When we setup things we didn't setup fedmsg in iad2 staging.
Now we are using it, so we should configure it until we get rid of it.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
I think the only reason this worked in phx2 was because we also had a
firewall rule that was blocking the staging subnet on all prod machines.
Instead of doing that here, lets just make fedmsg only deal with the
staging hosts in staging. The only thing this might break is things that
aren't in staging_friendly that should be.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Match the environment variable in the deploymentconfig to that used
in the configmap (REDIS_PASSWORD)
Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
The 'containerNames' parameter was incorrectly cut-and-pasted from
the flatpak-indexer-differ deployment config.
Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
Should be ImageStreamTag not ImageStream. We ended up with a destination
of flatpak-indexer:latest:latest, when a default tag of :latest was added.
Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
This should set up the bridge and controls on the new vmhosts in
RDU-CC so that we can deploy a dhcp host which will allow mgmt to be
brought up for power and similar hardware.
Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
* Output the build to the correct imagestream - it was outputing
to the flatpak-indexer-tardiff stream from a cut-and-paste mistake
* Add a ImageChange trigger for the from: image - we want to trigger
a rebuild if the ubi8/python-38 image changes by itself, even if
the flatpak-indexer-tardiff image where we get the tardiff binary from
isn't rebuilt.
Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
* Specify a volumeName for the persistant volume claims (on initial deploy
to staging, these PVC's got bound to random volume...)
* Name the PVC's to exactly match the volume names, including a -stg suffix
for staging
* Reduce the requested size for the redis volume to 1Gi.
The deployment config for flatpak-indexer referenced a secret volume that
in the Red Hat internal deployment of flatpak-indexer holds a client certificate,
but is not needed for Fedora.
Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
We had a patched version, but the patches have been merged upstream so
we should switch back to using the 'stock' kojira.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This is necessary because:
- The ipa/client role is pulled in if only one host is in the play which
uses it.
- The prepare-ipa-info tasks operate on all hosts in the play in order
to gather together operations on the IPA server which would otherwise
be (potentially, unnecessarily) repeated for many hosts in the play
and which have to be serialized to avoid race conditions when changing
data in IPA.
For now, we set `primary_auth_source` to `fas` for `all`, and to `ipa`
for the `staging` group. We can set this to `ipa` for individual host
groups in prod to enable this piece meal while we roll out the change.
Fixes: https://pagure.io/fedora-infrastructure/issue/9674
Signed-off-by: Nils Philippsen <nils@redhat.com>
1. iot.fedoraproject.org now points to getfedora.org/iot
2. The iot directory was removed from the old repo anyway
Signed-off-by: Ben Cotton <bcotton@fedoraproject.org>
We had a patched version, but the patches have been merged upstream so
we should switch back to using the 'stock' kojira.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This is necessary because:
- The ipa/client role is pulled in if only one host is in the play which
uses it.
- The prepare-ipa-info tasks operate on all hosts in the play in order
to gather together operations on the IPA server which would otherwise
be (potentially, unnecessarily) repeated for many hosts in the play
and which have to be serialized to avoid race conditions when changing
data in IPA.
For now, we set `primary_auth_source` to `fas` for `all`, and to `ipa`
for the `staging` group. We can set this to `ipa` for individual host
groups in prod to enable this piece meal while we roll out the change.
Fixes: https://pagure.io/fedora-infrastructure/issue/9674
Signed-off-by: Nils Philippsen <nils@redhat.com>
