Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
36519 commits 9 branches 0 tags 111 MiB
Commit graph

160 commits

Author SHA1 Message Date
Pierre-Yves Chibon
2b46c6a7fb basessh/distgit: adjust the way ssh is configured for distgit 
Basically, we are now installing a small wrapper in /usr/local/bin
which just echoes to stdout what should be in the authorized_keys
file for that user.
That content is generated by retrieving the ssh key from sssd via
the command sss_ssh_authorizedkeys as well as the usual ssh way to
restrict the action an user/key can do: command="...".
In this case, we're setting a couple of environment variable that
are needed later on for things to work properly as well as only
allow the user to call the aclchecker.py script provided by pagure.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-04-03 21:16:51 +02:00
Pierre-Yves Chibon
00804542f3 Revert "basessh/distgit: adjust the way ssh is configured for distgit" 
This is still being reviewed and wasn't meant to be pushed out yet

This reverts commit 67844b4504.
 2021-04-03 19:10:54 +02:00
Pierre-Yves Chibon
67844b4504 basessh/distgit: adjust the way ssh is configured for distgit 
Basically, we are now installing a small wrapper in /usr/local/bin
which just echoes to stdout what should be in the authorized_keys
file for that user.
That content is generated by retrieving the ssh key from sssd via
the command sss_ssh_authorizedkeys as well as the usual ssh way to
restrict the action an user/key can do: command="...".
In this case, we're setting a couple of environment variable that
are needed later on for things to work properly as well as only
allow the user to call the aclchecker.py script provided by pagure.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-04-03 19:01:38 +02:00
Mohan Boddu
f6d75dfca0 Mass branching, move from master to rawhide 
Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
 2021-02-09 11:20:12 -05:00
Pierre-Yves Chibon
998c84baaa dist-git: add missing type 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 17:26:26 +01:00
Pierre-Yves Chibon
872090ee54 dist-git: some more selinux policy changes 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 17:24:55 +01:00
Pierre-Yves Chibon
d503f374db distgit: some more selinux policy update 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 16:51:51 +01:00
Pierre-Yves Chibon
74890814a1 distgit: adjust the selinux policy a little more 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 16:48:30 +01:00
Pierre-Yves Chibon
be1c8bcb45 distgit: keep working on the http_policy 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 15:56:37 +01:00
Pierre-Yves Chibon
f3a1c52522 distgit: ad missing instruction in the http_policy 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 15:53:18 +01:00
Pierre-Yves Chibon
f580d72f24 distgit: add the missing headers in the http_policy policy 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 15:49:30 +01:00
Pierre-Yves Chibon
1ef758c408 distgit: install another custom selinux policy 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 15:35:33 +01:00
Pierre-Yves Chibon
3f03400dac distgit: drop pagure related selinux config since it's now handled in the pagure role 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-05 17:27:27 +01:00
Pavel Raiskup
b7bdcacc3e distgit: fix chown in make-new-lookaside-links 
Followup for 9d9680cc73
 2020-08-19 13:24:58 +02:00
张皓
9d9680cc73 Fix syntax error in make-new-lookaside-links 
Fix syntax error in make-new-lookaside-links
 2020-08-19 10:08:56 +00:00
Pierre-Yves Chibon
19ad9380b0 dist-git: clean up the playbook for the left over phx2 sections 
Remove all the sections there were RHEL7/phx2/gitolite related
now that we're running on RHEL8 with python3 and all of its goodies

