Skip to content

Instantly share code, notes, and snippets.

@ryanlerch

ryanlerch/bodhi-openshift.yaml

Created December 10, 2019 04:55
Show Gist options
  • Save ryanlerch/1443f49e448db307eb6f599197ef8bcf to your computer and use it in GitHub Desktop.
Save ryanlerch/1443f49e448db307eb6f599197ef8bcf to your computer and use it in GitHub Desktop.
Download ZIP
Raw
bodhi-openshift.yaml
apiVersion: template.openshift.io/v1
kind: Template
metadata:
name: bodhi-template
objects:
- apiVersion: v1
kind: Service
metadata:
labels:
app: bodhi
service: web
name: bodhi-web
spec:
ports:
- name: web
port: 8080
protocol: TCP
targetPort: 8000
- name: admin
port: 8001
protocol: TCP
targetPort: 8001
selector:
deploymentconfig: bodhi-web
sessionAffinity: None
type: ClusterIP
- apiVersion: v1
kind: Service
metadata:
labels:
app: bodhi
service: postgres
name: postgres
spec:
ports:
- name: postgres
port: 5432
protocol: TCP
targetPort: 5432
selector:
deploymentconfig: postgresql
sessionAffinity: None
type: ClusterIP
- apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
labels:
app: bodhi
service: postgres
name: postgresql
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
deploymentconfig: postgresql
strategy:
activeDeadlineSeconds: 21600
recreateParams:
post:
containerName: postgresql
execNewPod:
command:
- /bin/sh
- -c
- export PGPASSWORD=password && export PGUSER=postgres && export PGPORT=5432 && export PGHOST=postgres && export LD_LIBRARY_PATH=/opt/rh/rh-postgresql96/root/usr/lib64/:$LD_LIBRARY_PATH && export PATH=/opt/rh/rh-postgresql96/root/usr/bin:$PATH && hostname && sleep 5 && echo $PATH && psql -c 'CREATE DATABASE bodhi2;' && psql -c 'CREATE ROLE bodhi2 SUPERUSER;' && psql -c 'GRANT bodhi2 TO postgres;' && curl https://infrastructure.fedoraproject.org/infra/db-dumps/bodhi2.dump.xz -o /tmp/bodhi2.dump.xz && xzcat /tmp/bodhi2.dump.xz | psql bodhi2
failurePolicy: ignore
timeoutSeconds: 600
resources: {}
type: Recreate
template:
metadata:
labels:
app: bodhi
deploymentconfig: postgresql
spec:
containers:
- args: []
command: []
env:
- name: POSTGRESQL_USER
value: postgres
- name: POSTGRESQL_PASSWORD
value: password
image: registry.hub.docker.com/centos/postgresql-96-centos7:latest
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /usr/libexec/check-container
- --live
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
name: postgresql
ports: []
readinessProbe:
exec:
command:
- /usr/libexec/check-container
failureThreshold: 5
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/lib/pgsql/data
name: postgresql-data
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- emptyDir: {}
name: postgresql-data
test: false
triggers: []
- apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
labels:
app: bodhi
service: celery
name: bodhi-celery
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
deploymentconfig: bodhi-celery
strategy:
activeDeadlineSeconds: 21600
recreateParams:
timeoutSeconds: 600
resources: {}
type: Rolling
template:
metadata:
labels:
app: bodhi-celery
deploymentconfig: bodhi-celery
spec:
containers:
- args:
- worker
- -A
- bodhi.server.tasks.app
- -l
- info
- -Q
- celery
command:
- /usr/bin/celery
env: []
image: docker-registry.default.svc:5000/${NAMESPACE}/bodhi-base:latest
imagePullPolicy: Always
name: bodhi-celery
ports: []
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/bodhi
name: config-volume
readOnly: true
- mountPath: /httpdir
name: httpdir-volume
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 365
name: bodhi-configmap
name: config-volume
- emptyDir: {}
name: httpdir-volume
test: false
triggers:
- imageChangeParams:
automatic: true
containerNames:
- bodhi-celery
from:
kind: ImageStreamTag
name: bodhi-base:latest
namespace: ${NAMESPACE}
