{A8^YfARuEfH0w9*2P_m^tK<`^G}KBliT6} ze5+UNIpaLY@?8|VWr}W}4u#jPzsrl`_lX;@Yd~%mt1C-5aqI!Coj44Yb*vt}7mEw? zSXh|F`pN|Ne&rqaSRc~=WjcVPk-@#JmsP@uy1hzhn8kBJ8H1tR?t%gp+{iX!aNpt z@A^^T$Qv$w;v7D8%gV#20Dt|im%nV^IZuFJJF3vO$m6&ZdTQJtc5uxYll2y>E61_2 zyoBYYqgY=#hM9)2clR9Jy5R2phjHJLW!!b|G2DIcae#o?af3L70rRsXILBz1y4Pe$ zS^VXmv*)Zbhu$O5NtQ^qqCsSsyMe$%gUd$B&^U&u;!`&t!r$I>5a06k=i^&w?4jje$y2p4N zT=&Q^&e$^-PLzWXoul|Sckjo(x$qqh7chI@#n@}U!zMy8dOl#&;I3Q7f~gW>FhL&- z*#p146j7JW#7D}sk zKd^#(ZaRRa<#jX-M_~dNp0^upQz+DtbaI)*>7r5P6`6vhi|ia?l2UbZ`_ZM-*69}@#J%H z_JwEQ{$sOfa2)e)hO|o;Y*| zomgH$>nGSXH^%(zDCFeL2&-#~BTK7TTAp+z+s;Ic57vzOqny@NGor7`wheb;@PahyfxY2!Zz= z;svd5;aiW^w`kiIZ975RdQ2uQChY|6WP;Xvw5>zYEOLMOMdOP4?JxB0N20gN`1`ZE&%&wFewC#wU)3hE_Xv3 znY;L^Y6MPzN_^FPA&2x$__=Zz^2YWYf@9|~yGRTLg2=_c$q|?u5Jx=14$d`bMj`WH zw#BQmf~lsPx#x>0{v(bNL;Qc=3KmhkcUt&K3ojE$ z+oJU?r1fZ}4d3yhe?UZ_07l~(EX<9u|JG08ML&5pU3wAlsaqf75OD9G{}|5wp0{Fk z*tIij^2@ zg`|>jtj`M*d>Z0F{X&lZSE$=xUnip6>a)M&F`-{w6uzdW#}5z)RKm855HeJO5z_Y} z>7!w98uwxUCIYB+Xpc5JIdl^NCnx+-?z@jTYm;&M>+fDiz0k5@CrO&5I#4z%*mbks=+djHYw zju0s0B*?6(z$kwlP^TK^84#yyru`B&8bPF`eu?A5$ODinL_Ab{*V$@MAX!c5kwf>n zCebMkFSfZ*)L9q?0+A>bveuc$oeY%OeN(1n{XW7Wh2!d0?skRPbm7$~Zht;x_Mf&v zJ! z4i=--zGL@607UcSgE^n6`zVgJt{}DZDZZ1Ghel{84kCVg8bVU+)o4Y@0jTusKRQ<{ z!L?FyJ&04Z!iQB~A zm#E~nZ?#|fo7V@r60xy*>LX(Oj@d_cEZTt+irZ>eRT)H;ht~siKrUK!=+X`UrY=^R z_#7|3CPg9XaR8;TU~q#P5Tv~T1B%vw-l*?PQnHw!|9vvyLJfLMDJj|54vjb1hBXlg>KRq4k)v-?mdS^Sjh-*Q5AO$wa%~?*xlp zQLXSxB}>9r)yyc$aM^*qBvgU%Qrc%(YK|ofJrAb`NbA{5+|?{+HmIKn;(b_qXTyTE zqRx9n7^KwA+tCJ9S z;)t|DCdxK7rBg0f9n8zoaN#e#Wo|0WoF3E3zznD6*SgvAeJ!1(4NlZArjI5j2uwdptn8_|woT(1(I7_g3VHwu*|Wx9YeL zRq02qs0`9G9pw0dQYH%Cg41ybs_9wxJ8>Tp2e`n1&MaqB%{`d`roC)?9Fm>0#ZT!w zUAQ#YCBCl)>8kOVSsMAUW&vs9Rwexjs9mF_r#C+aauk`6; zN=-J{hZbXCGEaiuo%j3H0gWXYc=JY37VM>cNEZf5u0gyZti)gq?XOL-;dXcco7PtZ zV&k*T)2y{wP60z9T7KUG#I)_S++8!Sp-LVk+ZCS{JOMU?MGjY$|pMAn3r-g91%s_Ed|aP$yV1NWB&=C58^< zKoy$B`}|lW_q5xS1sLkTD8>v5EeXg8bsLFwvl!B#n5$Vb&rOF=IH|PH$|RmF30F zK5VI3G%w5MR-E$_3D^xX7rRYbvRxD!6uG}HLrXXo%84eDsYR}uw<{}{Q~|Fb8!op4 z1OgRHnpXMR!gn?Td)gHN@_pEJa+**EDQE5}`m{8!JW4VxDXlu^9ZImLsNo>(Ru5}& z{+fk19iFplHPb5T@Zwl$$b9~b4)jMjw?U9r6o zRD7rGJ+z@CN2yUMYn+88Zz6qdnK)A$fK_ga^sn?ljtpQWL)~WKGLb~6T|28lxzRk> zMUD?H4b(hk(@0Eg-s~`~cA!%l;@vw#XNskmb8Kb)4EXY69Z2o8|`7Fw<}U+q(;kEQNLYkY%l z#935;oQ?ltYsy>b5)xx584k)DY;5YieGMUyq9CC~r?e5aD2OW-kd-~_^s!nuTF|;w z^B!i~t_U8~St?4F zA^mLA99T;c#&no1D7GyG&<1fB6&INZ8bfF5Fy3q7-iH}Q$p}`OF?Ekea~cxgLG=UzaJ0xE&rqH!9I;S*$5SMAu3nQ@lsbN>UP-H z&0Uulp%QOx&a6{N7qQ1nn~*Mw=^4eqduUNo?pmNW4r5v?C{;XJB}DaE)OMAFyXH;F zsNdn*zKZrv>+{!Iskh(&RAEVQwSZ7iPZgz-QAqx~Ll0AW4=udM2E@#!-ea28Z?w3@ zd`C2A9k;Cj#bgs*)U^9E}KGobh&W*a{E5Fmxi&N^zk3AzPx zmfkYdScz$Jkg_|X?BtOiW`#W1mX!NmItwJV(&Qo5T}!