#223 OpenShift: Final touches
Merged 2 years ago by frantisekz. Opened 2 years ago by frantisekz.

file modified
+1 -1
@@ -31,7 +31,7 @@ 

  if os.getenv('DEV') == 'true':

      app.logger.debug('Using development config')

      app.config.from_object('blockerbugs.config.DevelopmentConfig')

- elif os.getenv('TEST') == 'true' or openshift == "0":

+ elif os.getenv('TEST') == 'true':

      app.logger.debug('Using testing config')

      app.config.from_object('blockerbugs.config.TestingConfig')

  else:

file modified
+34 -23
@@ -108,7 +108,7 @@ 

  

  

  def openshift_config(config_object, openshift_production):

-     # First, get db details from env

+     # First, get db and other mandatory details from env

      try:

          config_object["SQLALCHEMY_DATABASE_URI"] = "postgresql+psycopg2://%s:%s@%s:%s/%s" % (

              os.environ["POSTGRESQL_USER"],
@@ -117,32 +117,43 @@ 

              os.environ["POSTGRESQL_SERVICE_PORT"],

              os.environ["POSTGRESQL_DATABASE"]

          )

+         config_object["BLOCKERBUGS_URL"] = os.environ["BLOCKERBUGS_URL"]

          config_object["SECRET_KEY"] = os.environ["SECRET_KEY"]

      except(KeyError):

          print("OpenShift mode enabled but required values couldn't be fetched. "

                "Check, if you have these variables defined in you env: "

-               "(POSTGRESQL_[USER, PASSWORD, DATABASE, SERVICE_HOST, SERVICE_PORT], SECRET_KEY)", file=sys.stderr)

+               "(POSTGRESQL_[USER, PASSWORD, DATABASE, SERVICE_HOST, SERVICE_PORT], "

+               "SECRET_KEY, BLOCKERBUGS_URL)", file=sys.stderr)

          sys.exit(1)

  

      # And then try to get more data from OpenShift env

-     try:

-         config_object["FAS_PASSWORD"] = os.environ["FAS_PASSWORD"]

-         config_object["FAS_USER"] = os.environ["FAS_USER"]

-         config_object["FAS_ADMIN_GROUP"] = os.environ["FAS_ADMIN_GROUP"]

-         config_object["PAGURE_REPO_TOKEN"] = os.environ["PAGURE_REPO_TOKEN"]

-         config_object["PAGURE_REPO_WEBHOOK_KEY"] = os.environ["PAGURE_REPO_WEBHOOK_KEY"]

-         config_object["PAGURE_BOT_USERNAME"] = os.environ["PAGURE_BOT_USERNAME"]

-     except(KeyError):

-         print("Expected aditional data to be defined OpenShift env: "

-               "FAS_PASSWORD, FAS_USER, FAS_ADMIN_GROUP, OPENSHIFT_PROD.", file=sys.stderr)

-         # In production OpenShift, exit on missing additional details

-         if openshift_production == "1":

-             sys.exit(1)

- 

-     # Get some more data from OpenShift, if set

-     if os.getenv("PAGURE_BOT_ENABLED") == 0:

-         config_object["PAGURE_BOT_ENABLED"] = False

-     if os.getenv("PAGURE_URL"):

-         config_object["PAGURE_URL"] = os.getenv("PAGURE_URL")

-     if os.getenv("PAGURE_API"):

-         config_object["PAGURE_API"] = os.getenv("PAGURE_API")

+     additional_env_keys = ["FAS_PASSWORD", "FAS_USER", "FAS_ADMIN_GROUP", "PAGURE_REPO_TOKEN", "PAGURE_REPO_WEBHOOK_KEY",

+                            "PAGURE_REPO", "PAGURE_BOT_USERNAME", "PAGURE_BOT_ENABLED", "PAGURE_URL", "PAGURE_API",

+                            "BUGZILLA_URL", "BODHI_URL"]

+     missing_data = False

+ 

+     for key in additional_env_keys:

+         try:

+             config_object[key] = os.environ[key]

+         except(KeyError):

+             print("Expected aditional data to be defined OpenShift env: %s" % key, file=sys.stderr)

+             missing_data = True

+     if missing_data:

+         sys.exit(1)

+ 

+     # Final touches to make it work flawlessly (fingers crossed)

+     # to fix login issue for folks who are part of many FAS groups

+     config_object["PREFERRED_URL_SCHEME"] = 'https'

+ 

+     # Make browsers send session cookie only via HTTPS

+     config_object["SESSION_COOKIE_SECURE"] = True

+ 

+     # Tell flask that we're behind proxy

+     config_object["BEHIND_PROXY"] = True

+ 

+     # Adjust testing config to match staging

+     if openshift_production == "0":

+         config_object["FAS_FLASK_COOKIE_REQUIRES_HTTPS"] = False

+         config_object["FAS_CHECK_CERT"] = False

+         config_object["PRODUCTION"] = False

+         config_object["FAS_ENABLED"] = True

file modified
+1
@@ -5,3 +5,4 @@ 

  gunicorn_logger.addHandler(logging.StreamHandler(sys.stdout))

  timeout = 120

  graceful_timeout = 120

+ bind = "0.0.0.0:8080"

no initial comment

Build failed. More information on how to proceed and troubleshoot errors available at https://fedoraproject.org/wiki/Zuul-based-ci

1 new commit added

  • OpenShift: specify bind in gunicorn.cfg
2 years ago

Build failed. More information on how to proceed and troubleshoot errors available at https://fedoraproject.org/wiki/Zuul-based-ci

rebased onto fbb6de7

2 years ago

Build succeeded.

I'm not completely happy that we're including so much deployment-related stuff in a project source repo, that feels wrong. It seems that all the openshift config files etc should be created by some openshift deployment script, or stored in infra ansible or similar. But hey, that's not a problem of this particular PR. So ack.

Pull-Request has been merged by frantisekz

2 years ago