type: ImageChange
- type: ConfigChange
- apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
labels:
app: bodhi
service: consumer
name: bodhi-consumer
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
deploymentconfig: bodhi-consumer
strategy:
activeDeadlineSeconds: 21600
recreateParams:
timeoutSeconds: 600
resources: {}
type: Rolling
template:
metadata:
labels:
app: bodhi-consumer
deploymentconfig: bodhi-consumer
spec:
containers:
- args:
- consume
command:
- /usr/bin/fedora-messaging
env: []
image: docker-registry.default.svc:5000/${NAMESPACE}/bodhi-base:latest
imagePullPolicy: Always
name: bodhi-consumer
ports: []
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/bodhi
name: config-volume
readOnly: true
- mountPath: /httpdir
name: httpdir-volume
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 365
name: bodhi-configmap
name: config-volume
- emptyDir: {}
name: httpdir-volume
test: false
triggers:
- imageChangeParams:
automatic: true
containerNames:
- bodhi-consumer
from:
kind: ImageStreamTag
name: bodhi-base:latest
namespace: ${NAMESPACE}
type: ImageChange
- type: ConfigChange
- apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
labels:
app: bodhi
service: web
name: bodhi-web
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
deploymentconfig: bodhi-web
strategy:
activeDeadlineSeconds: 21600
recreateParams:
timeoutSeconds: 600
resources: {}
rollingParams:
intervalSeconds: 1
maxSurge: 25%
maxUnavailable: 25%
timeoutSeconds: 600
updatePeriodSeconds: 1
type: Rolling
template:
metadata:
labels:
app: bodhi-web
deploymentconfig: bodhi-web
spec:
containers:
- args:
- /etc/bodhi/production.ini
- --reload
command:
- /usr/bin/pserve-3
env: []
image: docker-registry.default.svc:5000/${NAMESPACE}/bodhi-base:latest
imagePullPolicy: Always
livenessProbe:
failureThreshold: 3
httpGet:
path: /
port: 6543
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
name: bodhi-web
ports:
- containerPort: 6543
protocol: TCP
readinessProbe:
failureThreshold: 5
httpGet:
path: /
port: 6543
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/bodhi
name: config-volume
readOnly: true
- mountPath: /httpdir
name: httpdir-volume
- args:
- /etc/bodhi/start.sh
command:
- sh
env: []
image: docker-registry.default.svc:5000/${NAMESPACE}/bodhi-base:latest
imagePullPolicy: Always
name: bodhi-static
ports:
- containerPort: 8080
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/bodhi
name: config-volume
readOnly: true
- mountPath: /httpdir
name: httpdir-volume
- args:
- -c
- /etc/bodhi/envoy.yaml
- --v2-config-only
- --service-cluster
- bodhi-envoy
command:
- /usr/local/bin/envoy
env: []
image: registry.hub.docker.com/envoyproxy/envoy-alpine:v1.8.0
imagePullPolicy: Always
name: bodhi-envoy
ports:
- containerPort: 8000
protocol: TCP
- containerPort: 8001
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/bodhi
name: config-volume
readOnly: true
- mountPath: /httpdir
name: httpdir-volume
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 365
name: bodhi-configmap
name: config-volume
- emptyDir: {}
name: httpdir-volume
test: false
triggers:
- imageChangeParams:
automatic: true
containerNames:
- bodhi-web
from:
kind: ImageStreamTag
name: bodhi-base:latest
namespace: ${NAMESPACE}
type: ImageChange
- type: ConfigChange
- apiVersion: build.openshift.io/v1
kind: BuildConfig
metadata:
labels:
build: bodhi-base
name: bodhi-base
spec:
failedBuildsHistoryLimit: 5
output:
to:
kind: ImageStreamTag
name: bodhi-base:latest
postCommit: {}
resources: {}
runPolicy: Serial
source:
dockerfile: |
FROM fedora:30
LABEL \
name="bodhi-base" \
vendor="Fedora Infrastructure" \
license="MIT"
RUN curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/files/common/fedora-infra-tags-stg.repo
