message-tagging-service: retire

This service tagged things based on mbs builds. Since mbs is retired now, no need for this to be around either. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-05-22 14:36:32 -07:00 · 2024-05-22 14:36:32 -07:00 · 719e5db2fa
commit 719e5db2fa
parent d7132e212c
16 changed files with 0 additions and 453 deletions
--- a/playbooks/include/proxies-reverseproxy.yml
+++ b/playbooks/include/proxies-reverseproxy.yml
@ -481,16 +481,6 @@
    keephost: true
    tags: koschei
  - role: httpd/reverseproxy
    website: message-tagging-service.fedoraproject.org
    destname: message-tagging-service
    balancer_name: app-os
    balancer_members: "{{ (env == 'staging')|ternary(ocp_nodes_stg, ocp_nodes) }}"
    targettype: openshift
    ocp4: true
    keephost: true
    tags: message-tagging-service
  - role: httpd/reverseproxy
    website: openqa.fedoraproject.org
    destname: openqa
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@ -944,13 +944,6 @@
    cert_name: "{{wildcard_cert_name}}"
    tags: koschei
  - role: httpd/website
    site_name: message-tagging-service.fedoraproject.org
    sslonly: true
    server_aliases: [message-tagging-service.stg.fedoraproject.org]
    cert_name: "{{wildcard_cert_name}}"
    tags: message-tagging-service
  - role: httpd/website
    site_name: waiverdb.fedoraproject.org
    sslonly: true
--- a/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml
+++ b/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml
@ -45,9 +45,6 @@
    - app: koschei
      secret_name: keytab
      key: krb5.keytab
    - app: message-tagging-service
      secret_name: keytab
      key: krb5.keytab
    - app: monitor-gating
      key: monitor-gating-keytab
      secret_name: monitor-gating-keytab
--- a/playbooks/openshift-apps/message-tagging-service.yml
+++ b/playbooks/openshift-apps/message-tagging-service.yml
@ -1,69 +0,0 @@
 # vim: ts=2 sw=2 autoindent
 - name: provision message-tagging-service
  hosts: os_control[0]:os_control_stg[0]
  user: root
  gather_facts: False
  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - /srv/private/ansible/vars.yml
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
    - /srv/web/infra/ansible/roles/openshift-apps/message-tagging-service/vars/main.yml
    - /srv/web/infra/ansible/roles/openshift-apps/message-tagging-service/vars/{{ env }}.yml
  roles:
  - role: openshift/project
    app: message-tagging-service
    description: A tagging service tagging builds in koji, used by modularity
    appowners:
    - julian8628
    - cqi
    tags:
      - appowners
  - role: openshift/keytab
    secret_name: keytab
    key: krb5.keytab
    service: message-tagging-service
    host: "message-tagging-service{{ env_suffix }}.fedoraproject.org"
  - role: openshift/route
    routename: mts
    host: "message-tagging-service{{ env_suffix }}.fedoraproject.org"
    serviceport: web
    servicename: mts
  # Setup for fedora-messaging
  # cacert, certificate and private key for fedora-messaging
  - role: openshift/secret-file
    app: message-tagging-service
    secret_name: mts-fedora-messaging-key
    key: mts.key
    privatefile: "rabbitmq/{{ env }}/pki/private/mts{{ env_suffix }}.key"
  - role: openshift/secret-file
    app: message-tagging-service
    secret_name: mts-fedora-messaging-crt
    key: mts.crt
    privatefile: "rabbitmq/{{ env }}/pki/issued/mts{{ env_suffix }}.crt"
  - role: openshift/secret-file
    app: message-tagging-service
    secret_name: mts-fedora-messaging-ca
    key: mts.ca
    privatefile: "rabbitmq/{{ env }}/pki/ca.crt"
  tasks:
    - name: Apply objects
      include_role: name=openshift/object
      vars:
        template: "{{ item }}.yml"
        objectname: "{{ item }}.yml"
      with_items:
