Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
39843 commits 9 branches 0 tags 111 MiB
Commit graph

39843 commits

This branch
This branch
All branches
Author SHA1 Message Date
Pavel Raiskup
9917769f56 copr-be-dev: drop birthday again 
This reverts commit 262b1e88e8.
 2023-11-21 15:19:53 +01:00
Pavel Raiskup
eccbf58b3f aws_copr: copr-be fix for #11006 
We run the playbook first against the `copr-be-temp.aws..`
inventory_hostname, and then once more against `copr-be.aws..`.  We need
to re-sign the pub keys for the later run.

https://pagure.io/fedora-infrastructure/issue/11006
 2023-11-21 15:16:25 +01:00
Pavel Raiskup
262b1e88e8 copr-be-dev: birth day again 2023-11-21 14:54:31 +01:00
Pavel Raiskup
c28c90504b aws_cloud: drop additional (-temp) known hosts entries 2023-11-21 14:37:59 +01:00
Pavel Raiskup
2f32aeec00 copr-be-dev: drop birthday 2023-11-21 14:06:52 +01:00
Pavel Raiskup
166879ab9f aws_cloud: really gather both key types 2023-11-21 14:03:07 +01:00
Pavel Raiskup
445973ffba aws_cloud: drop wrong keytype 2023-11-21 13:59:45 +01:00
Pavel Raiskup
0ed8f5f405 aws_cloud: try to load and hack-around all host keys 2023-11-21 13:53:36 +01:00
Pavel Raiskup
ad935bba81 copr-be-dev: birthday=true 2023-11-21 13:40:05 +01:00
Pavel Raiskup
6516e383d3 copr-be-dev-temp: drop birthday 2023-11-21 12:04:19 +01:00
Tomas Hrcka
4626ea62ce [stg] Try to upgrade osbs to f39 
Signed-off-by: Tomas Hrcka <thrcka@redhat.com>
 2023-11-21 12:03:22 +01:00
Pavel Raiskup
9cb3183a9d copr-dev: services disabled 
Per https://docs.pagure.org/copr.copr/how_to_upgrade_persistent_instances.html
 2023-11-21 11:59:59 +01:00
Tomas Hrcka
8039ea0bf1 Update koji builders in stg 
Signed-off-by: Tomas Hrcka <thrcka@redhat.com>
 2023-11-21 11:10:45 +01:00
Lenka Segura
1ec305ee0b releng: Schedule a cron job to retrieve retired packages nightly 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2023-11-21 08:56:50 +00:00
Leo Puvilland
3d4c829002
Install cronie for crontab as it seems to not be installed by default 2023-11-20 11:07:56 -08:00
Pavel Raiskup
fcc0cd4861 copr-be-dev: starting on a fresh F39 AMI 2023-11-20 16:34:05 +01:00
amedvede
3fe6717504 feat: added bodhi to csp headers of distgit 
Signed-off-by: amedvede <amedvede@redhat.com>
 2023-11-20 10:14:04 +01:00
Seddik Alaoui Ismaili
b496f4b9c4 allow rsync from log01 2023-11-19 17:08:18 +01:00
Carl George
e9c1adca55 batcave: stop syncing EOL CentOS 8 2023-11-17 16:42:17 -06:00
Kevin Fenzi
638889e97e value: make sure value02 has backup targets correct and clean up old value01 host vars 2023-11-16 15:49:16 -08:00
Kevin Fenzi
4581d1f7c4 koji_builder: adjust osbuild api job to run in stg also 
Right now we just run the cron to update osbuildapi ip on buildhw-x86 in
prod, but we need to run it on the osbuild channel builders in staging
too. Fixes ticket 11575.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 14:18:53 -08:00
Kevin Fenzi
f42ce93d85 nagios: remove missed value01 reference 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 13:54:09 -08:00
Kevin Fenzi
da6667921a communishift: and a typo. sigh 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 13:40:48 -08:00
Kevin Fenzi
57065ba607 communishift: how about single quotes 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 13:38:45 -08:00
Kevin Fenzi
0a7b19d541 communishift: set defaults 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 13:35:06 -08:00
Leo Puvilland
7151598324
bugfix: replace communishift_project_name with item.value.name 2023-11-16 12:58:19 -08:00
Leo Puvilland
da793ad7d4
bugfix: remove list-based communishift_projects 2023-11-16 12:27:48 -08:00
Leo Puvilland
125f956f06 rework communishift to allow for per-project resource requirements 2023-11-16 19:52:58 +00:00
Kevin Fenzi
845ba32c3a proxies: switch get_url to just copy from batcave01 
get_url has a bug in that batcave01 is using python3.9, but the proxies
are 3.12. See:
https://github.com/ansible/ansible/issues/80490
https://github.com/ansible/ansible/issues/81256

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 11:46:46 -08:00
Siteshwar Vashisht
1a6ed735d5 openscanhub: add initial configurations for OpenShift 
... staging and production instances.