# While dnf has a --nodocs, it doesen't have a --docs...
RUN sed -i '/nodocs/d' /etc/dnf/dnf.conf
RUN dnf install -y \
git \
python3-pip \
fedora-messaging \
httpd \
intltool \
python3-alembic \
python3-arrow \
python3-backoff \
python3-bleach \
python3-celery \
python3-click \
python3-colander \
python3-cornice \
python3-dogpile-cache \
python3-fedora-messaging \
python3-feedgen \
python3-jinja2 \
python3-markdown \
python3-psycopg2 \
python3-py3dns \
python3-pyasn1-modules \
python3-pylibravatar \
python3-pyramid \
python3-pyramid-fas-openid \
python3-pyramid-mako \
python3-pyramid_sawing \
python3-bugzilla \
python3-fedora \
python3-pyyaml \
python3-simplemediawiki \
python3-sqlalchemy \
python3-waitress \
python3-dnf \
python3-koji \
python3-librepo \
python3-mod_wsgi \
koji && \
dnf clean all
RUN git clone -b 5.0 https://github.com/fedora-infra/bodhi.git /srv/bodhi && \
cd /srv/bodhi && \
python3 -m pip install . --no-use-pep517 && \
python3 -m pip install pyramid_debugtoolbar && \
mkdir -p /usr/share/bodhi && \
cp /srv/bodhi/apache/bodhi.wsgi /usr/share/bodhi/bodhi.wsgi
# Set up krb5
RUN rm -f /etc/krb5.conf && \
ln -sf /etc/bodhi/krb5.conf /etc/krb5.conf && \
ln -sf /etc/keytabs/koji-keytab /etc/krb5.bodhi_bodhi.stg.fedoraproject.org.keytab
ENV USER=openshift
type: Dockerfile
strategy:
type: Docker
successfulBuildsHistoryLimit: 5
triggers: []
- apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
name: bodhi-base
spec:
lookupPolicy:
local: false
tags:
- from:
kind: DockerImage
name: docker-registry.default.svc:5000/${NAMESPACE}/bodhi-base:latest
importPolicy: {}
name: latest
referencePolicy:
type: ''
- apiVersion: v1
data:
celeryconfig.py: |
#
# Celery configuration file
# See: docs.celeryproject.org/en/latest/userguide/configuration.html
#
# Broker URL
# This might be more appropriate in prod:
# broker_url = amqps://user:password@hostname:port//vhost
# broker_use_ssl =
# keyfile=/var/ssl/private/worker-key.pem
# certfile=/var/ssl/amqp-server-cert.pem
# ca_certs=/var/ssl/myca.pem
# cert_reqs=ssl.CERT_REQUIRED
broker_url = "amqp://localhost/"
# Where the tasks are defined
imports = "bodhi.server.tasks"
