PR#2085: fedora-image-uploader: Add AWS configuration for staging - fedora-infra/ansible

Jeremy Cline • a year ago

2e2d141

Jeremy Cline • a year ago

858ab49

file modified

		`@@ -98,6 +98,11 @@`
		`template: secret.yml`
		`objectname: secret.yml`

		`+ - role: openshift/object`
		`+ app: cloud-image-uploader`
		`+ template: aws-secrets.yml`
		`+ objectname: aws-secrets.yml`
		`+`
		`- role: openshift/start-build`
		`app: cloud-image-uploader`
		`buildname: cloud-image-uploader-build`

file added

+14

		`@@ -0,0 +1,14 @@`
		`+ apiVersion: v1`
		`+ kind: Secret`
		`+ metadata:`
		`+ name: "aws-credentials"`
		`+ labels:`
		`+ app: "cloud-image-uploader"`
		`+ stringData:`
		`+ {% if env == 'staging' %}`
		`+ access_key_id: "{{fedimg_aws_stg_access_id}}"`
		`+ secret_access_key: "{{fedimg_aws_stg_secret_key}}"`
		`+ {% else %}`
		`+ access_key_id: "{{fedimg_aws_prod_access_id}}"`
		`+ secret_access_key: "{{fedimg_aws_prod_secret_key}}"`
		`+ {% endif %}`

file modified

+36

		`@@ -33,6 +33,42 @@`
		`exclusive = false`
		`arguments = {}`

		`+ # For now, just enable AWS support in staging.`
		`+ {% if env == "staging" %}`
		`+ [consumer_config.aws]`
		`+ base_region = "us-east-1"`
		`+ s3_bucket_name = "fedora-s3-bucket-fedimg-testing"`
		`+ ami_description = ""`
		`+ ami_volume_dev_name = "/dev/sda1"`
		`+ ami_volume_type = "gp3"`
		`+ ami_volume_size = {{ aws_volume_size }}`
		`+ ami_regions = [`
		`+ "af-south-1",`
		`+ "eu-north-1",`
		`+ "ap-south-1",`
		`+ "eu-west-3",`
		`+ "eu-west-2",`
		`+ "eu-south-1",`
		`+ "eu-west-1",`
		`+ "ap-northeast-3",`
		`+ "ap-northeast-2",`
		`+ "me-south-1",`
		`+ "ap-northeast-1",`
		`+ "sa-east-1",`
		`+ "ca-central-1",`
		`+ "ap-east-1",`
		`+ "ap-southeast-1",`
		`+ "ap-southeast-2",`
		`+ "ap-southeast-3",`
		`+ "eu-central-1",`
		`+ "us-east-1",`
		`+ "us-east-2",`
		`+ "us-west-1",`
		`+ "us-west-2",`
		`+ ]`
		`+ publish_amqp_messages = false`
		`+ {% endif %}`
		`+`
		`[consumer_config.azure]`
		`location = "eastus"`
		`{% if env == "staging" %}`

file modified

+10

		`@@ -55,6 +55,16 @@`
		`secretKeyRef:`
		`name: azure-credentials`
		`key: subscription_id`
		`+ - name: AWS_ACCESS_KEY_ID`
		`+ valueFrom:`
		`+ secretKeyRef:`
		`+ name: aws-credentials`
		`+ key: access_key_id`
		`+ - name: AWS_SECRET_ACCESS_KEY`
		`+ valueFrom:`
		`+ secretKeyRef:`
		`+ name: aws-credentials`
		`+ key: secret_access_key`
		`volumeMounts:`
		`- name: config-volume`
		`mountPath: /etc/fedora-messaging`

I'm probably going to need to tweak a bunch of these configs, this is mostly so I can see if it even works. The app config is defined in https://pagure.io/cloud-image-uploader/pull-request/25 and in https://pagure.io/fedora-infrastructure/issue/11999 it was suggested to just use the fedimg credentials.