WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d23b6f2d9b33a21076fbf4ecb17dce3a58cfd6f5
fedora-infra_ansible/playbooks/openshift-apps/openscanhub.yml
Aurélien Bompard d23b6f2d9b s/user_username/user_name/g 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-12-03 11:12:47 +01:00

177 lines
5.7 KiB
YAML
Raw Blame History

---
- name: OpenScanHub
hosts: os_control[0]:os_control_stg[0]
user: root
gather_facts: false
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- /srv/private/ansible/vars.yml
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
vars:
- ocp4: true
- openscanhub_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.openscanhub\..*
pre_tasks:
- name: Include Global Variables
ansible.builtin.include_vars:
dir: /srv/web/infra/ansible/vars/all/
ignore_files: README
roles:
- role: openshift/project
project_app: openscanhub
project_description: openscanhub
project_appowners:
- praiskup
- svashisht
- kevin
- zlopez
tags:
- apply-appowners
when: env == "production"
- role: openshift/project
project_app: openscanhub
project_description: openscanhub
project_appowners:
- praiskup
- svashisht
- kevin
- zlopez
tags:
- apply-appowners
when: env == "staging"
- role: openshift/object
object_app: openscanhub
object_template: pvc-var-lib-osh.yml
object_objectname: pvc-var-lib-osh
- role: openshift/object
object_app: openscanhub
object_template: settings-local-configmap.yml
object_objectname: settings-local-configmap
- role: openshift/object
object_app: openscanhub
object_template: osh-hub-httpd-configmap.yml
object_objectname: osh-hub-httpd-configmap
- role: openshift/keytab
keytab_app: openscanhub
keytab_key: service.keytab
keytab_secret_name: openscanhub-keytab
keytab_service: HTTP
keytab_host: "openscanhub.stg.fedoraproject.org"
when: env == "staging"
- role: openshift/keytab
keytab_app: openscanhub
keytab_key: service.keytab
keytab_secret_name: openscanhub-keytab
keytab_service: HTTP
keytab_host: "openscanhub.fedoraproject.org"
when: env == "production"
- role: openshift/object
object_app: openscanhub
object_template: deployment-fedora-osh-hub.yml
object_objectname: deployment-fedora-osh-hub
- role: openshift/object
object_app: openscanhub
object_template: route-fedora-osh-hub.yml
object_objectname: route-fedora-osh-hub
- role: openshift/object
object_app: openscanhub
object_file: service-fedora-osh-hub.yml
object_objectname: service-fedora-osh-hub
# Configurations for redis.
- role: openshift/object
object_app: openscanhub
object_template: pvc-var-lib-redis-data.yml
object_objectname: pvc-var-lib-redis-data
- role: openshift/object
object_app: openscanhub
object_file: deployment-redis.yml
object_objectname: deployment-redis
- role: openshift/object
object_app: openscanhub
object_file: route-redis.yml
object_objectname: route-redis
- role: openshift/object
object_app: openscanhub
object_file: service-redis.yml
object_objectname: service-redis
# Configurations for resalloc-server.
- role: openshift/object
object_app: openscanhub
object_template: etc-resallocserver-server-configmap.yml
object_objectname: etc-resallocserver-server-configmap
- role: openshift/object
object_app: openscanhub
object_template: etc-resallocserver-pools-configmap.yml
object_objectname: etc-resallocserver-pools-configmap
- role: openshift/object
object_app: openscanhub
object_template: vm-provisioning-configmap.yml
object_objectname: vm-provisioning-configmap
- role: openshift/object
object_app: openscanhub
object_template: aws-credentials-configmap.yml
object_objectname: aws-credentials-configmap
- role: openshift/object
object_app: openscanhub
object_template: aws-openscanhub-key.yml
object_objectname: aws-openscanhub-key
- role: openshift/object
object_app: openscanhub
object_template: deployment-resalloc-server.yml
object_objectname: deployment-resalloc-server
- role: openshift/object
object_app: openscanhub
object_template: route-resalloc-server.yml
object_objectname: route-resalloc-server
- role: openshift/object
object_app: openscanhub
object_template: service-resalloc-server.yml
object_objectname: service-resalloc-server
# Configurations for Fedora messaging
- role: rabbit/user
user_name: "openscanhub{{ env_suffix }}"
user_sent_topics: "{{ openscanhub_sent_topics }}"
- role: rabbit/queue
username: "openscanhub{{ env_suffix }}"
queue_name: "openscanhub{{ env_suffix }}"
routing_keys: "org.fedoraproject.*.openscanhub.scan.started"
thresholds:
warning: 10
critical: 100
sent_topics: "{{ openscanhub_sent_topics }}"
- role: openshift/secret-file
secret_file_app: openscanhub
secret_file_secret_name: openscanhub-fedora-messaging-ca
secret_file_key: fedora-messaging-openscanhub-ca.crt
secret_file_privatefile: "rabbitmq/{{env}}/pki/ca.crt"
- role: openshift/secret-file
secret_file_app: openscanhub
secret_file_secret_name: openscanhub-fedora-messaging-key
secret_file_key: fedora-messaging-openscanhub.key
secret_file_privatefile: "rabbitmq/{{env}}/pki/private/openscanhub{{env_suffix}}.key"
- role: openshift/secret-file
secret_file_app: openscanhub
secret_file_secret_name: openscanhub-fedora-messaging-cert
secret_file_key: fedora-messaging-openscanhub.crt
secret_file_privatefile: "rabbitmq/{{env}}/pki/issued/openscanhub{{env_suffix}}.crt"
- role: openshift/object
object_app: openscanhub
object_template: fedora-messaging-configmap.yml
object_objectname: fedora-messaging-configmap
# sudo rbac-playbook -l staging -t delete openshift-apps/openscanhub.yml
- role: openshift/object-delete
object_delete_app: openscanhub
object_delete_objecttype: project
object_delete_objectname: openscanhub
tags: [never, delete]
when: env == "staging"
Reference in New Issue View Git Blame Copy Permalink