# Task routing
task_routes = {
# Route the compose task to a specific queue that will only be run on hosts
# that have a Koji mount.
'compose': {'queue': 'has_koji_mount'},
}
envoy.yaml: |
admin:
access_log_path: /dev/null
address:
socket_address: { address: 0.0.0.0, port_value: 8001 }
static_resources:
listeners:
- name: ingress_http
address:
socket_address: { address: 0.0.0.0, port_value: 8000 }
filter_chains:
- filters:
- name: envoy.http_connection_manager
config:
stat_prefix: ingress_http
codec_type: auto
access_log:
- name: envoy.file_access_log
config:
path: /dev/null
route_config:
name: local_route
virtual_hosts:
- name: webxp-api_http
domains: ["*"]
routes:
- match: { prefix: "/static/v5.0" }
route: { cluster: bodhi_static }
- match: { prefix: "/"}
route: { cluster: bodhi_web }
http_filters:
- name: envoy.router
clusters:
- name: bodhi_web
connect_timeout: 0.25s
type: static
lb_policy: round_robin
hosts:
- socket_address: { address: 127.0.0.1, port_value: 6543 }
- name: bodhi_static
connect_timeout: 0.25s
type: static
lb_policy: round_robin
hosts:
- socket_address: { address: 127.0.0.1, port_value: 8080 }
httpd.conf: |
Listen 0.0.0.0:8080
ServerRoot "/httpdir"
PidFile "/httpdir/httpd.pid"
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule mime_module modules/mod_mime.so
LoadModule status_module modules/mod_status.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule version_module modules/mod_version.so
LoadModule wsgi_module modules/mod_wsgi_python3.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule mpm_event_module modules/mod_mpm_event.so
StartServers 20
ServerLimit 100
MaxRequestsPerChild 2000
MaxRequestWorkers 100
<Directory "/usr/share/doc/bodhi-docs/html/">
AllowOverride None
Require all granted
</Directory>
<Directory "/srv/bodhi/server/static/">
AllowOverride None
Require all granted
</Directory>
<Location />
Require all granted
</Location>
<Location /docs/>
Header set Cache-Control public
ExpiresDefault "access plus 1 month"
Header unset ETag
</Location>
<Location /static/>
Header set Cache-Control public
ExpiresDefault "access plus 1 month"
Header unset ETag
</Location>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
CustomLog /httpdir/accesslog combined
ErrorLog /httpdir/errorlog
LogLevel debug
TypesConfig /etc/mime.types
AddDefaultCharset UTF-8
CoreDumpDirectory /tmp
Alias /docs /usr/share/doc/bodhi-docs/html/
Alias /static/v5.0.0 /srv/bodhi/bodhi/server/static/
WSGIApplicationGroup %{GLOBAL}
WSGISocketPrefix run/wsgi
WSGIRestrictStdout Off
WSGIRestrictSignal Off
WSGIPythonOptimize 1
production.ini: |
[filter:proxy-prefix]
use = egg:PasteDeploy#prefix
prefix = /
scheme = https
# See production.ini for documentation on the settings that can be used in this file.
[app:main]
use = egg:bodhi-server
badge_ids = binary-star|both-bull-and-self-transcended-tester-viii|catching-the-bull-tester-iv|corporate-drone|corporate-overlord|corporate-shill|discovery-of-the-footprints-tester-ii|in-search-of-the-bull-tester-i|is-this-thing-on-updates-testing-i|is-this-thing-on-updates-testing-ii|is-this-thing-on-updates-testing-iii|is-this-thing-on-updates-testing-iv|it-still-works!|like-a-rock-updates-stable-i|like-a-rock-updates-stable-ii|like-a-rock-updates-stable-iii|like-a-rock-updates-stable-iv|mic-check!-updates-testing-v|missed-the-train|override,-you-say|perceiving-the-bull-tester-iii|reaching-the-source-tester-ix|return-to-society-tester-x|riding-the-bull-home-tester-vi|stop-that-update!|take-this-and-call-me-in-the-morning|taming-the-bull-tester-v|tectonic!-updates-stable-v|the-bull-transcended-tester-vii|what-goes-around-comes-around-karma-i|what-goes-around-comes-around-karma-ii|what-goes-around-comes-around-karma-iii|what-goes-around-comes-around-karma-iv|white-hat|you-can-pry-it-from-my-cold,-dead-hands
base_address = https://bodhi-web-asaleh-test.app.os.stg.fedoraproject.org/
fedora_announce_list = [email protected]
fedora_test_announce_list = [email protected]
fedora_epel_announce_list = [email protected]
fedora_epel_test_announce_list = [email protected]
dogpile.cache.backend = dogpile.cache.memory_pickle
dogpile.cache.expiration_time = 3600
fedora.mandatory_days_in_testing = 7
fedora_epel.mandatory_days_in_testing = 14
f7.status = post_beta
f7.post_beta.mandatory_days_in_testing = 7
f7.post_beta.critpath.num_admin_approvals = 0
f7.post_beta.critpath.min_karma = 2
cors_origins_ro = *
cors_origins_rw = https://bodhi-web-asaleh-test.app.os.stg.fedoraproject.org/
cors_connect_src = http://0.0.0.0:6543 http://localhost:6543 https://*.app.os.stg.fedoraproject.org/ wss://hub.fedoraproject.org:9939/
pyramid.reload_templates = true
pyramid.debug_authorization = true
pyramid.debug_notfound = true
pyramid.debug_routematch = true
pyramid.default_locale_name = en
pyramid.includes =
pyramid_debugtoolbar
debugtoolbar.hosts = 127.0.0.1 ::1
sqlalchemy.url = postgresql://postgres:password@postgres/bodhi2
authtkt.secret = changethisinproduction!
