Everytime we run the playbook a new build kicks off, but
the app was just restarted. So what happens is we end up
with the app getting started twice (once when the
deploymentconfig gets updated and once when the build finishes).
This could be bad if the app has some startup steps that need
to not be interrupted.
Let's just manually trigger builds since we have the permissions
to do that in the web interface and via the CLI.
koji hubs are now all behind proxies for tls termination, so they don't
need to run https locally. This allows us to drop the koji self signed
certs, at least the staging version of which had become too weak and was
preventing httpd from starting on boot.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This user is used by osbuild, but autosign and bodhi don't know what
to do with images it builds. Just like the livecd's and such releng
makes. So, just don't auto make updates for them.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Right now we run a script on all builders once a minute to update the
api/auth ip's for osbuild. This has a number of problems:
* Sometimes osbuild jobs land on s390x builders that have no internet
access and hang or fail.
* Sometimes the update script hangs or takes a long time to run because
the builder is heavily loaded with builds, resulting in locking emails
to sysadmin-main folks.
So, in this commit we:
* make a new koji channel called 'osbuild' with all the buildhw-x86's in
it. They are usually not too overloaded and there are 16 of them so it
should be available all the time.
* Leave the cron job on all builders for now in case, but make them only
update once a day since they won't be getting jobs. If this works out
we can remove it entirely there.
* Make the buildhw-x86s only update every 5min. This opens a larger
window for it being wrong, but it's still pretty small and should
reduce the number of emails for stalled processes we get.
See https://pagure.io/fedora-infrastructure/issue/10982
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This reverts commit 3437042944.
This doesn't work on rhel8 machines:
/etc/crypto-policies/back-ends/opensshserver.config: line 1: Bad configuration option: CRYPTO_POLICY
/etc/crypto-policies/back-ends/opensshserver.config: terminating, 1 bad configuration options
EL6 and EL7 have a limited set of algorithms, but EL8 and Fedora use
system configs set in a different file. Added an elif to better try
and show this.
Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
Javascript and CSS dependencies for Anitya are now managed by npm. Let's reflect
this in Anitya buildconfig.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
fas, openshift kerneltest and the old openshift console/api are no more.
Remove them now to fix up reverseproxy templates.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
