Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

messaging-bridges: generate fedmsg policy

Browse source
This commit is contained in:
Aurélien Bompard 2018-10-10 13:41:35 +00:00
parent d05206653b
commit 9176f0f1ba
1 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
roles/openshift-apps/messaging-bridges/templates/configmap.yml
View file

@ -236,10 +236,16 @@ data:
# A mapping of fully qualified topics to a list of cert names for which # A mapping of fully qualified topics to a list of cert names for which
# a valid signature is to be considered authorized. Messages on topics not # a valid signature is to be considered authorized. Messages on topics not
# listed here are considered automatically authorized. # listed here are considered automatically authorized.
# ** policy dynamically generated from inventory vars
# See ansible/filter_plugins/fedmsg.py for this inversion filter.
"routing_policy": { "routing_policy": {
"org.fedoraproject.prod.announce.announcement": [ {% for topic, certs in groups | invert_fedmsg_policy(hostvars, env) %}
"announce-lockbox.phx2.fedoraproject.org", "{{topic}}": [
{% for cert in certs %}
"{{ cert }}",
{% endfor %}
], ],
{% endfor %}
}, },
# Set this to True if you want messages to be dropped that aren't # Set this to True if you want messages to be dropped that aren't
# explicitly whitelisted in the routing_policy. # explicitly whitelisted in the routing_policy.