From f728bc758a0dc16885d350aae2a6bac0612a21f3 Mon Sep 17 00:00:00 2001 From: lrossett Date: Dec 10 2020 13:57:41 +0000 Subject: fedora messaging docs --- diff --git a/README.md b/README.md index d5944fb..373d4fa 100644 --- a/README.md +++ b/README.md @@ -2,3 +2,6 @@ This repository aims to contain several procedures for the centos steam team members. +## Index + +[Fedora Messaging](./fedora-messaging/README.md) diff --git a/fedora-messaging/README.md b/fedora-messaging/README.md new file mode 100644 index 0000000..4ee0bb5 --- /dev/null +++ b/fedora-messaging/README.md @@ -0,0 +1,26 @@ +# Fedora Messaging + +## Requesting Access + +What needs to be done: + +* Request certificates from the fedora infrastructure team; +* Ansible changes to create a new user, queue and topic in fedora messaging. + +You can request a new certificate and a private key by opening a fedora infrastructure ticket: https://pagure.io/fedora-infrastructure (Example: https://pagure.io/fedora-infrastructure/issue/9494). + +The ticket should request a new username for fedora messaging (either prod or stg) - the result of that ticket will be a new certificate and private key for that user (the certificate CN field should contain the requested username as its value). + +The next step is to add the new user, queue and topic binding into fedora's Rabbit MQ instance. + +This can be done by sending a pull request to their ansible repository (https://pagure.io/fedora-infra/ansible): https://pagure.io/fedora-infra/ansible/pull-request/302#request_diff. + +The topic format uses the following scheme: `org....#` where: + +* ``: source as entity, should be `centos` in our case +* ``: env is either `prod` or `stg` but you should use the ansible var `env_suffix` +* ``: the application the message belongs to, which matches your username. + +A topic for centos koji would be: `org.centos.prod.koji.#` (`#` means Rabbit MQ will match the topic as long as it starts with `org.centos.prod.koji.`). + +Those changes will also need to be run by someone from the fedora infrastructure team.