Kevin Fenzi
5be96729ca
builders/builders_stg: not external
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-28 11:26:03 -07:00
Kevin Fenzi
fb2a8a82d6
releng-compose: add troubleshoot group for non sudo access to debug ostree issue with kinoite
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-28 11:03:08 -07:00
Pavel Raiskup
43b8ee52d8
copr-hypervisor: try to go back with iptables
...
VMs fail to boot for some reason, and per recent #copr Matrix discussion
this might be the thing.
2025-04-28 18:51:38 +02:00
Jiri Kyjovsky
e07d13ee4e
copr: virtlogd rotate logs for hypervisors
...
Configure virtlogd to rotate logs older than 30 days. The default config
does not delete anything since we log to a lot of small files which are
ignored by the max size to rotate in default virtlogd config.
2025-04-28 18:10:12 +02:00
Lukas Brabec
9531326ca5
Testdays - use proper OIDC client secrets
2025-04-28 16:51:15 +02:00
Patrik Polakovič
bdc169d3c7
Add Fedora version variable to the playbook
...
Signed-off-by: Patrik Polakovič <patrik@alphamail.org>
2025-04-28 12:18:58 +02:00
Kevin Fenzi
3a9f0cbfbb
Revert "proxies: re-enable koji endpoints"
...
This reverts commit 5a72566502
.
The bots are back, close these endpoints. :(
2025-04-26 12:24:59 -07:00
Kevin Fenzi
baade64038
drop iad2 external boolean
...
I think this is not needed because we actually test for iad2 in
inventory_hostname and in fact it overrides the groups that set it to
true, making them all come up false. ;(
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-26 10:24:43 -07:00
Kevin Fenzi
8302ff44cd
pagure: widen ai blockage
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-26 09:04:10 -07:00
Kevin Fenzi
bea41a6732
koji / staging sync: increase sequences to be higher than prod
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-25 09:15:08 -07:00
Kevin Fenzi
4da0ff7c4d
koji / sync staging: drop removed warn arg
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-25 09:06:23 -07:00
Kevin Fenzi
ca12850f5a
osuosl: drop br0 interface requirement
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-24 15:41:14 -07:00
Pedro Moura
f5d43ceedc
Remove tmpwatch temporarily
...
Signed-off-by: Pedro Moura <pmoura@redhat.com>
2025-04-24 22:32:35 +00:00
Noel Miller
5cc9bc15e8
change: add nomiller@redhat.com as an alias for podcast@fedoraproject.org
...
I have taken over as the new host of the fedora podcast. I need access to the podcast@fedoraproject.org email address.
2025-04-24 22:24:11 +00:00
d30cfdd2cf
websites: disable fedoraproject sync on-demand
2025-04-24 22:19:30 +00:00
Kevin Fenzi
d3d07df333
torrent: try switching port range syntax to the nftables one
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-24 15:07:17 -07:00
James Antill
c063b94af3
Add nftables.bastion for smtp stuff.
...
Signed-off-by: James Antill <james@and.org>
2025-04-24 21:55:25 +00:00
Kevin Fenzi
a2d6cf7dd4
nftables / osuosl: fix interface for ssh connections
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-24 14:09:02 -07:00
Kevin Fenzi
7c670efbfe
openqa: do not do the nftables switch on these until we have more time for testing
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-24 13:51:09 -07:00
Kevin Fenzi
4d4365cdf5
nftables: add defined check for nft_nat_rules and set it also [] by default
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-24 13:17:03 -07:00
James Antill
68cbd3dc2c
Turn nftables on everywhere.
...
Signed-off-by: James Antill <james@and.org>
2025-04-24 20:05:03 +00:00
Kevin Fenzi
98c1a60c21
noc / dhcp: add rdu3 mgmt interfaces
...
For now, networking is going to just bridge dhcp from the new rdu3 mgmt
network over to our iad2 dhcp server. We will change this later after we
have bootstrapped up rdu3 some more.
This adds all our new x86 machines and 2 centos machines.
We still need to sort out the aarch64 machines (which need new cards)
and the power10 machines (still being racked).
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-24 12:08:45 -07:00
Greg Sutcliffe
0e60fc6eaf
Zabbix-stg: bump collection to 3.3.0 and re-enable user
2025-04-24 17:29:01 +00:00
Kevin Fenzi
dc1b09121b
ipsilon: use correct centos stg ipsilon host for hbac rule
...
This was using the wrong host and thus removing the correct one.
Fixing it to use the right host.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-24 09:26:09 -07:00
Michal Konecny
33c846b516
[ipsilon] Fix redirect URL for staging libravatar
2025-04-24 13:48:03 +02:00
Mikolaj Izdebski
8b1bdfff97
Koschei: relax probe timeouts
...
Extended the liveness/readiness probe timeouts to better handle
unexpected database slowdowns. This aims to reduce the frequency of
Pod crash loops by giving the system more time to recover before
Kubernetes restarts it.
