| |
@@ -54,7 +54,7 @@
|
| |
Virtual topic namespace
|
| |
-----------------------
|
| |
|
| |
- The messages will use unique UMB virtual topic namespaces to mitigate
|
| |
+ The messages will use unique UMB virtual topic hierarchies to mitigate
|
| |
collisions with other systems:
|
| |
|
| |
UMB: /topic/VirtualTopic.eng.ci
|
| |
@@ -66,8 +66,15 @@
|
| |
For all the tests on all the artifacts the systems will use this
|
| |
topic naming convention:
|
| |
|
| |
- UMB: /topic/VirtualTopic.eng.ci.<artifact>.<event>.{queued,running,complete,error}
|
| |
- fedmsg: org.fedoraproject.prod.ci.<artifact>.<event>.{queued,running,complete,error}
|
| |
+ UMB: /topic/VirtualTopic.eng.ci.<namespace>.<artifact>.<event>.{queued,running,complete,error}
|
| |
+ fedmsg: org.fedoraproject.prod.ci.<namespace>.<artifact>.<event>.{queued,running,complete,error}
|
| |
+
|
| |
+ where `namespace` is any string that denotes the source of the message, required to be able to use
|
| |
+ AMQP ACLs to secure publication rights between various publishing teams, for example:
|
| |
+
|
| |
+ * osci - a message from the "Operating System CI" team's systems.
|
| |
+ * cvp - a message from the "Container Verification Pipeline".
|
| |
+ * art - a message from the jenkins master belonging to the "Automatic Release Team".
|
| |
|
| |
where `artifact` is one of the defined build artifacts, for
|
| |
example:
|
| |
@@ -84,6 +91,12 @@
|
| |
* test - for testing progression and results
|
| |
* gate - for gating events of artifacts, i.e. events blocking progression of the artifact in the release pipeline
|
| |
|
| |
+ Note that an older version of this schema omitted the `namespace` field. Messages bearing those
|
| |
+ topics will still appear for some time while teams migrate to the modern topic structure above.
|
| |
+
|
| |
+ UMB: /topic/VirtualTopic.eng.ci.<artifact>.<event>.{queued,running,complete,error}
|
| |
+ fedmsg: org.fedoraproject.prod.ci.<artifact>.<event>.{queued,running,complete,error}
|
| |
+
|
| |
Message Anatomy
|
| |
---------------
|
| |
|
| |
The point of this change is to allow sensible ACLs controlling who can publish
what kind of message.
Today, a publishing client is granted access to publish to a topic hierarchy
(say, ci.>) which allows one publisher to write test results that we would
expect to come from a different publisher. The new namespace in the topic
hierarchy allows us to reduce the rights given to publisher identities such
that they can only publish test results for test cases that we would expect
(i.e., OSCI can only publish osci.* test cases.)