Upgrade production to bodhi-3.11.0-3.fc29.

Signed-off-by: Randy Barlow <randy@electronsweatshop.com>

handlers/restart_services.yml

@@ -19,10 +19,6 @@
 
 - name: restart fedmsg-hub
   command: /usr/local/bin/conditional-restart.sh fedmsg-hub
-  # Note that, we're cool with arbitrary restarts on bodhi-backend02, just
-  # not bodhi-backend01 or bodhi-backend03.  01 and 03 is where the releng/mash
-  # stuff happens and we # don't want to interrupt that.
-  when: inventory_hostname not in ['bodhi-backend01.phx2.fedoraproject.org', 'bodhi-backend03.phx2.fedoraproject.org']
 
 - name: restart fedmsg-hub-3
   command: /usr/local/bin/conditional-restart.sh fedmsg-hub-3

inventory/host_vars/bodhi-backend02.phx2.fedoraproject.org

@@ -15,7 +15,7 @@ bodhi_updates_handler_enabled: True
 bodhi_signed_handler_enabled: True
 
 # GDPR SAR variables
-sar_script: /usr/local/bin/bodhi_sar.py
+sar_script: /usr/bin/bodhi-sar
 sar_script_user: apache
 sar_output_file: bodhi.json
 

playbooks/manual/upgrade/bodhi.yml

@@ -53,16 +53,9 @@
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 
   tasks:
-  # This block can be dropped once production is upgraded to bodhi-3.11.0.
-  - name: Find out what the current migration version is
-    command: /usr/bin/python2 /usr/bin/alembic -c /etc/bodhi/alembic.ini current
-    register: current_migration_version
-    when: env == "production"
   - name: Find out what the current migration version is
     command: /usr/bin/alembic-3 -c /etc/bodhi/alembic.ini current
     register: current_migration_version
-    # This line can be dropped once production is upgraded to bodhi-3.11.0.
-    when: env == "staging"
 
 - name: Stop the front end if there are migrations to run
   hosts: os-masters[0]:os-masters-stg[0]
@@ -110,37 +103,15 @@
   tasks:
   - name: Stop the fedmsg-hub-3 backend
     service: name="fedmsg-hub-3" state=stopped
-    # This line can be dropped once production is upgraded to bodhi-3.11.0.
-    when: env == "staging"
-
-  # This block can be dropped once production is upgraded to bodhi-3.11.0.
-  - name: Stop the fedmsg-hub backend
-    service: name="fedmsg-hub" state=stopped
-    when: env == "production"
 
   - name: Upgrade the database
     command: /usr/bin/alembic-3 -c /etc/bodhi/alembic.ini upgrade head
     args:
       chdir: /usr/share/bodhi/
-    # We need to drop the env == "staging" once production is upgraded to 3.11.0.
+    when: inventory_hostname.startswith(('bodhi-backend01.phx2', 'bodhi-backend01.stg.phx2'))
-    when: inventory_hostname.startswith(('bodhi-backend01.phx2', 'bodhi-backend01.stg.phx2')) and env == "staging"
-
-  # This block can be dropped once production is upgraded to bodhi-3.11.0.
-  - name: Upgrade the database
-    command: /usr/bin/alembic -c /etc/bodhi/alembic.ini upgrade head
-    args:
-      chdir: /usr/share/bodhi/
-    when: inventory_hostname.startswith(('bodhi-backend01.phx2', 'bodhi-backend01.stg.phx2')) and env == "production"
 
   - name: And... start the backend again
     service: name="fedmsg-hub-3" state=started
-    # This line can be dropped once production is upgraded to bodhi-3.11.0.
-    when: env == "staging"
-
-  # This block can be dropped once production is upgraded to bodhi-3.11.0.
-  - name: And... start the backend again
-    service: name="fedmsg-hub" state=started
-    when: env == "production"
 
   post_tasks:
   - name: tell nagios to unshush w.r.t. the backend

playbooks/openshift-apps/bodhi.yml

@@ -60,7 +60,7 @@
     app: bodhi
     template: buildconfig.yml
     objectname: buildconfig.yml
-    bodhi_version: 3.10.1-1.fc29
+    bodhi_version: 3.11.0-3.fc29
     when: env != "staging"
   - role: openshift/start-build
     app: bodhi

