f0b98b904c
Before we enable any monitoring, we should clean up app owners some so we do not spam people who arent around anymore and no longer care about the app. ;) If I removed anyone here who is still around and does care, we can easily add you back in. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
115 lines
2.6 KiB
YAML
115 lines
2.6 KiB
YAML
- name: make the app be real
|
|
hosts: os_control[0]:os_control_stg[0]
|
|
user: root
|
|
gather_facts: False
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- "/srv/private/ansible/vars.yml"
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
vars:
|
|
|
|
roles:
|
|
- role: rabbit/user
|
|
username: "noggin{{ env_suffix }}"
|
|
sent_topics: ^org\.fedoraproject\.{{ env_short }}\.fas\..*
|
|
|
|
- role: openshift/project
|
|
app: noggin
|
|
description: "Self-service account portal"
|
|
appowners:
|
|
- abompard
|
|
- nils
|
|
- ryanlerch
|
|
tags:
|
|
- apply-appowners
|
|
when: env == "production"
|
|
- role: openshift/project
|
|
app: noggin
|
|
description: "Self-service account portal"
|
|
appowners:
|
|
- abompard
|
|
- nils
|
|
- ryanlerch
|
|
tags:
|
|
- apply-appowners
|
|
when: env == "staging"
|
|
|
|
- role: openshift/secret-file
|
|
app: noggin
|
|
secret_name: fedora-messaging-ca
|
|
key: cacert.pem
|
|
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
|
- role: openshift/secret-file
|
|
app: noggin
|
|
secret_name: fedora-messaging-crt
|
|
key: noggin-cert.pem
|
|
privatefile: "rabbitmq/{{env}}/pki/issued/noggin{{env_suffix}}.crt"
|
|
- role: openshift/secret-file
|
|
app: noggin
|
|
secret_name: fedora-messaging-key
|
|
key: noggin-key.pem
|
|
privatefile: "rabbitmq/{{env}}/pki/private/noggin{{env_suffix}}.key"
|
|
|
|
- role: openshift/imagestream
|
|
app: noggin
|
|
imagename: noggin
|
|
|
|
- role: openshift/object
|
|
app: noggin
|
|
template: buildconfig.yml
|
|
objectname: buildconfig.yml
|
|
|
|
- role: openshift/object
|
|
app: noggin
|
|
template: configmap.yml
|
|
objectname: configmap.yml
|
|
noggin_theme: fas
|
|
|
|
- role: openshift/ipa-client
|
|
app: noggin
|
|
|
|
- role: openshift/object
|
|
app: noggin
|
|
template: service.yml
|
|
objectname: service.yml
|
|
|
|
- role: openshift/route
|
|
app: noggin
|
|
routename: noggin
|
|
host: "accounts{{ env_suffix }}.fedoraproject.org"
|
|
serviceport: web
|
|
servicename: noggin-web
|
|
annotations:
|
|
haproxy.router.openshift.io/timeout: 5m
|
|
haproxy.router.openshift.io/set-forwarded-headers: append
|
|
|
|
- role: openshift/object
|
|
app: noggin
|
|
template: secrets.yml
|
|
objectname: secrets.yml
|
|
|
|
- role: openshift/object
|
|
app: noggin
|
|
template: secret-webhook.yml
|
|
objectname: secret-webhook.yml
|
|
|
|
- role: openshift/object
|
|
app: noggin
|
|
template: deploymentconfig.yml
|
|
objectname: deploymentconfig.yml
|
|
|
|
- role: openshift/start-build
|
|
app: noggin
|
|
buildname: noggin
|
|
tags:
|
|
- never
|
|
- build
|
|
|
|
- role: openshift/rollout
|
|
app: noggin
|
|
dcname: noggin
|
|
tags:
|
|
- never
|
|
- rollout
|