diff --git a/playbooks/openshift-apps/simple-koji-ci.yml b/playbooks/openshift-apps/simple-koji-ci.yml new file mode 100644 index 0000000000..fb8e45823b --- /dev/null +++ b/playbooks/openshift-apps/simple-koji-ci.yml @@ -0,0 +1,50 @@ +- name: make the app be real + hosts: os_masters_stg[0]:os_masters + user: root + gather_facts: False + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + - role: openshift/project + app: simple-koji-ci + description: Do a scratch build on PRs opened on dist-git + appowners: + - cverna + - pingou + + - role: openshift/keytab + app: simple-koji-ci + key: simple-koji-ci-keytab + secret_name: simple-koji-ci-keytab + service: simple-koji-ci + + - role: openshift/object + app: simple-koji-ci + template: imagestream.yml + objectname: imagestream.yml + + - role: openshift/object + app: simple-koji-ci + template: buildconfig.yml + objectname: buildconfig.yml + + - role: openshift/object + app: simple-koji-ci + template: configmap.yml + objectname: configmap.yml + + - role: openshift/object + app: simple-koji-ci + template: deploymentconfig.yml + objectname: deploymentconfig.yml + + - role: openshift/start-build + app: simple-koji-ci + buildname: simple-koji-ci-build + objectname: simple-koji-ci-build + tags: + - build diff --git a/roles/openshift-apps/simple-koji-ci/templates/buildconfig.yml b/roles/openshift-apps/simple-koji-ci/templates/buildconfig.yml new file mode 100644 index 0000000000..76bce8c472 --- /dev/null +++ b/roles/openshift-apps/simple-koji-ci/templates/buildconfig.yml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: BuildConfig +metadata: + name: simple-koji-ci-build + labels: + environment: "simple-koji-ci" +spec: + source: + git: +{% if env == 'staging' %} + uri: https://pagure.io/forks/pingou/fedora-ci/simple-koji-ci.git + ref: "staging" +{% else %} + uri: https://pagure.io/fedora-ci/simple-koji-ci/.git + ref: "production" +{% endif %} + strategy: + type: Docker + triggers: + - type: ConfigChange + - type: ImageChange + output: + to: + kind: ImageStreamTag + name: simple-koji-ci:latest diff --git a/roles/openshift-apps/simple-koji-ci/templates/configmap.yml b/roles/openshift-apps/simple-koji-ci/templates/configmap.yml new file mode 100644 index 0000000000..a98f9c8e8a --- /dev/null +++ b/roles/openshift-apps/simple-koji-ci/templates/configmap.yml @@ -0,0 +1,23 @@ +{% macro load_file(filename) %}{% include filename %}{%- endmacro -%} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: simple-koji-ci-fedmsg + labels: + app: simple-koji-ci +data: + endpoints.py: |- + {{ load_file('endpoints.py') | indent }} + runner.cfg: |- + {{ load_file('simple_koji_ci.py') | indent }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: simple-koji-ci-krb + labels: + app: simple-koji-ci +data: + krb5.conf: | + {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }} diff --git a/roles/openshift-apps/simple-koji-ci/templates/deploymentconfig.yml b/roles/openshift-apps/simple-koji-ci/templates/deploymentconfig.yml new file mode 100644 index 0000000000..59efe01bbc --- /dev/null +++ b/roles/openshift-apps/simple-koji-ci/templates/deploymentconfig.yml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: DeploymentConfig +metadata: + labels: + app: simple-koji-ci + name: simple-koji-ci +spec: + replicas: 1 + selector: + app: simple-koji-ci + deploymentconfig: simple-koji-ci + strategy: + type: Recreate + template: + metadata: + labels: + app: simple-koji-ci + deploymentconfig: simple-koji-ci + spec: + hostAliases: + - hostnames: + - apps.stg.fedoraproject.org + ip: 10.5.128.177 + containers: + - name: simple-koji-ci + image: simple-koji-ci:latest + resources: {} + env: + - name: KRB5_CONFIG + value: /etc/krb/krb5.conf + - name: KRB5_CLIENT_KTNAME + value: /etc/keytab/koji-keytab + - name: OPENSHIFT + value: "True" + volumeMounts: + - name: keytab-volume + mountPath: /etc/keytabs + readOnly: true + - name: simple-koji-ci-krb-volume + mountPath: /etc/krb/ + readOnly: true + - name: simple-koji-ci-fedmsg-volumes + mountPath: /etc/fedmsg.d + readOnly: true + volumes: + - name: keytab-volume + secret: + secretName: simple-koji-ci-keytab + - name: simple-koji-ci-krb-volume + configMap: + name: simple-koji-ci-krb + - name: simple-koji-ci-fedmsg-volume + configMap: + name: simple-koji-ci-fedmsg + + triggers: + - type: ConfigChange + - type: ImageChange + imageChangeParams: + automatic: true + containerNames: + - simple-koji-ci + from: + kind: ImageStreamTag + name: simple-koji-ci:latest diff --git a/roles/openshift-apps/simple-koji-ci/templates/endpoints.py b/roles/openshift-apps/simple-koji-ci/templates/endpoints.py new file mode 100644 index 0000000000..8a06a35735 --- /dev/null +++ b/roles/openshift-apps/simple-koji-ci/templates/endpoints.py @@ -0,0 +1,35 @@ +# This file is part of fedmsg. +# Copyright (C) 2012 Red Hat, Inc. +# +# fedmsg is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# fedmsg is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with fedmsg; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +# +# Authors: Ralph Bean +# +config = dict( + # This is a dict of possible addresses from which fedmsg can send + # messages. fedmsg.init(...) requires that a 'name' argument be passed + # to it which corresponds with one of the keys in this dict. + endpoints={ + # These are here so your local box can listen to the upstream + # infrastructure's bus. Cool, right? :) + "fedora-infrastructure": [ + {% if env == 'staging' %} + "tcp://stg.fedoraproject.org:9940", + {% else %} + "tcp://hub.fedoraproject.org:9940", + {% endif %} + ], + }, +) diff --git a/roles/openshift-apps/simple-koji-ci/templates/imagestream.yml b/roles/openshift-apps/simple-koji-ci/templates/imagestream.yml new file mode 100644 index 0000000000..f83ff4d1db --- /dev/null +++ b/roles/openshift-apps/simple-koji-ci/templates/imagestream.yml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ImageStream +metadata: + name: "simple-koji-ci" diff --git a/roles/openshift-apps/simple-koji-ci/templates/simple_koji_ci.py b/roles/openshift-apps/simple-koji-ci/templates/simple_koji_ci.py new file mode 100644 index 0000000000..0f88935ce6 --- /dev/null +++ b/roles/openshift-apps/simple-koji-ci/templates/simple_koji_ci.py @@ -0,0 +1,75 @@ +class TargetTagsDict(dict): + """A dict that returns the key for missing values""" + def __missing__(self, key): + return key + + def get(self, key, default): + """Normally, get() doesn't go trough __missing__""" + return self[key] + + +config = { + 'simple-koji-ci.enabled': True, + + 'simple-koji-ci.koji': { + {% if env == 'staging' %} + 'server': 'https://koji.stg.fedoraproject.org/kojihub', + 'weburl': 'https://koji.stg.fedoraproject.org/koji', + 'git_url': 'https://src.stg.fedoraproject.org/rpms/{package}.git', + 'krb_principal': 'simple-koji-ci/simple-koji-ci-dev.fedorainfracloud.org@STG.FEDORAPROJECT.ORG', + 'krb_keytab': '/etc/krb5.simple-koji-ci_simple-koji-ci-dev.fedorainfracloud.org.keytab', + {% else %} + 'server': 'https://koji.fedoraproject.org/kojihub', + 'weburl': 'https://koji.fedoraproject.org/koji', + 'git_url': 'https://src.fedoraproject.org/rpms/{package}.git', + 'krb_principal': 'simple-koji-ci/simple-koji-ci-prod.fedorainfracloud.org@FEDORAPROJECT.ORG', + 'krb_keytab': '/etc/krb5.simple-koji-ci_simple-koji-ci-prod.fedorainfracloud.org.keytab', + {% endif %} + # Kerberos configuration to authenticate with Koji. In development + # environments, use `kinit @FEDORAPROJECT.ORG` to get a + # Kerberos ticket and use the default settings below. + 'krb_ccache': None, + 'krb_proxyuser': None, + 'krb_sessionopts': {'timeout': 3600, 'krb_rdns': False}, + 'opts': {'scratch': True}, + 'priority': 30, + 'target_tags': TargetTagsDict(master='rawhide'), + }, + + "simple-koji-ci.cache": { + "backend": "dogpile.cache.dbm", + "expiration_time": 300, + "arguments": { + "filename": "/var/tmp/simple-koji-ci-cache.dbm", + }, + }, + + {% if env == 'staging' %} + "simple-koji-ci.pagure_url" : "https://src.stg.fedoraproject.org", + "simple-koji-ci.pagure_token" : "{{ simple_koji_ci_pagure_token_stg }}", + {% else %} + "simple-koji-ci.pagure_url" : "https://src.fedoraproject.org", + "simple-koji-ci.pagure_token" : "{{ simple_koji_ci_pagure_token }}", + {% endif %} + + # The time in seconds the-new-hotness should wait for a socket to connect + # before giving up. + 'simple-koji-ci.connect_timeout': 15, + # The time in seconds the-new-hotness should wait for a read from a socket + # before giving up. + 'simple-koji-ci.read_timeout': 15, + # The number of times the-new-hotness should retry a network request that + # that failed for any reason (e.g. read timeout, DNS error, etc) + 'simple-koji-ci.requests_retries': 3, + + "logging": { + "loggers": { + "simple_koji_ci": { + "level": "DEBUG", + "propagate": True, + "handlers": ["console"], + }, + }, + } + +}