        - configmap
        - imagestream
        - deploymentconfig
        - service
--- a/roles/openshift-apps/message-tagging-service/files/mts-rules.yml
+++ b/roles/openshift-apps/message-tagging-service/files/mts-rules.yml
@ -1,15 +0,0 @@
 ---
 # Please add rules to tag module build.
 # Refer to https://pagure.io/modularity/blob/master/f/drafts/module-tagging-service/format.md
 # This is an example rule. Remove it and add new one when MTS is enabled in prod.
 - id: Exmaple rule
  description: Apply gating tag to module build
  type: module
  rule:
    dependencies:
      buildrequires:
        platform: '^f(?P<platform>\d+)$'
      requires:
        platform: '^f\d+$'
  destinations: 'some-tag-f\g<platform>-gate'
--- a/roles/openshift-apps/message-tagging-service/templates/app-config.py
+++ b/roles/openshift-apps/message-tagging-service/templates/app-config.py
@ -1,31 +0,0 @@
 # -*- coding: utf-8 -*-
 class BaseConfiguration:
    log_level = 'DEBUG'
    koji_cert = None
    keytab = '/etc/krb5.keytab'
    principal = '{{ app }}/{{ app }}{{ env_suffix }}.fedoraproject.org@{{ ipa_realm }}'
    messaging_backend = 'fedora-messaging'
    build_state = 'ready'
    {% if env == 'staging' %}
    dry_run = False
    # Running in staging, a rule file inside my perosnal repo is used in order to test conveniently.
    rules_file_url = 'https://pagure.io/mts-rules/raw/master/f/rules.yaml'
    mbs_api_url = 'https://mbs.stg.fedoraproject.org/module-build-service/1/'
    koji_profile = 'stg'
    {% else %}
    # Disable dry_run when enable MTS
    dry_run = True
    rules_file_url = ('https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/'
                      'roles/openshift-apps/message-tagging-service/files/mts-rules.yml')
    mbs_api_url = 'https://mbs.fedoraproject.org/module-build-service/1/'
    koji_profile = 'koji'
    {% endif %}
--- a/roles/openshift-apps/message-tagging-service/templates/configmap.yml
+++ b/roles/openshift-apps/message-tagging-service/templates/configmap.yml
@ -1,46 +0,0 @@
 {% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: "mts-config"
  labels:
    app: "mts"
 data:
  config.py: |-
    {{ load_file('app-config.py') | indent }}
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: "mts-fedora-messaging"
  labels:
    app: "mts"
 data:
  config.toml: |-
    {{ load_file('fedora-messaging-config.toml') | indent }}
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: "koji-conf"
  labels:
    app: "mts"
 data:
 {% if env == 'staging' %}
  stg.conf: |-
    {{ load_file('koji-stg.conf') | indent }}
 {% else %}
  koji.conf: |-
    {{ load_file('koji.conf') | indent }}
 {% endif %}
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: "krb5-conf"
  labels:
    app: "mts"
 data:
  krb5.conf: |-
    {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }}
--- a/roles/openshift-apps/message-tagging-service/templates/deploymentconfig.yml
+++ b/roles/openshift-apps/message-tagging-service/templates/deploymentconfig.yml
@ -1,136 +0,0 @@
 # https://docs.openshift.com/container-platform/3.11/rest_api/oapi/v1.DeploymentConfig.html#object-schema
 apiVersion: apps.openshift.io/v1
 kind: DeploymentConfig
 metadata:
  name: mts
  labels:
    service: mts
 spec:
  replicas: 1
  selector:
    service: mts
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        service: mts
    spec:
      containers:
      - name: mts
        image:  image-registry.openshift-image-registry.svc:5000/message-tagging-service/message-tagging-service:latest
        env:
        # Please do remember to increase this config version after any config
        # file content is updated.
        # This is a workaround to trigger Openshift automatically to create a
        # new pod.
        - name: MTS_CONFIG_VERSION
          value: "1"
        ports:
        - containerPort: 8080
        volumeMounts:
        - name: "mts-config"