_pquW+;H?JneQ_}$?1t3;P zHz-0YWoM1QU7nv7oPnhLdWHh=W)}*0DR!R#01sYC zL_t(q(7Ku->=F>_hV(J21**)=l8L*t0l>|0#gG8n80?j;UD{_v<{YxsP@9E9Y*RT{ z4galLD^cd|RHjj_1M1h3Ar(w8C^2t^J|5QawN@8U3;~v9I%O+LR^ubAq9Ri=sRD247R9PO_9U8VlBLbLMx#|^9oyr z;)@EKR+e*T+_~5$uOTs`)0bkCPFK`v1uBJX4ECrLET#{H$UJNTHc7V!1X^vS4$KMi z1&cb&-wXO!yY+NtWo&_pby^%Q$tc4|lw_1y(rXlC*gsfL6-zRzLd!3{exw0Ua)^u z>jNm-xvEMA&F20PHmKp7ku+3#7&{NZu3hN5kNb0`S{REB)+aH)@~f`^nn)kR-B;N` z?bimN1dQ76qeHzG9?GYYA)l~RCR6&lo2)GMFK*G*6$^)H*2DH?nXk!wRRErDofc1(+YVLk%`4uhxKC$Hu01sv29SwThqx z)8!y0ttYLL7igql7N>fTvW#1L3EH3`MUin0c}iL%fHuk~Y83Ofm4giykRVDbRq0}NqwMLPoWKscp zS?01q!=_@$M?i~p1X}G4)GdTUExi;fy@53@fs9w8?Zg14>qW@`7Ojykwn;Kid1zoY zQmK6DkaRIaq?9n2&{22AI`BfYL1U;TWyDx#H$+Ob+8?2)?_=OSQ0Xry+tY1jk?LJf zry^561=nwH_#RwQLf)cNnZ2@61B2Q@>WkOuv~JasBvX(&2-~RZ#tx{&6#BTfp3(9i zrMJ-G-v&cy!9Lb{87*5lm?$E{e#e3dCTwwV7@suW%XS`bd75s9Y-c7@UastC{1{p{ z-e#?zCZ6ZSmL?@CTrs6Oc$iO2Wt&<_02MB}o5iOv6Hfb1U^VBL@e#KFUE_Rz>dViY z@f~55T$&Y(0h^aMcow5+&2+S+xZQB|-UDn|_^0Xt`t3B1ixtf#Rdn7Uh6b^Dx%PQD z;%(K%l#3In>vDNXdADR%B9dCBrHhqap(y3u#XjuR?XJN?^X3(Sn2f^k3`I>tO?*xb z8N*R;d83G!1te-q(ROB$!f*uUTE*j%Y$ij_yBOINv-KaM5McZI$kf40#7od2!W}d_ z)Z(M2Q_tLK4)$PL!b>1Wm9eyWHbAiR1!YjR)2vKuu}9DB>871VHS94Z>&WH`Odn%g z>rgHfU`qrcpQ811aeTdY3yKrS!40TZVY3Ypo2`;9E!O44@3pb*IoPvfY;9*!B|W3s90Zd+*ttQ~#Uh1bnpweG%aR7;<1oMy zGJPPn$BWHDPxr<*oakk&~TEnG2` zxtS6M9+U#u-$}xc3ZUWcRoag~ff==yz>e4qK*KiqXtul@+?R#T;HH%Bh)KPQ?WNc@ zbO71ZPx>^o7;dFnd3GtDWG!J*EPd0$(nV1WfHLz3P3c(B57a8xQK+CFu2oDVRUHf> zu?kQN19YkiK$Q@XtbbHCdkk)|lBQ#JDxBZ$WzbGVTA8y4l%ZzhKDmDpPM?V;WKn@GZgKAf4PqN>NZFW1x)c{q{~y0czkcd4W;3 zAfwv;m4iSnZtf%~EZxRo)6?ILeKW|Jtb*wDc5h0SX5zh0oi|+T$J33MfRPN!xHK3( zHRJ%O1}af2qn}isHZozLrUX^gc(ULxxfwx6lh&(rR#3HNVvr6>4lG~INEDhz>yiPL z*+lIPhB+23)=DLxUIMvFonOs;`xMzk^Xv{L1qGZnb=td+*kjOQdHn`%S%+U5O#y>b zwTVvw{JHo; zHf#-euo%t*!K;qw240j@X2ho^!+grr-oCNZF5@)U9WNt@S z8}Wj{9Yw7aY+E@Q9;Eu(-8p?IP3r!$p$DiIhq%v}Sm}}dvnw}?+ zd^}8ADP;0tDHc&kD#VDLLYDLLsf679jtr-es>!=+D|SV4x_iJA)I6EJS+wyU8Q)L| zdlecht47wc!eUBFQ>22Mh5_DU2EY{@Fe>ldo%g00#+s}p^>N!;e#icycimL9TT^yh zTI$h1`tMRPGl#5a$otufn@$$gu$je2MQqMILt^GMzrJMV0`})jJ?p9cg&}jP({{Z_ zC_bayqf_@;hXLFs9$?cnkT%H#(sLBvOt-Nz2a;~h4T`QSZq7a)mjL8~*C39zP0TFcFx;hYWz3!9u-& zh~wwM!Z`{e=x+E<*asy&49BWLNtmhgHgUIL5S$}u8x^IYD7?524Z`fLK3qX24r?kn zoF6lXyOr_qeUO-K0b&QR1Cfg|!E%MaDW9@cBB&I)_3`_N5(4V3Y6NW(r4p=%i9m?2 z=_HszEYQv}`&21xBT;A^PR;=wm5QTvGl$93X#h1rqF^;#7-_-mpsZmZ9JZ0Tt(q{R z(F1@1b`GjOcnSD$9L|Fs!7GBLdg?+Lse&mCz$79Nd9Y(R^l4ZjuaI^Ov&{q3Nn z@Zc~)mix4o+2EIW>;WsdSiEsiw9t6WFs-W!iamP-A%J6}t57%|CKvCm9RH5jN=##I zIA;$ALx>UVUgEYg+?Eu8L#s?K9Q?j08;^89KWsckY#IhA+grs5e-fVy2aafa)>&v) zyeO$sx_~j%p;f?76y5_~1(Pq`s!