session.secret = ChangeThisSecret!!1
authtkt.secure = false
authtkt.timeout = 2592000
session.type = file
session.data_dir = %(here)s/data/sessions/data
session.lock_dir = %(here)s/data/sessions/lock
session.key = mykey
session.cookie_on_exception = true
cache.regions = default_term, second, short_term, long_term
cache.type = memory
cache.second.expire = 1
cache.short_term.expire = 60
cache.default_term.expire = 300
cache.long_term.expire = 3600
# Uncomment this line and add your username here to enable ACL rights in the development environment
# acl_dummy_committer = mattia
# If you want to test composing containers in development, it can be handy to run your own container
# registry locally. To do that, you can run a container registry like this:
#
# $ sudo docker run -e REGISTRY_STORAGE_DELETE_ENABLED=true -it -d -p 5000:5000 --restart=always --name registry registry:2
#
# The following settings should work with a local container registry as described above:
container.destination_registry = localhost:5000
skopeo.extra_copy_flags = --dest-tls-verify=false
openid.provider = https://id.stg.fedoraproject.org/openid/
openid.url = https://id.stg.fedoraproject.org/
openid_template = {username}.id.stg.fedoraproject.org
# The cache warming is annoying during development because it takes so long. Let's disable it by default.
warm_cache_on_start = false
# Celery configuration file
celery_config = %(here)s/celeryconfig.py
# Composes
compose_dir = /srv/composes/final
compose_stage_dir = /srv/composes/stage
pungi.basepath = %(here)s/devel/ci/integration/bodhi/
pungi.conf.rpm = pungi.rpm.conf.j2
pungi.conf.module = pungi.module.conf.j2
test_gating.required = True
# WaiverDB and Greenwave in vagrant are provided via docker local services
waiverdb_api_url = http://bodhi_user:pass@localhost:6544/api/v1.0
greenwave_api_url = https://greenwave.stg.fedoraproject.org/api/v1.0
#http://localhost:6545/api/v1.0
buildsystem = koji
koji_hub = https://koji.stg.fedoraproject.org/kojihub
koji_web_url = https://koji.stg.fedoraproject.org/koji/
acl_system = pagure
pagure_url = https://src.stg.fedoraproject.org/
[server:main]
use = egg:waitress#main
host = 0.0.0.0
port = 6543
trusted_proxy = 127.0.0.1
trusted_proxy_count = 1
trusted_proxy_headers = x-forwarded-for x-forwarded-host x-forwarded-proto x-forwarded-port
clear_untrusted_proxy_headers = yes
[pshell]
m = bodhi.server.models
s = bodhi.server.Session
[loggers]
keys = root, bodhi, sqlalchemy, fedora_messaging, celery, celery_worker_job
[handlers]
keys = console
[formatters]
keys = generic
[logger_root]
level = DEBUG
handlers = console
[logger_bodhi]
level = DEBUG
handlers =
qualname = bodhi
[logger_fedora_messaging]
level = INFO
handlers = console
qualname = fedora_messaging
[logger_sqlalchemy]
level = WARN
handlers =
qualname = sqlalchemy.engine
[logger_celery]
level = INFO
handlers =
qualname = celery
[logger_celery_worker_job]
level = ERROR
handlers =
qualname = celery.worker.job
propagate = 1
[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = NOTSET
formatter = generic
[formatter_generic]
format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s
start.sh: |
mkdir -p /httpdir/run
ln -s /etc/httpd/modules /httpdir/modules
truncate --size=0 /httpdir/accesslog /httpdir/errorlog
tail -qf /httpdir/accesslog /httpdir/errorlog &
exec httpd -f /etc/bodhi/httpd.conf -DFOREGROUND -DNO_DETACH
kind: ConfigMap
metadata:
name: bodhi-configmap
- apiVersion: v1
data:
production.ini: |
[filter:proxy-prefix]
