Remove artemis

development/roles/foreman_development/templates/katello.yaml.j2

@@ -11,9 +11,4 @@
     :oauth_secret: {{ candlepin_oauth_secret }}
     :ca_cert_file: {{ foreman_development_cert_dir }}/proxy_ca.pem
 
-  :candlepin_events:
-    :ssl_cert_file: {{ foreman_development_cert_dir }}/client_cert.pem
-    :ssl_key_file: {{ foreman_development_cert_dir }}/client_key.pem
-    :ssl_ca_file: {{ foreman_development_cert_dir }}/proxy_ca.pem
-
   :katello_applicability: true

src/roles/candlepin/tasks/certs.yml

@@ -10,17 +10,6 @@
     other_certificates: "{{ candlepin_ca_certificate }}"
     state: present
 
-- name: Generate truststore
-  community.crypto.openssl_pkcs12:
-    action: export
-    passphrase: "{{ candlepin_keystore_password }}"
-    path: "/root/candlepin.truststore"
-    friendly_name: 'artemis-client'
-    privatekey_path: "{{ candlepin_client_key }}"
-    certificate_path: "{{ candlepin_client_certificate }}"
-    other_certificates: "{{ candlepin_ca_certificate }}"
-    state: present
-
 - name: Create the podman secret for Candlepin CA certificate
   containers.podman.podman_secret:
     state: present
@@ -57,17 +46,6 @@
   notify:
     - Restart candlepin
 
-- name: Create the podman secret for Tomcat truststore
-  containers.podman.podman_secret:
-    state: present
-    name: candlepin-tomcat-truststore
-    path: "/root/candlepin.truststore"
-    labels:
-      filename: candlepin.truststore
-      app: tomcat
-  notify:
-    - Restart candlepin
-
 - name: Create the podman secret for the keystore password
   containers.podman.podman_secret:
     state: present

src/roles/candlepin/tasks/main.yml

@@ -47,10 +47,6 @@
   notify:
     - Restart candlepin
 
-- name: Setup artemis
-  ansible.builtin.include_tasks:
-    file: artemis.yml
-
 - name: Pull the Candlepin container image
   containers.podman.podman_image:
     name: "{{ candlepin_container_image }}:{{ candlepin_container_tag }}"
@@ -67,15 +63,9 @@
       - 'candlepin-ca-cert,target=/etc/candlepin/certs/candlepin-ca.crt,mode=0440,type=mount'
       - 'candlepin-ca-key,target=/etc/candlepin/certs/candlepin-ca.key,mode=0440,type=mount'
       - 'candlepin-tomcat-keystore,target=/etc/candlepin/certs/keystore,mode=0440,type=mount'
-      - 'candlepin-tomcat-truststore,target=/etc/candlepin/certs/truststore,mode=0440,type=mount'
       - 'candlepin-candlepin-conf,target=/etc/candlepin/candlepin.conf,mode=0440,type=mount'
-      - 'candlepin-artemis-broker-xml,target=/etc/candlepin/broker.xml,mode=440,type=mount'
       - 'candlepin-tomcat-server-xml,target=/etc/tomcat/server.xml,mode=440,type=mount'
       - 'candlepin-tomcat-conf,target=/etc/tomcat/tomcat.conf,mode=440,type=mount'
-      - 'candlepin-artemis-login-config,target=/etc/tomcat/login.config,mode=440,type=mount'
-      - 'candlepin-artemis-cert-roles-properties,target=/etc/tomcat/cert-roles.properties,mode=440,type=mount'
-      - 'candlepin-artemis-cert-users-properties,target=/etc/tomcat/cert-users.properties,mode=440,type=mount'
-      - 'candlepin-artemis-jaas-conf,target=/etc/tomcat/conf.d/jaas.conf,mode=440,type=mount'
     volumes:
       - /var/log/candlepin:/var/log/candlepin:Z
       - /var/log/tomcat:/var/log/tomcat:Z

src/roles/candlepin/templates/candlepin.conf.j2

@@ -4,8 +4,6 @@ candlepin.environment_content_filtering=true
 candlepin.auth.basic.enable=false
 candlepin.auth.trusted.enable=false
 
-candlepin.audit.hornetq.config_path=/etc/candlepin/broker.xml
-
 candlepin.db.database_manage_on_startup=Manage
 
 candlepin.auth.oauth.enable=true

src/roles/foreman/templates/katello.yaml.j2

@@ -8,11 +8,5 @@
     :oauth_secret: "{{ candlepin_oauth_secret }}"
     :ca_cert_file: /etc/foreman/katello-default-ca.crt
 
-  :candlepin_events:
-    :broker_host: localhost
-    :ssl_cert_file: /etc/foreman/client_cert.pem
-    :ssl_key_file: /etc/foreman/client_key.pem
-    :ssl_ca_file: /etc/foreman/katello-default-ca.crt
-
   :pulp:
     :ca_cert_file: /etc/foreman/katello-default-ca.crt

tests/candlepin_test.py

@@ -23,22 +23,6 @@ def test_candlepin_status(server, certificates):
     assert status.stdout == '200'
 
 
-def test_artemis_port(server):
-    candlepin = server.addr("localhost")
-    assert candlepin.port("61613").is_reachable
-
-
-def test_artemis_auth(server, certificates):
-    cmd = server.run(f'echo "" | openssl s_client -CAfile {certificates["ca_certificate"]} -cert {certificates["client_certificate"]} -key {certificates["client_key"]} -connect localhost:61613')
-    assert cmd.succeeded, f"exit: {cmd.rc}\n\nstdout:\n{cmd.stdout}\n\nstderr:\n{cmd.stderr}"
-
-
-def test_certs_users_file(server, certificates):
-    cmd = server.run(f'openssl x509 -noout -subject -in {certificates["client_certificate"]} -nameopt rfc2253,sep_comma_plus_space')
-    subject = cmd.stdout.replace("subject=", "").rstrip()
-    assert_secret_content(server, 'candlepin-artemis-cert-users-properties', f'katelloUser={subject}')
-
-
 def test_tls(server):
     result = server.run('nmap --script +ssl-enum-ciphers localhost -p 23443')
     result = result.stdout
@@ -55,7 +39,3 @@ def test_tls(server):
 
     # Test that the least cipher strength is "strong" or "A"
     assert "least strength: A" in result
-
-
-def test_cert_roles(server):
-    assert_secret_content(server, 'candlepin-artemis-cert-roles-properties', 'candlepinEventsConsumer=katelloUser')

tests/foreman_test.py

@@ -46,7 +46,7 @@ def test_foreman_status_cache(foreman_status):
     assert foreman_status['results']['foreman']['cache']['servers'][0]['status'] == 'ok'
 
 
-@pytest.mark.parametrize("katello_service", ['candlepin', 'candlepin_auth', 'candlepin_events', 'foreman_tasks', 'katello_events', 'pulp3', 'pulp3_content'])
+@pytest.mark.parametrize("katello_service", ['candlepin', 'candlepin_auth', 'foreman_tasks', 'katello_events', 'pulp3', 'pulp3_content'])
 def test_katello_services_status(foreman_status, katello_service):
     assert foreman_status['results']['katello']['services'][katello_service]['status'] == 'ok'