bugzilla2fedmsg SOP

Receive events from bugzilla over the RH "unified messagebus" and rebroadcast them over our own fedmsg bus.

Source code: https://github.com/fedora-infra/bugzilla2fedmsg

Contact Information

Owner: Messaging SIG, Fedora Infrastructure Team
Contact: #fedora-apps, #fedora-admin, #fedora-noc
Servers: STG/PROD Openshift Clusters
Purpose: Rebroadcast bugzilla events on our bus.

Description

bugzilla2fedmsg is a small service running as a container in Openshift in the bugzilla2fedmsg project which receives events from bugzilla via the RH "unified messagebus" and rebroadcasts them to our fedmsg bus.

Resources

[1] Ansible Playbook: https://pagure.io/fedora-infra/ansible/blob/main/f/playbooks/openshift-apps/bugzilla2fedmsg.yml
[2] Ansible Role: https://pagure.io/fedora-infra/ansible/blob/main/f/roles/openshift-apps/bugzilla2fedmsg
[3] Code: https://github.com/fedora-infra/bugzilla2fedmsg

Useful Commands

To look at logs, first authenticate with Openshift. Login to the console, and then retrieve a token. At the top right of the webconsole, click copy login command.

eg:

# Login with the token
oc login --token=sha256~_XXXXXXXXXXX --server=https://api.ocp.stg.fedoraproject.org:6443

# Switch to the bugzilla2fedmsg project
oc project bugzilla2fedmsg
Now using project "bugzilla2fedmsg" on server "https://api.ocp.stg.fedoraproject.org:6443".

# Retrieve a list of pods running in the project
oc get pods
NAME                       READY   STATUS    RESTARTS   AGE
bugzilla2fedmsg-32-58px2   1/1     Running   0          43h

# Retrieve the logs from the bugzilla2fedmsg-32-58px2 pod
oc logs -f bugzilla2fedmsg-32-58px2

To restart the service, run:

# List the deploymentconfigs in the bugzilla2fedmsg project
oc get dc
NAME              REVISION   DESIRED   CURRENT   TRIGGERED BY
bugzilla2fedmsg   32         1         1         config,image(bugzilla2fedmsg:latest)

# Start a rollout of the deploymentconfig
oc rollout start bugzilla2fedmsg

Internal Contacts

If we need to contact someone from the RH internal "unified messagebus" team, search for "unified messagebus" in source.

Getting new cert

The service authenticates to the bus via a ssl cert. They usually last for a year, then need to be reissued/refreshed.

The way to do this is:

generate a certificate signing request and key: openssl req -verbose -nodes -newkey rsa:4096 -out msg-client-fedora-prod.csr -subj "/UID=fedorainfra/OU=serviceaccounts/O=rhds/"
Using the login/password in bitwarden (ask a sysadmin-main member) login and submit the csr and get the signed cert back
check these into ansible-private under files/bugzilla2fedmsg/
run the playbook and start a new build of the container.

Want to help? Learn how to contribute to Fedora Docs ›