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
 2023-11-16 18:27:19 +00:00
Kevin Fenzi
3230e7526d batcave01: add sysadmin-openscanhub 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 10:15:12 -08:00
Kevin Fenzi
05d496879f waiverdb: fix linbreak 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-16 10:12:03 -08:00
Lukas Holecek
672074fc4a waiverdb: Fix redirect_uri for new flask-oidc versions 
For details, see the changelog for flask-oidc:
https://github.com/fedora-infra/flask-oidc/blob/develop/docs/changelog.md

The entry for 2.0.0 says:

> The callback route (aka "redirect URL") is not configurable with
> `OIDC_CALLBACK_ROUTE` anymore. It is always `/authorize`,

The option `OIDC_CALLBACK_ROUTE` is available again in version 2.0.3,
but we can override the whole redirect URL with
`OIDC_OVERWRITE_REDIRECT_URI` (since 2.1.0).
 2023-11-16 18:07:04 +00:00
Andrew Heath
a7318cbc27 Update email footer 
Update email footer to help seperate out the footer when replying to
emails
 2023-11-16 14:22:07 +00:00
Seddik Alaoui Ismaili
246cc76260 keeps only errors on logging 2023-11-16 14:08:35 +00:00
Michal Konecny
03edf77f12 [IPA] Start the clean step unattended 
This needs user input if not run with --unattended. Let's add this parameter to
fix that.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 14:14:42 +01:00
Michal Konecny
405c6a4953 [IPA] Clean client installation before running replica on RHEL 9 
On RHEL9 ipa-replica-install fails if there is already client installed with
"Your system is partly configured." To prevent this we need to uninstall the
existing installation before trying to do replica.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 13:56:55 +01:00
Michal Konecny
84c25cad71 [IPA] Fix syntax issue 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 12:54:53 +01:00
Michal Konecny
a3112de954 [IPA] Remove creates parameter from deploy replica 
The deploy replica step wasn't executed because it's checking if
`/etc/ipa/default.conf` exists. Remove that and use only the return code from
ipactl to check if the replication is done.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 12:39:36 +01:00
Michal Konecny
0969fed462 [IPA] Ignore errors when determining replication status 
The ipactl status returns non 0 code when the IPA server is not set yet. We need
to ignore the error code when checking that.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 12:22:01 +01:00
Michal Konecny
3e349c80ec [IPA] Use ipactl status output for replication check 
As the /etc/ipa/default.conf is already created by ipa/client role, we need to
find another way to check if replication is needed. Calling `ipactl status`
should be more reliable.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 12:06:22 +01:00
Michal Konecny
4025b4d158 [IPA] Move ipa02.stg to RHEL9 
The ipa02.stg is currently behaving strangely, let's try to move it to RHEL9, as
discussed in https://pagure.io/fedora-infrastructure/issue/10358, to solve the
issue.

The backup is available on vmhost-x86-02.stg in case anything goes wrong.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 11:12:54 +01:00
Kevin Fenzi
88683eef68 notifs: clean up some more missed parts from retirement 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 18:16:06 -08:00
Kevin Fenzi
4cd2c924c3 smtp-auth: actually install the master.cf file too 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 17:51:16 -08:00
Kevin Fenzi
ddd0913262 smtp-auth: rename this to explicit hostname 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 17:48:24 -08:00
Michal Konecny
e48db0aabb Allow port 587 as well 
To fix https://pagure.io/fedora-infrastructure/issue/11623

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-16 01:38:59 +00:00
Michael Scherer
bdd76ae138 Add master.cf with submission enabled 
Copied from base master.cf, fix #11623
 2023-11-16 01:38:59 +00:00
Kevin Fenzi
d727ee47ea nagios: remove another old notifs remnant 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 13:12:36 -08:00
Kevin Fenzi
20dc948173 notifs (old fmn): retire 
We are retiring this in favor of the new service.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 12:28:28 -08:00
Kevin Fenzi
3808d867de value01/value01.stg: retire 
These are old rhel7 instances. The only thing left on them is fedmsg-irc
(sending to one irc channel, fedora-releng). Move everything to use the
newer rhel8 value02 instead.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 12:13:38 -08:00