($upc|q61>KJh@$m`)+wX~ zCIX01hap76IC^ObZKLolVIqJRh7-Vhf)`-o8IB1e>8>Mz#$_RRA+R#MS2!Yw5;*RI zyL}NvIjSFZH>hld&?v!sLdy&+?hBv*MERRv6hRy-U#cpttaUO-F`38BHaE!eqOS~fR&B8K=D zjvXf6!*Tz6KJK#>503X34t)Uq{f0$79Od72@fg$lY?P;0T0p$O#or-fs27l9h)B1O zfFp8aB%=zFlv;Jt|)%>eFr}a;J%0f)}x%fk)L7}MKrYZI2)vGD3T%gji4Z9;x#q;9<>X;?Xp zx?>`0J!IS{ueIc78g*+eWVQjXPQpIB_dUsoloR950JQ=cJMdZyKhq#=J5pYmkjys9 ztKIKHMy%{(-q9Vi1FuftXGd_WEo3g+HoU*qLPo(Mbje&RkZ}WEOWRK1XUA}>>;2#9 zd`AxCqc|J^6Av9X%4-uknQgUU@K=ts%LkA6g8;4r@P7du0I(LH6XOk}2n(AkfbB3X zS-_+SdjXsuUq{6@DVvZjzS`7XcD9}RO2#uITKiD|`vDxO2tI`ZyUnHwun`f|6oio5 zqz&oR##ik;ut{0K0&^dqZSij@gg*d-w1xDqRukaLlcunXI|}gCRRAq=`TkzBy_=tw z3E*TDU|Ma0i`Omppzk~$5~a|JN6-rTukr$05g1{xD0FIxaYq5R&nsYxwJSDQCU!Cc zE6X`MasKqh2iQ#TUroX72> - Header unset Cache-Control - Header unset Etag - Header add Cache-Control "max-age=2592000" - #ExpiresDefault A2592000 - - -# we are deploying the packager app that is part of the new Fedora Community -Alias /packages/css /usr/share/fedoracommunity/public/css -Alias /packages/javascript /usr/share/fedoracommunity/public/javascript -Alias /packages/images/icons /var/cache/fedoracommunity/packages/icons -Alias /packages/images /usr/share/fedoracommunity/public/images -Alias /packages/_res /usr/share/fedoracommunity/public/toscawidgets/resources/ - -Alias /packages/tw2/resources/tw2.jqplugins.ui/static /usr/lib/python2.7/site-packages/tw2/jqplugins/ui/static -Alias /packages/tw2/resources/tw2.jquery/static /usr/lib/python2.7/site-packages/tw2/jquery/static -Alias /packages/tw2/resources/fedoracommunity.connectors.widgets.widgets/static /usr/lib/python2.7/site-packages/fedoracommunity/connectors/widgets/static - - - Require all granted - - - - Require all granted - - - - Require all granted - - -# Temporarily disabled until we can figure out how to get the moksha -# javascript resources pulled in with `python setup.py archive_tw_resources` -#Alias /community/toscawidgets /usr/share/fedoracommunity/public/toscawidgets - -WSGIPythonEggs /var/cache/fedoracommunity/.python-eggs -WSGIDaemonProcess fedoracommunity user=apache maximum-requests=50000 display-name=fedoracommunity processes=8 threads=4 -WSGISocketPrefix run/wsgi -WSGIRestrictStdout Off -WSGIRestrictSignal Off -WSGIPythonOptimize 1 - -WSGIScriptAlias /packages /usr/share/fedoracommunity/fedora-packages.wsgi - - - Require all granted - WSGIProcessGroup fedoracommunity - - - - Require all granted - - - - # If someone tries to access an icon that doesn't exist, - # then send them to the default icon. This is used by - # fedmenu, which will request icons for packages that - # don't necessarily have them. The UI will look weird - # unless those get magically redirected to a nice default. - Require all granted - ErrorDocument 404 https://apps.fedoraproject.org/packages/images/icons/package_128x128.png - diff --git a/roles/packages3/web/templates/fedoracommunity.py b/roles/packages3/web/templates/fedoracommunity.py deleted file mode 100644 index 4bb5213755..0000000000 --- a/roles/packages3/web/templates/fedoracommunity.py +++ /dev/null @@ -1,7 +0,0 @@ -config = { - {% if install_packages_indexer %} - 'fedoracommunity.fedmsg.consumer.enabled': True, - {% else %} - 'fedoracommunity.fedmsg.consumer.enabled': False, - {% endif %} -} diff --git a/roles/packages3/web/templates/packages-app.ini.j2 b/roles/packages3/web/templates/packages-app.ini.j2 deleted file mode 100644 index a80baf8883..0000000000 --- a/roles/packages3/web/templates/packages-app.ini.j2 +++ /dev/null @@ -1,238 +0,0 @@ -## -## Fedora Community Production configuration -## -## $Id: fedoracommunity-prod.ini.erb,v 1.0 2009/05/03 23:38:07 johnp Exp $ -## - -[DEFAULT] -profile = false -debug = false -profile.connectors = false -profile.dir = /var/log/fedoracommunity/profile - -# This is required to avoid a 404 error on, e.g. /packages/python-webob1.2 -disable_request_extensions = True - -#email_to = lmacken@redhat.com rbean@redhat.com -#smtp_server = gateway -#error_email_from = fedoracommunity@fedoraproject.org - -fedoracommunity.extensions_dir = {{ pythonsitelib }}/fedoracommunity/plugins/extensions - -fedoracommunity.script_name = /packages -fedoracommunity.connector.kojihub.baseurl = https://koji{{env_suffix}}.fedoraproject.org/kojihub -fedoracommunity.connector.bodhi.baseurl = https://bodhi{{env_suffix}}.fedoraproject.org/ -fedoracommunity.connector.mdapi.baseurl = https://apps{{env_suffix}}.fedoraproject.org/mdapi -fedoracommunity.connector.fas.baseurl = https://admin{{env_suffix}}.fedoraproject.org/accounts/ -fedoracommunity.connector.icons.baseurl = http://dl-iad05.fedoraproject.org/pub/alt/screenshots -{% if env == "staging" %} -fedoracommunity.connector.bugzilla.baseurl = https://bugzilla.stage.redhat.com/xmlrpc.cgi -{% else %} -fedoracommunity.connector.bugzilla.baseurl = https://bugzilla.redhat.com/xmlrpc.cgi -{% endif %} -fedoracommunity.connector.bugzilla.cookiefile = /var/cache/fedoracommunity/bugzillacookies -fedoracommunity.connector.xapian.package-search.db = /var/cache/fedoracommunity/packages/xapian/search - -fedoracommunity.resource_path_prefix = /packages/_res/ - -# Git settings -git_repo_path = /var/cache/fedoracommunity/git.fedoraproject.org - -# FAS is locked down so we need a minimal user inorder to get public user info -# to unauthenticated users. You need to get a locked down account for this -# and fill in the user info here. Never check this