Just for staging for now:
- enable 'podman-login' role for the buildvm group, so built Flatpaks
can be pushed to the skopeo registry.
- add the koji-flatpak hub plugin to koji_hub role
- add the koji-flatpak builder plugin to the koji_builder role
and configure it.
Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
Saw from one of the emails this morning that this isn't running
because there's no python2 on whatever system it was trying to
run on. This ports it to Python 3 (thanks, 2to3) and cleans up
the formatting (thanks, black). I tested it with a random sample
file I found lying around the internet -
https://github.com/bahamas10/node-nagios-status-parser/blob/master/status.dat
and it seems to do what it's supposed to do.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
- patch the httplib2 library to avoid hardcoding TLSv1
- set the missing configuration variables in `pagure.cfg` (they have no
defaults)
- set the password for the future production version of
`client_secrets.json`
Also note that in the private ansible repo, the Pagure client
configuration in Ipsilon was fixed: the `token_endpoint_auth_method`
variable was set to `"client_secret_post"`.
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
There's a comment in the issue linked here that says it was fixed
five years ago, so we probably don't need this comment any more?
Signed-off-by: Adam Williamson <awilliam@redhat.com>
We don't have new F39 backgrounds yet, so this test will always
fail. Let's split the test into its own policy so we can easily
control whether we're gating on it (this will be useful for
future cycles, probably).
Signed-off-by: Adam Williamson <awilliam@redhat.com>
F39 updates can't pass testing fully till we have a new compose
and can build new non-Rawhide base images, but we need some
updates that are currently pending to go in the compose. It's
a catch-22, just disabling gating till this is sorted seems
like the least worst option.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Since there is no central place to inspect osbuild worker logs (such
as Splunk instance), the sysadmin-osbuild group needs access to the
logging server.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The IPA client groups configuration for osbuild workers was missed in
the original PR#1498 [1]. As a result, no member of the
`sysadmin-osbuild` FAS group can SSH to the osbuild workers.
Set the appropriate IPA client variables to grant access for this
group.
Also grant access for the `sysadmin-releng` group. There is no specific
reason, it just felt sensible since osbuild workers are running in the
Fedora infrastructure.
[1] https://pagure.io/fedora-infra/ansible/pull-request/1498
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
