diff --git a/.github/workflows/yamllint.yaml b/.github/workflows/yamllint.yaml index c95e0f94..afde2891 100644 --- a/.github/workflows/yamllint.yaml +++ b/.github/workflows/yamllint.yaml @@ -43,7 +43,6 @@ jobs: with: jsonSchemaFile: workflows/.workflow_with_description.schema.json yamlFiles: | - workflows/argo-events/secrets/*.y*ml workflows/argo-events/sensors/*.y*ml workflows/argo-events/eventsources/*.y*ml workflows/argo-events/roles/*.y*ml diff --git a/workflows/openstack/argo-rabbitmq.yaml b/workflows/openstack/argo-rabbitmq.yaml deleted file mode 100644 index 373926ed..00000000 --- a/workflows/openstack/argo-rabbitmq.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -apiVersion: rabbitmq.com/v1beta1 -kind: User -metadata: - name: argo -spec: - rabbitmqClusterReference: - name: rabbitmq # rabbitmqCluster must exist in the same namespace as this resource - namespace: openstack ---- -apiVersion: rabbitmq.com/v1beta1 -kind: Permission -metadata: - name: argo-to-ironic-permission -spec: - vhost: "ironic" - userReference: - name: "argo" # name of a user.rabbitmq.com in the same namespace; must specify either spec.userReference or spec.user - permissions: - write: ".*" - configure: ".*" - read: ".*" - rabbitmqClusterReference: - name: rabbitmq # rabbitmqCluster must exist in the same namespace as this resource - namespace: openstack ---- -apiVersion: rabbitmq.com/v1beta1 -kind: Permission -metadata: - name: argo-to-keystone-permission -spec: - vhost: "keystone" - userReference: - name: "argo" # name of a user.rabbitmq.com in the same namespace; must specify either spec.userReference or spec.user - permissions: - write: ".*" - configure: ".*" - read: ".*" - rabbitmqClusterReference: - name: rabbitmq # rabbitmqCluster must exist in the same namespace as this resource - namespace: openstack diff --git a/workflows/openstack/eventbus-default.yaml b/workflows/openstack/eventbus-default.yaml index 59cbf64f..d9412a00 100644 --- a/workflows/openstack/eventbus-default.yaml +++ b/workflows/openstack/eventbus-default.yaml @@ -25,14 +25,3 @@ spec: # storageClassName: standard # accessMode: ReadWriteOnce # volumeSize: 10Gi ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventbus-default-pdb -spec: - maxUnavailable: 1 - selector: - matchLabels: - controller: eventbus-controller - eventbus-name: default diff --git a/workflows/openstack/openstack-event-source.yaml b/workflows/openstack/eventsource-openstack-ironic.yaml similarity index 50% rename from workflows/openstack/openstack-event-source.yaml rename to workflows/openstack/eventsource-openstack-ironic.yaml index 4e71dfe5..be6db402 100644 --- a/workflows/openstack/openstack-event-source.yaml +++ b/workflows/openstack/eventsource-openstack-ironic.yaml @@ -33,39 +33,3 @@ spec: password: name: argo-user-credentials key: password ---- -apiVersion: argoproj.io/v1alpha1 -kind: EventSource -metadata: - name: openstack-keystone -spec: - amqp: - notifications: - # amqp server url - url: amqp://rabbitmq-server-0.rabbitmq-nodes.openstack.svc.cluster.local:5672/keystone - # jsonBody specifies that all event body payload coming from this - # source will be JSON - jsonBody: true - # name of the exchange. - exchangeName: keystone - exchangeType: topic - exchangeDeclare: - durable: false - # routing key for messages within the exchange - routingKey: 'notifications.info' - # optional consume settings - # if not provided, default values will be used - consume: - consumerTag: "argo-events" - autoAck: true - exclusive: false - noLocal: false - # username and password for authentication - # use secret selectors - auth: - username: - name: argo-user-credentials - key: username - password: - name: argo-user-credentials - key: password diff --git a/workflows/openstack/eventsource-openstack-keystone.yaml b/workflows/openstack/eventsource-openstack-keystone.yaml new file mode 100644 index 00000000..86d1d445 --- /dev/null +++ b/workflows/openstack/eventsource-openstack-keystone.