use = egg:PasteDeploy#prefix
prefix = /
scheme = https
# See production.ini for documentation on the settings that can be used in this file.
[app:main]
use = egg:bodhi-server
badge_ids = binary-star|both-bull-and-self-transcended-tester-viii|catching-the-bull-tester-iv|corporate-drone|corporate-overlord|corporate-shill|discovery-of-the-footprints-tester-ii|in-search-of-the-bull-tester-i|is-this-thing-on-updates-testing-i|is-this-thing-on-updates-testing-ii|is-this-thing-on-updates-testing-iii|is-this-thing-on-updates-testing-iv|it-still-works!|like-a-rock-updates-stable-i|like-a-rock-updates-stable-ii|like-a-rock-updates-stable-iii|like-a-rock-updates-stable-iv|mic-check!-updates-testing-v|missed-the-train|override,-you-say|perceiving-the-bull-tester-iii|reaching-the-source-tester-ix|return-to-society-tester-x|riding-the-bull-home-tester-vi|stop-that-update!|take-this-and-call-me-in-the-morning|taming-the-bull-tester-v|tectonic!-updates-stable-v|the-bull-transcended-tester-vii|what-goes-around-comes-around-karma-i|what-goes-around-comes-around-karma-ii|what-goes-around-comes-around-karma-iii|what-goes-around-comes-around-karma-iv|white-hat|you-can-pry-it-from-my-cold,-dead-hands
base_address = https://bodhi-web-asaleh-test.app.os.stg.fedoraproject.org/
fedora_announce_list = [email protected]
fedora_test_announce_list = [email protected]
fedora_epel_announce_list = [email protected]
fedora_epel_test_announce_list = [email protected]
dogpile.cache.backend = dogpile.cache.memory_pickle
dogpile.cache.expiration_time = 3600
fedora.mandatory_days_in_testing = 7
fedora_epel.mandatory_days_in_testing = 14
f7.status = post_beta
f7.post_beta.mandatory_days_in_testing = 7
f7.post_beta.critpath.num_admin_approvals = 0
f7.post_beta.critpath.min_karma = 2
cors_origins_ro = *
cors_origins_rw = https://bodhi-web-asaleh-test.app.os.stg.fedoraproject.org/
cors_connect_src = http://0.0.0.0:6543 http://localhost:6543 https://*.app.os.stg.fedoraproject.org/ wss://hub.fedoraproject.org:9939/
pyramid.reload_templates = true
pyramid.debug_authorization = true
pyramid.debug_notfound = true
pyramid.debug_routematch = true
pyramid.default_locale_name = en
pyramid.includes =
pyramid_debugtoolbar
debugtoolbar.hosts = 127.0.0.1 ::1
sqlalchemy.url = postgresql://postgres:password@postgres/bodhi2
authtkt.secret = changethisinproduction!
