Signed-off-by: James Richardson <jamricha@redhat.com>
Signed-off-by: Emma Kidney <ekidney@redhat.com>
Signed-off-by: David Kirwan <dkirwan@redhat.com>
Signed-off-by: Stephen Coady <scoady@redhat.com>
Signed-off-by: James Richardson <jamricha@redhat.com>
Signed-off-by: Emma Kidney <ekidney@redhat.com>
Signed-off-by: David Kirwan <dkirwan@redhat.com>
Signed-off-by: Stephen Coady <scoady@redhat.com>
- configuring koji builders to use image builder
- configure koji hub to handle osbuild jobs
- Separate prod/stg koji builder osbuild plugin config
Signed-off-by: James Richardson <jamricha@redhat.com>
Signed-off-by: Emma Kidney <ekidney@redhat.com>
Signed-off-by: David Kirwan <dkirwan@redhat.com>
Signed-off-by: Stephen Coady <scoady@redhat.com>
It needs to use "Fedora Linux" now since we changed that in various
files, and we need to call f36 version '36' and not 'devel'.
Also we need to add a 'Fedora' version for f36 too because people could
upgrade from f34.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We had an import snapshot task get stuck and we don't have permission to
cancel it. This will enable us to run something like:
```
aws ec2 cancel-import-task --import-task-id import-snap-071b6e456e60146b7
```
previously, the image build was frequently not finding the new rpms for
the staging snapshots when rebuilding the image. WE now don't uyse the
cache when building the staging images for boshi-base on openshift
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
SCCs are cluster-scoped, but here we just want an SCC uniquely for use
by the `coreos-ci` project. So prefix the SCC name with that.
This may have been the root of an issue where we had this SCC defined
mulitple times (once here and once in the `fedora-coreos-pipeline` role)
and any users added were lost because it was being redefined.
The one in `fedora-coreos-pipeline` has since been nuked:
https://pagure.io/fedora-infra/ansible/pull-request/989
We added more to the api and machine-config, but those only go to
control nodes, not compute nodes. Just revert this section entirely, it
was a bad idea and we shall never speak of it again. :)
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This fixes ticket 10521.
Basically we want to just open the api. It requires auth to do anything
and other openshift instances have it available, so it shouldn't
hopefully expose us to too much risk. With ocp3 the api was part of the
normal port/web flow, but with ocp4 it's a seperate port.
This also adds new workers to haproxy. I can drop that part if it's
controversal, but it should be fine I would think.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We should be able to do this without too much overcommitting and it
could help builds avoid OOM (see devel list thread)
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The old 2020 cert expires on 2022-03-07 which is only 5 days from now.
This moves it to a new 2022 cert that lasts 1 year.
This will need the proxies playbook run after it's pushed.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This is the preparation for the end of support for authentication by username
and password by bugzilla.
This configuration value is not used for anything right now, but there is
already [PR](https://pagure.io/fedora-infra/toddlers/pull-request/94) created
in toddlers that will make use of this config value.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
We need to "permanently" disable zram0 when the builder image is
created, so this is just a hot-fix that let us experiment...
Relates: https://pagure.io/copr/copr/issue/2077
