From 891dcaac2b41e1e037cfe43a3ad6e92176b11993 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Wed, 10 Jun 2020 10:05:23 +0200 Subject: [PATCH] distgit: give access to the fedora-messaging certs to the packager group This solves the permission denied error packager would see otherwise when pushing to dist-git as the hooks would fail to send notifications on the fedora-messaging bus. Signed-off-by: Pierre-Yves Chibon --- roles/distgit/pagure/tasks/main.yml | 6 +++--- roles/git/hooks/tasks/main.yml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/distgit/pagure/tasks/main.yml b/roles/distgit/pagure/tasks/main.yml index 19d6449d6f..f0074690d9 100644 --- a/roles/distgit/pagure/tasks/main.yml +++ b/roles/distgit/pagure/tasks/main.yml @@ -443,17 +443,17 @@ - src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/pagure{{ env_suffix }}.crt" dest: src.fp.o.crt owner: pagure - group: pagure + group: packager mode: "444" - src: "{{private}}/files/rabbitmq/{{env}}/pki/private/pagure{{ env_suffix }}.key" dest: src.fp.o.key owner: pagure - group: pagure + group: packager mode: "440" - src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt" dest: src.fp.o.ca owner: pagure - group: pagure + group: packager mode: "444" tags: - pagure diff --git a/roles/git/hooks/tasks/main.yml b/roles/git/hooks/tasks/main.yml index 87257b64d3..b00280e12c 100644 --- a/roles/git/hooks/tasks/main.yml +++ b/roles/git/hooks/tasks/main.yml @@ -54,17 +54,17 @@ - src: "{{private}}/files/rabbitmq/{{ env }}/pki/issued/batcave{{ env_suffix }}.crt" dest: git-hooks.crt owner: root - group: root + group: packager mode: "444" - src: "{{private}}/files/rabbitmq/{{ env }}/pki/private/batcave{{ env_suffix }}.key" dest: git-hooks.key owner: root - group: root + group: packager mode: "440" - src: "{{private}}/files/rabbitmq/{{ env }}/pki/ca.crt" dest: git-hooks.ca owner: root - group: root + group: packager mode: "444" tags: - git