roles/bodhi2/backend/tasks/main.yml

@@ -29,33 +29,6 @@
   tags:
   - packages
   - bodhi
-  # This line can be dropped when Bodhi 3.11.0 is deployed to production.
-  when: env == "staging"
-
-# This block can be dropped when Bodhi 3.11.0 is deployed to production.
-- name: install needed packages
-  package: name={{ item }} state=present
-  with_items:
-  - mock
-  - fedmsg-hub
-  - fedmsg-relay
-  - python-mock
-  - bodhi-composer
-  - sigul
-  - python-alembic
-  - python-scandir
-  - python2-productmd
-  - compose-utils
-  - python-fedmsg-meta-fedora-infrastructure
-  - pungi
-  - pungi-utils
-  - python2-koji-cli-plugins
-  - python2-pdc-client
-  - python2-fedfind
-  tags:
-  - packages
-  - bodhi
-  when: env == "production"
 
 - name: install tag2distrepo on fedora bodhi backends
   package: name=python2-tag2distrepo state=present
@@ -86,14 +59,6 @@
   - packages
   - bodhi
 
-# This block can be dropped when Bodhi 3.11.0 is deployed to production.
-- name: hotfix /usr/bin/alembic to use our webob forward compat package
-  copy: src=alembic dest=/usr/bin/alembic
-  tags:
-  - hotfix
-  - bodhi
-  when: env == "production"
-
 - name: add masher group
   group: name=masher gid=751 system=yes state=present
   tags:
@@ -265,19 +230,6 @@
   - bodhi
   - koji-sync
 
-# This block can be dropped when bodhi-3.11.0 is deployed to production. Don't forget to update the vars
-# so that /usr/bin/bodhi-sar is used instead of /usr/local/bin/bodhi_sar.py. 
-- name: Install bodhi_sar.py
-  copy:
-    src: bodhi_sar.py
-    dest: /usr/local/bin/bodhi_sar.py
-    mode: 0700
-    owner: apache
-    group: apache
-  when: inventory_hostname.startswith('bodhi-backend02') and env == "production"
-  tags:
-  - bodhi
-
 #
 # cron job that syncs updates to master mirror
 #
@@ -396,16 +348,6 @@
   tags:
   - config
   - bodhi
-  # This line can be dropped once production is upgraded to Bodhi 3.11.0.
-  when: env == "staging"
-
-# This block can be dropped once production is upgraded to Bodhi 3.11.0.
-- name: create the /usr/lib/systemd/system/fedmsg-hub.service.d drop-in directory
-  file: path=/usr/lib/systemd/system/fedmsg-hub.service.d state=directory mode=0755
-  tags:
-  - config
-  - bodhi
-  when: env == "production"
 
 - name: install a femdsg-hub-3.service drop-in to run it as the apache
   copy: >
@@ -420,24 +362,6 @@
   tags:
   - bodhi
   - config
-  # This line can be dropped once production is upgraded to Bodhi 3.11.0.
-  when: env == "staging"
-
-# This block can be dropped once production is upgraded to Bodhi 3.11.0.
-- name: install a femdsg-hub.service drop-in to run it as the apache
-  copy: >
-    src="fedmsg-hub.conf"
-    dest="/usr/lib/systemd/system/fedmsg-hub.service.d/fedmsg-hub.conf"
-    owner=root
-    group=root
-    mode=0644
-  notify:
-  - reload systemd
-  - restart fedmsg-hub
-  tags:
-  - bodhi
-  - config
-  when: env == "production"
 
 - name: have the apache own /var/cache/bodhi because of course..
   file: >
@@ -473,24 +397,6 @@
   tags:
   - fedmsgmonitor
   - bodhi
-  # This line can be removed once production is upgraded to bodhi-3.11.0.
-  when: env == "staging"
-
-# This block can be removed once production is upgraded to bodhi-3.11.0.
-- name: ensure that nrpe has rights to monitor us (dir), including setgid bit.
-  file: >
-    dest=/var/run/fedmsg
-    mode=2775
-    owner=apache
-    group=nrpe
-    state=directory
-  ignore_errors: true
-  notify:
-  - restart fedmsg-hub
-  tags:
-  - fedmsgmonitor
-  - bodhi
-  when: env == "production"
 
 - name: ensure that nrpe has rights to monitor us (file)
   file: >
@@ -513,15 +419,6 @@
   service: name=fedmsg-hub-3 enabled=yes state=started
   tags:
   - bodhi
-  # This line can be removed once production is upgraded to bodhi-3.11.0.
-  when: env == "staging"
-
-# This block can be removed once production is upgraded to bodhi-3.11.0.
-- name: ensure fedmsg-hub is enabled and started on the backend
-  service: name=fedmsg-hub enabled=yes state=started
-  tags:
-  - bodhi
-  when: env == "production"
 
 - name: Set up koji profile
   template: src=kojiprofile.conf dest=/etc/koji.conf.d/bodhi.conf

roles/bodhi2/base/tasks/main.yml

@@ -47,30 +47,6 @@
   tags:
   - config
   - bodhi
-  # This line can be dropped once Bodhi 3.11 is in production.
-  when: env == "staging"
-
-# This block can be dropped once Bodhi 3.11 is in production.
-- name: Copy some fedmsg configuration of our own for fedmsg-hub
-  template: >
-      src={{item}}
-      dest=/etc/fedmsg.d/{{item}}
-      owner=root
-      group=root
-      mode=0644
-  with_items:
-  - bodhi-logging.py
-  - bodhi-threading.py
-  - bodhi.py
-  - masher.py
-  - updates_handler.py
-  - signed_handler.py
-  notify:
-  - restart fedmsg-hub
-  tags:
-  - config
-  - bodhi
-  when: env == "production"
 
 - name: setup /etc/pki/bodhi directory
   file: path=/etc/pki/bodhi owner=root group=root mode=0755 state=directory

roles/bodhi2/base/templates/configmap.yml

@@ -59,11 +59,7 @@ data:
     LoadModule alias_module modules/mod_alias.so
     LoadModule rewrite_module modules/mod_rewrite.so
     LoadModule version_module modules/mod_version.so
-{% if env == 'staging' %}
     LoadModule wsgi_module modules/mod_wsgi_python3.so
-{% else %}
-    LoadModule wsgi_module modules/mod_wsgi.so
-{% endif %}
     LoadModule authn_core_module modules/mod_authn_core.so
     LoadModule authz_core_module modules/mod_authz_core.so
     LoadModule unixd_module modules/mod_unixd.so
@@ -76,11 +72,7 @@ data:
         AllowOverride None
         Require all granted
     </Directory>
-{% if env == 'staging' %}
     <Directory "/usr/lib/python3.7/site-packages/bodhi/server/static/">
-{% else %}
-    <Directory "/usr/lib/python2.7/site-packages/bodhi/server/static/">
-{% endif %}
         AllowOverride None
         Require all granted
     </Directory>
@@ -105,11 +97,7 @@ data:
     AddDefaultCharset UTF-8
     CoreDumpDirectory /tmp
     Alias /docs /usr/share/doc/bodhi-docs/html/
-{% if env == 'staging' %}
     Alias /static /usr/lib/python3.7/site-packages/bodhi/server/static/
-{% else %}
-    Alias /static /usr/lib/python2.7/site-packages/bodhi/server/static/
-{% endif %}
     WSGIDaemonProcess bodhi display-name=bodhi processes=2 threads=2 maximum-requests=1000 home=/httpdir
     WSGIApplicationGroup %{GLOBAL}
     WSGISocketPrefix run/wsgi

roles/bodhi2/base/templates/production.ini.j2

@@ -210,11 +210,7 @@ pungi.extracmdline = --notification-script=/usr/bin/pungi-fedmsg-notification --
 # You can put credentials for skopeo to use in $HOME/.docker/config.json
 # https://github.com/projectatomic/skopeo#private-registries-with-authentication
 # skopeo.cmd = /usr/bin/skopeo
-{% if env == 'staging' %}
 skopeo.cmd = /usr/bin/bodhi-skopeo-lite
-{% elif env == 'production' %}
-skopeo.cmd = /usr/bin/skopeo
-{% endif %}
 