          mountPath: /etc/mts/config.py
          subPath: config.py
          readOnly: true
        # Do not mount /etc/fedora-messaging to put the config file in order to
        # use cert files to connect broker provided by fedora-messaging
        # package.
        - name: "mts-fedora-messaging"
          mountPath: /etc/fedora-messaging/
          readOnly: true
        - name: "koji-conf"
 {% if env == 'staging' %}
          mountPath: /etc/koji.conf.d/stg.conf
          subPath: stg.conf
 {% else %}
          mountPath: /etc/koji.conf
          subPath: koji.conf
 {% endif %}
          readOnly: true
        - name: "krb5-conf"
          mountPath: /etc/krb5.conf
          subPath: krb5.conf
          readOnly: true
        # Secret files
        - name: keytab
          mountPath: /etc/krb5.keytab
          subPath: krb5.keytab
          readOnly: true
        # Refer to playbooks/openshift-apps/message-tagging-service.yml to
        # learn the file names of cacert, certificate and private key.
        - name: fedora-messaging-ca
          mountPath: /etc/pki/fedora-messaging/mts.ca
          subPath: mts.ca
          readOnly: true
        - name: fedora-messaging-crt
          mountPath: /etc/pki/fedora-messaging/mts.crt
          subPath: mts.crt
          readOnly: true
        - name: fedora-messaging-key
          mountPath: /etc/pki/fedora-messaging/mts.key
          subPath: mts.key
          readOnly: true
        resources:
          requests:
            cpu: 500m
            memory: 128Mi
          limits:
            cpu: 2000m
            memory: 512Mi
        readinessProbe:
          timeoutSeconds: 1
          initialDelaySeconds: 5
          httpGet:
            path: /
            port: 8080
        livenessProbe:
          timeoutSeconds: 1
          initialDelaySeconds: 30
          httpGet:
            path: /
            port: 8080
      volumes:
      - name: "mts-config"
        configMap:
          name: "mts-config"
      - name: "mts-fedora-messaging"
        configMap:
          name: "mts-fedora-messaging"
      - name: "koji-conf"
        configMap:
          name: "koji-conf"
      - name: "krb5-conf"
        configMap:
          name: "krb5-conf"
      # Secret file volumes
      - name: keytab
        secret:
          secretName: keytab
      - name: fedora-messaging-ca
        secret:
          secretName: mts-fedora-messaging-ca
      - name: fedora-messaging-crt
        secret:
          secretName: mts-fedora-messaging-crt
      - name: fedora-messaging-key
        secret:
          secretName: mts-fedora-messaging-key
    triggers:
      - type: ConfigChange
      - type: ImageChange
        imageChangeParams:
          automatic: true
          containerNames:
          - "{{ app }}"
          from:
            kind: ImageStreamTag
            name: "message-tagging-service:latest"
 # vim: ts=2 sw=2 autoindent
--- a/roles/openshift-apps/message-tagging-service/templates/fedora-messaging-config.toml
+++ b/roles/openshift-apps/message-tagging-service/templates/fedora-messaging-config.toml
@ -1,85 +0,0 @@
 amqp_url = "amqps://mts{{ env_suffix }}:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
 {% if env == "staging" %}
 topic_prefix = "org.fedoraproject.stg"
 {% else %}
 topic_prefix = "org.fedoraproject.prod"
 {% endif %}
 publish_exchange = "amq.topic"
 passive_declares = true
 [tls]
 ca_cert = "/etc/pki/fedora-messaging/mts.ca"
 certfile = "/etc/pki/fedora-messaging/mts.crt"
 keyfile = "/etc/pki/fedora-messaging/mts.key"
 [client_properties]
 app = "Message Tagging Service"
 app_url = "https://github.com/fedora-modularity/message-tagging-service"
 app_version = "latest"
 app_contacts_email = ["yzhu@redhat.com"]
 [exchanges."amq.topic"]
