From 60dbdd00cffcfa3c19ec056f3e9e8eacf00fdbdb Mon Sep 17 00:00:00 2001 From: Ralph Bean Date: Fri, 12 Jun 2015 16:27:31 +0000 Subject: Try dynamically generating some fedmsg config from group/host vars in staging. --- roles/fedmsg/base/templates/base.py.j2 | 6 +----- roles/fedmsg/base/templates/policy.py.j2 | 11 +++++++++++ 2 files changed, 12 insertions(+), 5 deletions(-) (limited to 'roles/fedmsg') diff --git a/roles/fedmsg/base/templates/base.py.j2 b/roles/fedmsg/base/templates/base.py.j2 index 8a4427a22..c04852b0d 100644 --- a/roles/fedmsg/base/templates/base.py.j2 +++ b/roles/fedmsg/base/templates/base.py.j2 @@ -1,11 +1,7 @@ config = dict( # Set this to dev if you're hacking on fedmsg or an app locally. # Set to stg or prod if running in the Fedora Infrastructure. - {% if env == 'staging' %} - environment="stg", - {% else %} - environment="prod", - {% endif %} + environment="{{ fedmsg_env }}", # Most hosts will be "false" here indicating that if they publish messages, # they will passively bind to ports and have other consuming services diff --git a/roles/fedmsg/base/templates/policy.py.j2 b/roles/fedmsg/base/templates/policy.py.j2 index 3e2212cde..85c0739cf 100644 --- a/roles/fedmsg/base/templates/policy.py.j2 +++ b/roles/fedmsg/base/templates/policy.py.j2 @@ -216,6 +216,17 @@ config = dict( topic_prefix + "announce.announcement": [ "announce-lockbox01.phx2.fedoraproject.org", ], + + {% if env == 'staging' %} + # ** policy dynamically generated from inventory vars + # See ansible/filter_plugins/fedmsg.py for this inversion filter. + {% for topic, certs in hostvars | invert_fedmsg_authz_policy %} + "{{topic}}": [ + {% for cert in certs %} + "{{ cert }}",{% endfor %} + ], + {% endfor %} + {% endif %} }, ) -- cgit