 # Comma separated list of extra flags to pass to the skopeo copy command.
 # skopeo.extra_copy_flags =
@@ -250,15 +246,15 @@ container.source_registry = candidate-registry.stg.fedoraproject.org
 #    fedora_epel_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/epel/%%s/%%s/repodata/repomd.xml
 #    fedora_epel_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/epel/testing/%%s/%%s/repodata/repomd.xml
 {% if env == 'production' %}
-fedora_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/%s/Everything/%s/repodata/repomd.xml
+fedora_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/%%s/Everything/%%s/repodata/repomd.xml
-fedora_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/testing/%s/Everything/%s/repodata/repomd.xml
+fedora_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/testing/%%s/Everything/%%s/repodata/repomd.xml
 # Fedora 28 changed the repo layout, so the next two lines are overrides until Fedora 27 goes EOL (and then they can be dropped).
-fedora_27_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/%s/%s/repodata/repomd.xml
+fedora_27_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/%%s/%%s/repodata/repomd.xml
-fedora_27_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/testing/%s/%s/repodata/repomd.xml
+fedora_27_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/testing/%%s/%%s/repodata/repomd.xml
-fedora_epel_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/epel/%s/%s/repodata/repomd.xml
+fedora_epel_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/epel/%%s/%%s/repodata/repomd.xml
-fedora_epel_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/epel/testing/%s/%s/repodata/repomd.xml
+fedora_epel_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/epel/testing/%%s/%%s/repodata/repomd.xml
-fedora_modular_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/%s/Modular/%s/repodata/repomd.xml
+fedora_modular_stable_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/%%s/Modular/%%s/repodata/repomd.xml
-fedora_modular_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/testing/%s/Modular/%s/repodata/repomd.xml
+fedora_modular_testing_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora/linux/updates/testing/%%s/Modular/%%s/repodata/repomd.xml
 {% elif env == 'staging' %}
 fedora_stable_master_repomd = https://kojipkgs.stg.fedoraproject.org/compose/updates/f%%s-updates/compose/Everything/%%s/os/repodata/repomd.xml
 fedora_testing_master_repomd = https://kojipkgs.stg.fedoraproject.org/compose/updates/f%%s-updates-testing/compose/Everything/%%s/os/repodata/repomd.xml
@@ -282,11 +278,11 @@ fedora_modular_testing_master_repomd = https://kojipkgs.stg.fedoraproject.org/co
 #    fedora_28_stable_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/%%s/Everything/%%s/repodata/repomd.xml
 #    fedora_testing_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/testing/%%s/%%s/repodata/repomd.xml
 {% if env == 'production' %}
-fedora_stable_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/%s/Everything/%s/repodata/repomd.xml
+fedora_stable_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/%%s/Everything/%%s/repodata/repomd.xml
-fedora_testing_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/testing/%s/Everything/%s/repodata/repomd.xml
+fedora_testing_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/testing/%%s/Everything/%%s/repodata/repomd.xml
 # Fedora 28 changed the repo layout, so the next two lines are overrides until Fedora 27 goes EOL (and then they can be dropped).
-fedora_27_stable_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/%s/%s/repodata/repomd.xml
+fedora_27_stable_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/%%s/%%s/repodata/repomd.xml
-fedora_27_testing_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/testing/%s/%s/repodata/repomd.xml
+fedora_27_testing_alt_master_repomd = http://download01.phx2.fedoraproject.org/pub/fedora-secondary/updates/testing/%%s/%%s/repodata/repomd.xml
 {% elif env == 'staging' %}
 fedora_stable_alt_master_repomd = https://kojipkgs.stg.fedoraproject.org/compose/updates/f%%s-updates/compose/Everything/%%s/os/repodata/repomd.xml
 fedora_testing_alt_master_repomd = https://kojipkgs.stg.fedoraproject.org/compose/updates/f%%s-updates-testing/compose/Everything/%%s/os/repodata/repomd.xml
@@ -437,7 +433,7 @@ fedmenu.data_url = https://apps{{env_suffix}}.fedoraproject.org/js/data.js
 {% if env == 'staging' %}
 krb_ccache = /tmp/krb5cc_%%{uid}
 {% else %}
-krb_ccache = /tmp/krb5cc_%{uid}
+krb_ccache = /tmp/krb5cc_%%{uid}
 {% endif %}
 krb_principal = bodhi/bodhi{{ env_suffix }}.fedoraproject.org@{{ ipa_realm }}
 krb_keytab = /etc/krb5.bodhi_bodhi{{ env_suffix }}.fedoraproject.org.keytab
@@ -523,7 +519,7 @@ bz_products = Fedora,Fedora EPEL
 # A template to use for links to Bugzilla tickets. %%s will be filled in with the bug number.
 # buglink = https://bugzilla.redhat.com/show_bug.cgi?id=%%s
 {% if env == 'production' %}
-buglink = https://bugzilla.redhat.com/show_bug.cgi?id=%s
+buglink = https://bugzilla.redhat.com/show_bug.cgi?id=%%s
 {% elif env == 'staging' %}
 buglink = https://partner-bugzilla.redhat.com/show_bug.cgi?id=%%s
 {% endif %}