2025-04-24 07:30:24 +02:00
Simon de Vlieger
9f15884401
koji: image-builder
for staging
...
Enables the `image-builder` plugin from `koji-image-builder` in the
staging environment for both the koji hub, and the koji builder (kojid).
Signed-off-by: Simon de Vlieger <supakeen@redhat.com>
2025-04-23 23:53:51 +00:00
Pedro Moura
f62c14df02
Add f42-test
...
Signed-off-by: Pedro Moura <pmoura@redhat.com>
2025-04-23 15:56:18 -03:00
5f2d06c90c
forgejo: reorder ansible task execution
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2025-04-23 10:52:45 +01:00
Siteshwar Vashisht
321078b526
openscanhub: update to ami-0834e6713f8d31e04
...
Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
2025-04-23 08:36:03 +00:00
Siteshwar Vashisht
c5093b2b26
openscanhub: add FedoraGroup
tag to VMs
...
... spun up for workers.
Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
2025-04-23 08:13:43 +00:00
Aurélien Bompard
9aca5b724a
RabbitMQ: deploy the new CA cert to prod too
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2025-04-23 09:49:54 +02:00
Adam Williamson
d1728cd3d1
cloud-image-uploader: update container image config for IoT changes
...
We finally merged https://pagure.io/fedora-iot/pungi-iot/pull-request/102
which changes the properties of the container images built in the
IoT compose. This should adjust to that and publish both the base
and IoT images, if we got it all right.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
2025-04-22 13:48:14 -07:00
Kevin Fenzi
5a72566502
proxies: re-enable koji endpoints
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-21 14:17:31 -07:00
Kevin Fenzi
c581b79099
robosignatory: fix stable f42 cosmic-atomic signing, which was missing
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-19 20:53:30 -07:00
Kevin Fenzi
d4f15818ef
bodhi-backend: add variant for COSMIC-Atomic
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-19 18:59:55 -07:00
Justin Wheeler
4da64f2701
🔧 roles(fasjson): Add my RH email to foa alias, create jwheel alias
...
Two changes were made here:
* Explicitly add my Red Hat email address to all email addresses sent to
the `foa@` email alias. My FAS email is not my Red Hat email, but
there are some communications sent to this specific alias that I need
to always go to my Red Hat email address. They are topics specifically
about the work that I do at Red Hat.
* Create a new `jwheel@` personal email alias. This is the username I
intend to claim after my name change, and it also matches my Red Hat
email address (jwheel [at] redhat [dot] com). Gradually, I am going to
work on moving email from `jww@` to `jwheel@`. If an option ever is
available in the future to change FAS usernames, this is the changed
name that I would choose.
Signed-off-by: Justin Wheeler <jwheel@redhat.com>
2025-04-19 18:35:08 +00:00
Kevin Fenzi
fc5425c07f
koji_builder: add a iptables tag to the osbuildapi scripting
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-19 09:17:09 -07:00
Kevin Fenzi
96911acd1e
releng-compose: move rawhide/branched composers to f42
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2025-04-19 09:16:24 -07:00
James Antill
84a8bb3a82
Move all production builders to nftables.
...
Signed-off-by: James Antill <james@and.org>
2025-04-18 20:20:01 +00:00
Patrik Polakovič
af73ccce72
Add Pungi filter for OpenH264 packages
...
Signed-off-by: Patrik Polakovič <patrik@alphamail.org>
2025-04-18 19:27:48 +00:00
Ryan Brue
b3c32cbc9c
Fix incorrect ref in the cosmic-atomic pungi config
...
Signed-off-by: Ryan Brue <ryanbrue.dev@gmail.com>
2025-04-18 00:12:51 -05:00
James Antill
1b1da8f88f
Move buildhw-a64-04.iad2 to nftables.
...
Signed-off-by: James Antill <james@and.org>
2025-04-17 16:32:19 -04:00
James Antill
49fe6d4ed2
Move buildhw-x86-04.iad2 to nftables.
...
Signed-off-by: James Antill <james@and.org>
2025-04-17 15:12:01 -04:00
b6486cfdcb
forgejo: update image
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2025-04-17 18:16:02 +01:00
Aurélien Bompard
b79d8199c6
Batcave: also copy the rabbitmq ca cert
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2025-04-17 18:16:23 +02:00
Michal Konecny
a76d88a1f6
[ipsilon] Add libravatar entry for staging
...
https://pagure.io/fedora-infrastructure/issue/12493
2025-04-17 15:57:44 +02:00
Michal Konecny
3a612a4230
[ipsilon] Add OIDC entry for testdays app
...
https://pagure.io/fedora-infrastructure/issue/12490
2025-04-17 13:34:21 +00:00
Aurélien Bompard
a19859a8f0
Tabs to spaces
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2025-04-17 13:15:15 +02:00
Aurélien Bompard
5d8631d7d5
Make debugging Bodhi in staging a little bit easier
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2025-04-17 13:11:26 +02:00