Review pesign-upgrade SOP

Signed-off-by: Michal Konečný <mkonecny@redhat.com>

modules/sysadmin_guide/nav.adoc

@@ -87,7 +87,7 @@
 ** xref:packagereview.adoc[Package Review - SOP]
 ** xref:pagure.adoc[Pagure Infrastructure - SOP]
 ** xref:pdc.adoc[PDC - SOP]
-** xref:pesign-upgrade.adoc[pesign-upgrade - SOP in review ]
+** xref:pesign-upgrade.adoc[Pesign upgrades/reboots - SOP]
 ** xref:planetsubgroup.adoc[planetsubgroup - SOP in review ]
 ** xref:publictest-dev-stg-production.adoc[publictest-dev-stg-production - SOP in review ]
 ** xref:rabbitmq.adoc[rabbitmq - SOP in review ]

modules/sysadmin_guide/pages/pesign-upgrade.adoc

@@ -2,7 +2,7 @@
 
 Fedora has (currently) 2 special builders. These builders are used to
 build a small set of packages that need to be signed for secure boot.
-These packages include: grub2, shim, kernel, pesign-test-app
+These packages include: _grub2_, _shim_, _kernel_, _pesign-test-app_
 
 When rebooting or upgrading pesign on these machines, you have to follow
 a special process to unlock the signing keys.
@@ -20,15 +20,15 @@ Purpose::
 
 == Procedure
 
-{empty}0. Coordinate with pesign maintainers or pesign-test-app
+[arabic]
+. Coordinate with pesign maintainers or _pesign-test-app_
 commiters as well as releng folks that have the pin to unlock the
 signing key.
 
-[arabic]
+. Remove builder from koji:
-. remove builder from koji:
 +
 ....
-koji disable-host bkernel01.phx2.fedoraproject.org
+koji disable-host bkernel01.iad2.fedoraproject.org
 ....
 . Make sure all builds have completed.
 . Stop existing processes:
@@ -54,8 +54,8 @@ pesign-client -t "OpenSC Card (Fedora Signer)" -u
 remove other builder:
 +
 ....
-koji enable-host bkernel01.phx2.fedoraproject.org
+koji enable-host bkernel01.iad2.fedoraproject.org
-koji disable-host bkernel02.phx2.fedoraproject.org
+koji disable-host bkernel02.iad2.fedoraproject.org
 ....
 . Have a commiter send a build of pesign-test-app and make sure it's
 signed correctly.