session.secret = ChangeThisSecret!!1
authtkt.secure = false
authtkt.timeout = 2592000
session.type = file
session.data_dir = %(here)s/data/sessions/data
session.lock_dir = %(here)s/data/sessions/lock
session.key = mykey
session.cookie_on_exception = true
cache.regions = default_term, second, short_term, long_term
cache.type = memory
cache.second.expire = 1
cache.short_term.expire = 60
cache.default_term.expire = 300
cache.long_term.expire = 3600
# Uncomment this line and add your username here to enable ACL rights in the development environment
# acl_dummy_committer = mattia
# If you want to test composing containers in development, it can be handy to run your own container
# registry locally. To do that, you can run a container registry like this:
#
# $ sudo docker run -e REGISTRY_STORAGE_DELETE_ENABLED=true -it -d -p 5000:5000 --restart=always --name registry registry:2
#
# The following settings should work with a local container registry as described above:
container.destination_registry = localhost:5000
skopeo.extra_copy_flags = --dest-tls-verify=false
openid.provider = https://id.stg.fedoraproject.org/openid/
openid.url = https://id.stg.fedoraproject.org/
openid_template = {username}.id.stg.fedoraproject.org
# The cache warming is annoying during development because it takes so long. Let's disable it by default.
warm_cache_on_start = false
# Celery configuration file
celery_config = %(here)s/celeryconfig.py
# Composes
compose_dir = /srv/composes/final
compose_stage_dir = /srv/composes/stage
pungi.basepath = %(here)s/devel/ci/integration/bodhi/
pungi.conf.rpm = pungi.rpm.conf.j2
pungi.conf.module = pungi.module.conf.j2
test_gating.required = True
# WaiverDB and Greenwave in vagrant are provided via docker local services
waiverdb_api_url = http://bodhi_user:pass@localhost:6544/api/v1.0
greenwave_api_url = https://greenwave.stg.fedoraproject.org/api/v1.0
#http://localhost:6545/api/v1.0
buildsystem = koji
koji_hub = https://koji.stg.fedoraproject.org/kojihub
koji_web_url = https://koji.stg.fedoraproject.org/koji/
acl_system = pagure
pagure_url = https://src.stg.fedoraproject.org/
[server:main]
use = egg:waitress#main
host = 0.0.0.0
port = 6543
trusted_proxy = 127.0.0.1
trusted_proxy_count = 1
trusted_proxy_headers = x-forwarded-for x-forwarded-host x-forwarded-proto x-forwarded-port
clear_untrusted_proxy_headers = yes
[pshell]
m = bodhi.server.models
s = bodhi.server.Session
[loggers]
keys = root, bodhi, sqlalchemy, fedora_messaging, celery, celery_worker_job
[handlers]
keys = console
[formatters]
keys = generic
[logger_root]
level = DEBUG
handlers = console
[logger_bodhi]
level = DEBUG
handlers =
qualname = bodhi
[logger_fedora_messaging]
level = INFO
handlers = console
qualname = fedora_messaging
[logger_sqlalchemy]
level = WARN
handlers =
qualname = sqlalchemy.engine
[logger_celery]
level = INFO
handlers =
qualname = celery
[logger_celery_worker_job]
level = ERROR
handlers =
qualname = celery.worker.job
propagate = 1
[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = NOTSET
formatter = generic
[formatter_generic]
format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s
kind: ConfigMap
metadata:
name: bodhi-dev-ini
- apiVersion: route.openshift.io/v1
kind: Route
metadata:
labels:
app: bodhi
service: web
name: bodhi-web
spec:
host: bodhi-web-${NAMESPACE}.${APPDOMAIN}
port:
targetPort: web
tls:
termination: edge
to:
kind: Service
name: bodhi-web
weight: 100
wildcardPolicy: None
parameters:
- description: Namespace, mostly for image building
name: NAMESPACE
value: asaleh-test
- description: Domain to serve apps on
name: APPDOMAIN
value: app.os.stg.fedoraproject.org
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment