opensourcemirror
/
fedora-ansible
mirror of https://pagure.io/fedora-infra/ansible.git
1
0
Fork 0
Code Issues Releases Wiki Activity

websites: cleaning getfedora.org deployment files

This commit is contained in:
Francois Andrieu 2023-05-03 13:46:54 +02:00 committed by zlopez
parent 5050530f94
commit 87f66a8ef6
9 changed files with 15 additions and 205 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
playbooks/openshift-apps/websites.yml
View File

@ -20,55 +20,12 @@
- darknao
- kevin
# legacy websites
- role: openshift/object
app: websites
file: pvc.yml
objectname: pvc.yml
- role: openshift/imagestream
app: websites
imagename: builder
- role: openshift/object
app: websites
template: buildconfig.yml
objectname: buildconfig.yml
- role: openshift/start-build
app: websites
buildname: websites-build
objectname: websites-build
- role: openshift/object
app: websites
template: configmap.yml
objectname: configmap.yml
- role: openshift/object
app: websites
template: cm-updatepot.yml
objectname: cm-updatepot.yml
- role: openshift/object
app: websites
template: gitconfig.yml
objectname: gitconfig.yml
- role: openshift/object
app: websites
template: sshconfig.yml
objectname: sshconfig.yml
- role: openshift/object
app: websites
template: cron.yml
objectname: cron.yml
- role: openshift/object
app: websites
template: cron-updatepot.yml
objectname: cron-updatepot.yml
- role: openshift/imagestream
app: websites
imagename: fedora-websites
@ -89,6 +46,20 @@
objectname: fedora-websites-cron.yml
# New websites 3.0
- role: openshift/imagestream
app: websites
imagename: builder
- role: openshift/object
app: websites
template: buildconfig.yml
objectname: buildconfig.yml
- role: openshift/start-build
app: websites
buildname: websites-build
objectname: websites-build
- role: openshift/object
app: websites
file: obc.yml

10
roles/openshift-apps/websites/templates/build.sh
View File

@ -1,10 +0,0 @@
#!/bin/bash -xe
cd /tmp
git clone --branch {% if env == "staging" %}staging{% else %}master{% endif %} https://pagure.io/fedora-web/websites.git
cd websites
git rev-parse HEAD
bash ./build-prod.sh /output
curl -O https://codeblock.fedorapeople.org/atomic-htaccess.py
mkdir -p out build
python atomic-htaccess.py
cp -r out/. /output/getfedora.org/

9
roles/openshift-apps/websites/templates/cm-updatepot.yml
View File

@ -1,9 +0,0 @@
{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: updatepot-scripts
data:
updatepot.sh: |-
{{ load_file('updatepot.sh') | indent() }}

11
roles/openshift-apps/websites/templates/configmap.yml
View File

@ -1,11 +0,0 @@
{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: websites-configmap
labels:
app: websites
data:
build.sh: |-
{{ load_file('build.sh') | indent() }}

47
roles/openshift-apps/websites/templates/cron-updatepot.yml
View File

@ -1,47 +0,0 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: updatepot
spec:
concurrencyPolicy: Forbid
schedule: "0 20 * * *"
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 1
activeDeadlineSeconds: 900
startingDeadlineSeconds: 300
jobTemplate:
spec:
backoffLimit: 0
template:
metadata:
labels:
parent: "updatepotcron"
spec:
containers:
- name: pushpot
image: image-registry.openshift-image-registry.svc:5000/websites/builder:latest
command:
- /bin/bash
- /scripts/updatepot.sh
volumeMounts:
- mountPath: /.gitconfig
name: gitconfig
readOnly: true
subPath: .gitconfig
- name: sshconfig
mountPath: /.ssh
readOnly: true
- name: scripts
mountPath: /scripts
restartPolicy: Never
startingDeadlineSeconds: 600
volumes:
- name: sshconfig
secret:
secretName: sshconfig
- name: gitconfig
configMap:
name: gitconfig
- name: scripts
configMap:
name: updatepot-scripts

35
roles/openshift-apps/websites/templates/cron.yml
View File

@ -1,35 +0,0 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: build
spec:
concurrencyPolicy: Forbid
schedule: "0 * * * *"
jobTemplate:
spec:
template:
metadata:
labels:
parent: "cronjobbuild"
spec:
containers:
- name: build
image: image-registry.openshift-image-registry.svc:5000/websites/builder:latest
env:
- name: BUILD_ENV
value: "{{ env_short }}"
volumeMounts:
- name: config
mountPath: /etc/websites
readOnly: true
- name: build-output
mountPath: /output
readOnly: false
restartPolicy: Never
volumes:
- name: config
configMap:
name: websites-configmap
- name: build-output
persistentVolumeClaim:
claimName: websites-storage

13
roles/openshift-apps/websites/templates/gitconfig.yml
View File

@ -1,13 +0,0 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: gitconfig
labels:
app: websites
data:
.gitconfig: |-
[user]
name = ♪ I'm a bot, bot, bot ♪
email = _update_web_trans@sundries

15
roles/openshift-apps/websites/templates/sshconfig.yml
View File

@ -1,15 +0,0 @@
---
apiVersion: v1
kind: Secret
metadata:
name: sshconfig
labels:
app: websites
stringData:
id_rsa_web_trans: |
{{ lookup('file', ssh_key_path) | indent(4) }}
config: |-
Host pagure.io
User git
IdentityFile /.ssh/id_rsa_web_trans
StrictHostKeyChecking no

21
roles/openshift-apps/websites/templates/updatepot.sh
View File

@ -1,21 +0,0 @@
#!/bin/bash
# Add OCP user to passwd
USER_ID=$(id -u)
grep -Ev ":x:${USER_ID}:" /etc/passwd > /tmp/passwd
echo "ocpuser:x:${USER_ID}:0:ocp user:/:/sbin/nologin" >> /tmp/passwd
export LD_PRELOAD=/usr/lib64/libnss_wrapper.so
export NSS_WRAPPER_PASSWD=/tmp/passwd
export NSS_WRAPPER_GROUP=/etc/group
cd /tmp
git clone https://pagure.io/fedora-web/websites.git
cd websites
for i in getfedora.org; do
pushd sites/$i/scripts
./translations-source.sh
[ -f $i.pot ] && ./push-pot.sh
popd
done