file into git with -# this information filled in -fedoracommunity.connector.fas.minimal_user_name={{ fcommFasUser }} -fedoracommunity.connector.fas.minimal_user_password={{ fcommFasPassword }} - -# This is insecure, use only for testing -fedora.clients.check_certs = True - -# URL for getting message history -{% if env == "staging" %} -datagrepper_url = https://apps.stg.fedoraproject.org/datagrepper/raw -{% else %} -datagrepper_url = https://apps.fedoraproject.org/datagrepper/raw -{% endif %} - -## -## Moksha-specific configuration options -## - -# Where to store the feed caches. -# -{% if env == "staging" %} -feed_cache = postgres://fedoracommunity:{{ fcommFeedCacheDBPassword }}@db-community.stg/fedoracommunity_feed_cache -{% else %} -feed_cache = postgres://fedoracommunity:{{ fcommFeedCacheDBPassword }}@db-community/fedoracommunity_feed_cache -{% endif %} - -# -# Feed Streamer settings -# -# Max age (in seconds) of each feed in the cache -feed.max_age = 900 - -# Timeout in seconds for the web request -feed.timeout = 30 - -# The number of simultaneous connections -feed.deferred_groups = 10 - -# Where to initialize and store our application databases. %s is the app name. -app_db = sqlite:///%s.db - -# The location of our Orbited server -orbited_host = localhost -orbited_port = 9000 - -# Stomp broker configuration. -stomp_broker = localhost -stomp_port = 61613 -stomp_user = guest -stomp_pass = guest - -# Optional AMQP Broker. -#amqp_broker = guest/guest@localhost - -# Documentation directory -docs_dir = /srv/moksha/docs - -# Moksha chat configuration - -# Use a built-in IRC server -#chat.backend = irc://localhost:9999 -#chat.builtin = true -#chat.backend = irc://irc.freenode.net:6667 -#chat.rooms = default -#chat.default.staticRoomName = moksha -#chat.default.roomAssignmentMode = static -#chat.default.display.greeting = Moksha Chat -#chat.default.display.floating = true -#chat.default.display.floatingToggle = false -#chat.default.display.width = 400 -#chat.default.display.height = 300 -#chat.default.display.theme = simple -#chat.default.display.resizable = true - -moksha.extensionpoints=True -moksha.csrf_protection = False -moksha.csrf.login_handler = /login_handler -moksha.csrf.trusted_domains = admin.fedoraproject.org - -moksha.use_tw2 = True -moksha.livesocket = False - -cache.bugzilla.backend=dogpile.cache.memcached -cache.bugzilla.expiration_time=300 -cache.bugzilla.arguments.url=memcached02:11211 -cache.bugzilla.arguments.distributed_lock=False -cache.connectors.backend=dogpile.cache.memcached -cache.connectors.expiration_time=300 -cache.connectors.arguments.url=memcached02:11211 -cache.connectors.arguments.distributed_lock=False - -[server:main] -use = egg:Paste#http -host = 0.0.0.0 -port = 8080 - -[app:main] -use = egg:fedoracommunity -full_stack = true -#lang = ru -#cache_dir = /var/cache/fedoracommunity/data -beaker.session.key = fedoracommunity -beaker.session.secret = {{ fcommBeakerSessionSecret }} - -beaker.cache.type = ext:memcached -beaker.cache.url = memcached02:11211 -beaker.cache.lock_dir = /var/cache/fedoracommunity/beaker - -# If you'd like to fine-tune the individual locations of the cache data dirs -# for the Cache data, or the Session saves, un-comment the desired settings -# here: -#beaker.cache.data_dir = %(here)s/data/cache -#beaker.session.data_dir = %(here)s/data/sessions - -# pick the form for your database -# %(here) may include a ':' character on Windows environments; this can -# invalidate the URI when specifying a SQLite db via path name -sqlalchemy.url=postgres://moksha:m0ksh4@localhost/moksha -# sqlalchemy.url=mysql://username:password@hostname:port/databasename - -# If you have sqlite, here's a simple default to get you started -# in development - -#sqlalchemy.url = sqlite:///%(here)s/devdata.db -sqlalchemy.echo = true -sqlalchemy.echo_pool = false -sqlalchemy.pool_recycle = 3600 - -sqlalchemy.pool_size=1 -sqlalchemy.max_overflow=2 - -# WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* -# Debug mode will enable the interactive debugging tool, allowing ANYONE to -# execute malicious code after an exception is raised. -set debug = false - -# Logging configuration -# Add additional loggers, handlers, formatters here -# Uses python's logging config file format -# http://docs.python.org/lib/logging-config-fileformat.html - -[loggers] -keys = root, moksha, sqlalchemy, tg, auth, pylons - -[handlers] -keys = console - -[formatters] -keys = generic - -# If you create additional loggers, add them as a key to [loggers] -[logger_root] -level = WARN -handlers = console - -[logger_moksha] -level = WARN -handlers = -qualname = moksha - -[logger_tg] -level = WARN -handlers = -qualname = tg - -# repoze.who is noisy by default -[logger_auth] -level = WARN -handlers = -qualname = auth - -[logger_pylons] -level = WARN -handlers = -qualname = pylons - -[logger_sqlalchemy] -level = WARN -handlers = -qualname = sqlalchemy.engine -# "level = INFO" logs SQL queries. -# "level = DEBUG" logs SQL queries and results. -# "level = WARN" logs neither. (Recommended for production systems.) - -# If you create additional handlers, add them as a key to [handlers] -[handler_console] -class = StreamHandler -args = (sys.stderr,) -level = NOTSET -formatter = generic - -# If you create additional formatters, add them as a key