# here we keep variables that are the same between prod and staging # openQA servers. these are mostly things that are set as variables # in the plays so we can change them over time and also so the plays # can be used for non-infra deployments. # These boxes are F30+, so we need Python 3 ansible openqa_static_uid: 601 openqa_hostname: localhost openqa_email: adamwill@fedoraproject.org openqa_nickname: adamwill openqa_fullname: Adam Williamson openqa_userid: http://adamwill.id.fedoraproject.org/ openqa_assetsize: 500 openqa_assetsize_updates: 100 # we need this for all our fedora-messaging consumers as they are not # allowed to create queues on the infra AMQP broker, by broker config openqa_amqp_passive: true # fedora-messaging publisher settings openqa_amqp_publisher_prefix: org.fedoraproject.{{ fedmsg_env }} openqa_amqp_publisher_url: "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub" # openQA isn't very ssl-aware here, so we're abusing its URL construction # to stuff the cert and key values in here openqa_amqp_publisher_exchange: "amq.topic&cacertfile=/etc/fedora-messaging/cacert{{ openqa_env_suffix }}.pem&certfile=/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem&keyfile=/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem" # fedora-messaging job scheduler settings: most of these are the same # for prod and stg as they both must listen for prod messages. Only # the queue names differs openqa_amqp_scheduler_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub" openqa_amqp_scheduler_cacert: /etc/fedora-messaging/cacert.pem openqa_amqp_scheduler_key: /etc/pki/fedora-messaging/openqa-key.pem openqa_amqp_scheduler_cert: /etc/pki/fedora-messaging/openqa-cert.pem openqa_amqp_scheduler_queue: "openqa{{ openqa_env_suffix }}_scheduler" openqa_amqp_scheduler_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change", "org.fedoraproject.prod.bodhi.update.request.testing", "org.fedoraproject.prod.bodhi.update.edit"] # fedora-messaging reporter settings openqa_amqp_reporter_url: "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub" openqa_amqp_reporter_cacert: /etc/fedora-messaging/cacert{{ openqa_env_suffix }}.pem openqa_amqp_reporter_key: /etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem openqa_amqp_reporter_cert: /etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem # fedora-messaging resultsdb reporter settings openqa_amqp_resultsdb_reporter_queue: "openqa{{ openqa_env_suffix }}_resultsdb_reporter" openqa_amqp_resultsdb_reporter_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] # fedora-messaging wiki reporter settings openqa_amqp_wiki_reporter_queue: "openqa{{ openqa_env_suffix }}_wiki_reporter" openqa_amqp_wiki_reporter_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"] # fedora-messaging email error reporting settings openqa_amqp_mailto: ["adamwill@fedoraproject.org", "lruzicka@fedoraproject.org"] openqa_amqp_smtp: bastion # http and NFS tcp_ports: [80, 2049] # These people get told when something goes wrong. fedmsg_error_recipients: - adamwill@fedoraproject.org - lruzicka@fedoraproject.org # These are consumed by a task in roles/fedmsg/base/main.yml fedmsg_certs: - service: shell owner: root group: sysadmin can_send: - logger.log - service: openqa owner: root group: geekotest can_send: - openqa.comment.create - openqa.comment.update - openqa.comment.delete - openqa.job.create - openqa.job.delete - openqa.job.cancel - openqa.job.duplicate - openqa.job.restart - openqa.jobs.restart - openqa.job.update.result - openqa.job.done - service: ci owner: root group: geekotest can_send: - ci.productmd-compose.test.queued - ci.productmd-compose.test.running - ci.productmd-compose.test.complete - ci.productmd-compose.test.error # we need this to log with fedmsg-logger fedmsg_active: True