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-10 12:51:56 +00:00
Pierre-Yves Chibon
9d4902f887 distgit: the configuration file does not support quotes and it doesn't find the file if there are some 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-06-16 20:53:39 +02:00
Pierre-Yves Chibon
46b327807f distgit: turn on fedora-messaging notification and give apache access to the git hook cert and keys 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-06-15 13:56:38 +02:00
Kevin Fenzi
0b64e5469a iad2: disable fedmsg on upload now until its ported 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-09 14:53:11 -07:00
Patrick Uiterwijk
55c9fb266b Remove cgit from dist-git 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-04-13 15:57:00 +02:00
Kevin Fenzi
7887029ffb Some selinux policy for staging. 2018-10-10 20:01:45 +00:00
Patrick Uiterwijk
02ff6983fa Use the Pagure code for http cloning 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-10-05 07:28:38 +02:00
clime
3677dc58cc dist-git: start using lookaside_dir option instead of obsoleted cache_dir 2018-08-14 14:21:03 +02:00
Patrick Uiterwijk
c4844d58ed Move cgit to suexec'd as well 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-06-12 11:10:34 +02:00
Patrick Uiterwijk
5c18fc378d Redirect 'smart' http checkout to canonical 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-06-11 17:29:09 +02:00
Patrick Uiterwijk
4a8fc6080e All scripts on pkgs02 are now run as pagure 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-06-11 17:29:09 +02:00
Patrick Uiterwijk
06c04a3fb9 Commit http push stuff 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-05-28 15:08:48 +02:00
clime
f915d6bed6 dist-git: add temporary cache_dir_override option 2018-03-27 12:41:10 +02:00
clime
4f901eb9cf update dist-git.conf for next dist-git release 
* this change is not exactly necessary due to default values, but
  I think it's better to be explicit
 2018-02-26 14:46:54 +01:00
Pierre-Yves Chibon
56efae7e16 Do not relying on the existance of 3 spaces to make decisions 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-02-21 15:21:21 +01:00
Pierre-Yves Chibon
445e2eadfc Invert logic of namespace vs pdc type 
We are iterating through the gitolite config that is namespace
aware (ie: rpms, modules) and are checking if the repo is in the
list to update, list coming from pdc and thus style aware not
namespaces (ie: rpm, module).
So invert the logic.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-02-20 17:23:21 +01:00
Pierre-Yves Chibon
d640cbbba0 Fix if the entry exists in pdc and not on disk and typo in an error message 2018-02-20 17:22:58 +01:00
Pierre-Yves Chibon
c558e739d8 dist-git doesn't trigger the POST_COMPILE (that was missing anyway 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-02-20 12:54:15 +01:00
Pierre-Yves Chibon
4464bf6eda Fixes some typos in the script updating the gitolite config for mass-branching 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-02-20 12:48:35 +01:00
Pierre-Yves Chibon
f17603d02a Add to dist-git the scripts we use for mass-branching 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-02-20 12:04:15 +01:00
clime
72e42a56b3 update dist-git.conf 2018-02-19 12:34:10 +01:00
Patrick Uiterwijk
4aa1c5bcc3 Block all but internal from pkgs.fp.o and set up robots.txt files 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-02-08 22:44:06 +00:00
Patrick Uiterwijk
58fcfbaca2 Remove the namespace from dist-git.conf so namespaced lookaside becomes possible 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-10-28 01:40:32 +02:00
Kevin Fenzi
40a7012c75 add highlighting for cgit on pkgs. ticket 6333 2017-09-12 01:50:43 +00:00
Kevin Fenzi
df6a521a6f bring cgit back for now until pagure can do rss/atom, show all namespaces, etc 2017-09-03 21:37:14 +00:00
Patrick Uiterwijk
3fbc71a614 Fix lookaside uploading until we can fix for realsies 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-08-09 23:47:47 +02:00
Patrick Uiterwijk
970c78b619 Fix git@ service in pkgs02 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-08-09 03:01:27 +02:00
Pierre-Yves Chibon
f2015d75e1 Adjust all the redirects for the disappearance of cgit 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2017-08-03 15:50:40 +02:00
Pierre-Yves Chibon
7180f1669a Move fedmsg-genacls-config.py to a template and configure it for the new world 2017-07-25 15:21:00 +02:00
clime
3fc69696b9 dist-git: clean up unused files and the main script 2017-07-13 21:36:07 +02:00
Brandon Gray
5de4b9a026 remove unused setup_git_package from distgit role 2017-07-13 21:22:57 +02:00
clime
cc29d3ed65 pkgs-stg: employ the dist-git package setup_git_package and mkbranch scripts 2017-05-22 09:25:39 +02:00
clime
17c52a6e59 dist-git: the new upstream dist-git package is now in EPEL7 2017-05-03 11:00:10 +02:00
Patrick Uiterwijk
9ef64fde7b This is renamed to container 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-04-12 17:50:45 +00:00
clime
b09633d23c use devel dist-git upstream 2017-02-14 16:04:38 +01:00