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: EventSource +metadata: + name: openstack-keystone +spec: + amqp: + notifications: + # amqp server url + url: amqp://rabbitmq-server-0.rabbitmq-nodes.openstack.svc.cluster.local:5672/keystone + # jsonBody specifies that all event body payload coming from this + # source will be JSON + jsonBody: true + # name of the exchange. + exchangeName: keystone + exchangeType: topic + exchangeDeclare: + durable: false + # routing key for messages within the exchange + routingKey: 'notifications.info' + # optional consume settings + # if not provided, default values will be used + consume: + consumerTag: "argo-events" + autoAck: true + exclusive: false + noLocal: false + # username and password for authentication + # use secret selectors + auth: + username: + name: argo-user-credentials + key: username + password: + name: argo-user-credentials + key: password diff --git a/workflows/openstack/kustomization.yaml b/workflows/openstack/kustomization.yaml index f868905a..3085c5a4 100644 --- a/workflows/openstack/kustomization.yaml +++ b/workflows/openstack/kustomization.yaml @@ -4,8 +4,12 @@ kind: Kustomization namespace: openstack resources: - - argo-rabbitmq.yaml - eventbus-default.yaml - - openstack-event-source.yaml + - eventsource-openstack-ironic.yaml + - eventsource-openstack-keystone.yaml + - poddisruptionbudget-eventbus-default-pdb.yaml + - rabbitmq-permission-argo-to-ironic-permission.yaml + - rabbitmq-permission-argo-to-keystone-permission.yaml + - rabbitmq-user-argo.yaml - sensor-keystone-event-project.yaml - serviceaccount-sensor-submit-workflow.yaml diff --git a/workflows/openstack/poddisruptionbudget-eventbus-default-pdb.yaml b/workflows/openstack/poddisruptionbudget-eventbus-default-pdb.yaml new file mode 100644 index 00000000..90bb443e --- /dev/null +++ b/workflows/openstack/poddisruptionbudget-eventbus-default-pdb.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: eventbus-default-pdb +spec: + maxUnavailable: 1 + selector: + matchLabels: + controller: eventbus-controller + eventbus-name: default diff --git a/workflows/openstack/rabbitmq-permission-argo-to-ironic-permission.yaml b/workflows/openstack/rabbitmq-permission-argo-to-ironic-permission.yaml new file mode 100644 index 00000000..be96937b --- /dev/null +++ b/workflows/openstack/rabbitmq-permission-argo-to-ironic-permission.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: rabbitmq.com/v1beta1 +kind: Permission +metadata: + name: argo-to-ironic-permission +spec: + vhost: "ironic" + userReference: + name: "argo" # name of a user.rabbitmq.com in the same namespace; must specify either spec.userReference or spec.user + permissions: + write: ".*" + configure: ".*" + read: ".*" + rabbitmqClusterReference: + name: rabbitmq # rabbitmqCluster must exist in the same namespace as this resource + namespace: openstack diff --git a/workflows/openstack/rabbitmq-permission-argo-to-keystone-permission.yaml b/workflows/openstack/rabbitmq-permission-argo-to-keystone-permission.yaml new file mode 100644 index 00000000..ba1bc606 --- /dev/null +++ b/workflows/openstack/rabbitmq-permission-argo-to-keystone-permission.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: rabbitmq.com/v1beta1 +kind: Permission +metadata: + name: argo-to-keystone-permission +spec: + vhost: "keystone" + userReference: + name: "argo" # name of a user.rabbitmq.com in the same namespace; must specify either spec.userReference or spec.user + permissions: + write: ".*" + configure: ".*" + read: ".*" + rabbitmqClusterReference: + name: rabbitmq # rabbitmqCluster must exist in the same namespace as this resource + namespace: openstack diff --git a/workflows/openstack/rabbitmq-user-argo.yaml b/workflows/openstack/rabbitmq-user-argo.yaml new file mode 100644 index 00000000..bbcccd9b --- /dev/null +++ b/workflows/openstack/rabbitmq-user-argo.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: rabbitmq.com/v1beta1 +kind: User +metadata: + name: argo +spec: + rabbitmqClusterReference: + name: rabbitmq # rabbitmqCluster must exist in the same namespace as this resource + namespace: openstack