to [formatters] -[formatter_generic] -format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s -datefmt = %H:%M:%S diff --git a/roles/pagure/templates/fedora-messaging.toml b/roles/pagure/templates/fedora-messaging.toml index 8ea2d394c7..6cae6cf50f 100644 --- a/roles/pagure/templates/fedora-messaging.toml +++ b/roles/pagure/templates/fedora-messaging.toml @@ -7,13 +7,6 @@ amqp_url = "amqps://pagure.stg:@rabbitmq.stg.fedoraproject.org/%2Fpubsub" amqp_url = "amqps://pagure:@rabbitmq.fedoraproject.org/%2Fpubsub" {% endif %} -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "pagure-staging" %} -topic_prefix = "io.pagure.stg" -{% else %} -topic_prefix = "io.pagure.prod" -{% endif %} publish_exchange = "amq.topic" diff --git a/roles/rabbit/queue/tasks/main.yml b/roles/rabbit/queue/tasks/main.yml index fe61c8a24e..282e708dcd 100644 --- a/roles/rabbit/queue/tasks/main.yml +++ b/roles/rabbit/queue/tasks/main.yml @@ -78,26 +78,6 @@ - fedora-messaging - rabbitmq_cluster -# This can be removed when we're done with fedmsg and the bridges are retired. -- name: Bind the {{ queue_name }} queue to the zmq.topic exchange - delegate_to: "{{ queue_rabbitmq_server }}" - rabbitmq_binding: - name: "zmq.topic" - destination: "{{ queue_name }}" - destination_type: queue - routing_key: "{{ routing_key }}" - vhost: "{{ queue_vhost }}" - state: present - login_user: admin - login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}" - loop: "{{ queue_routing_keys }}" - loop_control: - loop_var: routing_key - when: queue_routing_keys is defined - tags: - - fedora-messaging - - rabbitmq_cluster - - name: Monitor the {{ queue_name }} queue in Nagios (NRPE) when: queue_thresholds and env == "production" delegate_to: "{{ queue_rabbitmq_server }}" diff --git a/roles/supybot/templates/fedora-messaging.toml.j2 b/roles/supybot/templates/fedora-messaging.toml.j2 index 7f2fdf90fc..ed2fdc663f 100644 --- a/roles/supybot/templates/fedora-messaging.toml.j2 +++ b/roles/supybot/templates/fedora-messaging.toml.j2 @@ -3,14 +3,6 @@ amqp_url = "amqps://{{ botname }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2 # Just check if the queue exist, don't try to create it (the server does not allow it). passive_declares = true -# The topic_prefix configuration value will add a prefix to the topics of every sent message. -# This is used for migrating from fedmsg, and should not be used afterwards. -{% if env == "staging" %} -topic_prefix = "org.fedoraproject.stg" -{% else %} -topic_prefix = "org.fedoraproject.prod" -{% endif %} - [tls] ca_cert = "/etc/pki/fedora-messaging/rabbitmq-ca.crt" keyfile = "/etc/pki/fedora-messaging/{{ botname }}.key" -- 2.50.0