 type = "topic"
 durable = true
 auto_delete = false
 arguments = {}
 [queues."mts{{ env_suffix }}"]
 {% if env == "staging" %}
 durable = false
 auto_delete = true
 {% else %}
 durable = true
 auto_delete = false
 {% endif %}
 exclusive = false
 arguments = {}
 [[bindings]]
 queue = "mts{{ env_suffix }}"
 exchange = "amq.topic"
 routing_keys = ["org.fedoraproject.*.mbs.module.state.change"]
 # Added because MBS has not been migrated to fedora-messaging
 [[bindings]]
 queue = "mts{{ env_suffix }}"
 exchange = "zmq.topic"
 routing_keys = ["org.fedoraproject.*.mbs.module.state.change"]
 [qos]
 prefetch_size = 0
 prefetch_count = 25
 [log_config]
 version = 1
 disable_existing_loggers = true
 [log_config.formatters.simple]
 format = "[%(levelname)s %(name)s] %(message)s"
 [log_config.handlers.console]
 class = "logging.StreamHandler"
 formatter = "simple"
 stream = "ext://sys.stdout"
 [log_config.loggers.fedora_messaging]
 level = "INFO"
 propagate = false
 handlers = ["console"]
 [log_config.loggers.twisted]
 level = "INFO"
 propagate = false
 handlers = ["console"]
 [log_config.loggers.pika]
 level = "WARNING"
 propagate = false
 handlers = ["console"]
 [log_config.root]
 level = "ERROR"
 handlers = ["console"]
--- a/roles/openshift-apps/message-tagging-service/templates/imagestream.yml
+++ b/roles/openshift-apps/message-tagging-service/templates/imagestream.yml
@ -1,18 +0,0 @@
 apiVersion: image.openshift.io/v1
 kind: ImageStream
 metadata:
  name: "{{ app }}"
  labels:
    app: "{{ app }}"
 spec:
  tags:
  - name: latest
    from:
      kind: DockerImage
 {% if env == 'staging' %}
      name: "quay.io/factory2/{{ app }}:stg"
 {% else %}
      name: "quay.io/factory2/{{ app }}:prod"
 {% endif %}
    importPolicy:
      scheduled: true
--- a/roles/openshift-apps/message-tagging-service/templates/koji-stg.conf
+++ b/roles/openshift-apps/message-tagging-service/templates/koji-stg.conf
@ -1,6 +0,0 @@
 [stg]
 server = https://koji.stg.fedoraproject.org/kojihub
 weburl = https://koji.stg.fedoraproject.org/koji
 topurl = https://kojipkgs.stg.fedoraproject.org/
 authtype = kerberos
 krb_rdns = false
--- a/roles/openshift-apps/message-tagging-service/templates/koji.conf
+++ b/roles/openshift-apps/message-tagging-service/templates/koji.conf
@ -1,6 +0,0 @@
 [koji]
 server = https://koji.fedoraproject.org/kojihub
 weburl = https://koji.fedoraproject.org/koji
 topurl = https://kojipkgs.fedoraproject.org/
 authtype = kerberos
 krb_rdns = false
--- a/roles/openshift-apps/message-tagging-service/templates/service.yml
+++ b/roles/openshift-apps/message-tagging-service/templates/service.yml
@ -1,11 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: mts
 spec:
  selector:
    service: mts
  ports:
  - name: web
    port: 8080
    targetPort: 8080
--- a/roles/openshift-apps/message-tagging-service/vars/main.yml
+++ b/roles/openshift-apps/message-tagging-service/vars/main.yml
@ -1,6 +0,0 @@
 app: message-tagging-service
 description: message-tagging-service
 appowners:
  - julian8628
  - mizdebsk
  - cqi
--- a/roles/openshift-apps/message-tagging-service/vars/production.yml
+++ b/roles/openshift-apps/message-tagging-service/vars/production.yml
@ -1,2 +0,0 @@
 # https://quay.io/repository/factory2/message-tagging-service?tab=tags
 quay_tag: prod
--- a/roles/openshift-apps/message-tagging-service/vars/staging.yml
+++ b/roles/openshift-apps/message-tagging-service/vars/staging.yml
@ -1,2 +0,0 @@
 # https://quay.io/repository/factory2/message-tagging-service?tab=tags
 quay_tag: stage
		`@ -1,2 +0,0 @@`
			`# https://quay.io/repository/factory2/message-tagging-service?tab=tags`
			`quay_tag: prod`
		`@ -1,2 +0,0 @@`
			`# https://quay.io/repository/factory2/message-tagging-service?tab=tags`
			`quay_tag: stage`