Luca BRUNO
4fbb7d4756
coreos-cincinnati: deploy current git (c5f69da)
2022-06-16 08:47:17 +00:00
Luca BRUNO
a92c42eebb
coreos-cincinnati: build current git (c5f69da)
2022-06-16 08:03:02 +00:00
c5a84d0438
websites: move to ocp4
2022-06-15 23:06:27 +00:00
Kevin Fenzi
0757ae95df
greenwave: change nagios check for ocp4
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 16:01:01 -07:00
Kevin Fenzi
0fdaa314c0
greenwave: use prod-fedora in stg for now also
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 15:52:20 -07:00
Kevin Fenzi
fcc9d984da
waiverdb / nagios: fix url to ocp4
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 15:37:38 -07:00
Kevin Fenzi
5b2d573432
greenwave: move to ocp4
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 15:32:30 -07:00
Kevin Fenzi
d18b6ba945
waiverdb: move prod now as well
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 15:13:31 -07:00
Kevin Fenzi
8f58783578
waiverdb: move to ocp4 in staging
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 15:04:22 -07:00
Kevin Fenzi
7105387724
pagure: increase some httpd worker limits
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 14:23:06 -07:00
Kevin Fenzi
45c28c27c5
pagure: add hack to 403 DDoS attack
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 14:18:39 -07:00
Kevin Fenzi
9399fbb4f0
flatpak-indexer: move to ocp4 in prod also
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-15 11:19:08 -07:00
Adam Williamson
b62ac32cab
greenwave: drop fedora-35 from the openqa_upgrade policy
...
F35 is now the oldest stable, which means these tests are not
run for it, so it must be taken out of this policy or all F35
critpath updates will fail gating.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
2022-06-15 10:30:03 -07:00
Kevin Fenzi
972e2d9515
openshift: move apiVersion of routes to route.openshift.io/v1
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-14 15:54:21 -07:00
Kevin Fenzi
e2992bb9e5
message-tagging-service: try and pul image from the new ocp4 endpoint
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-14 15:04:16 -07:00
Stephen Smoogen
95c6eea54a
Add octet-stream for qcow2 on dl.fedoraproject.org
2022-06-14 12:19:48 -04:00
Lubomír Sedlář
e453ce1649
Add expected number of odcs backends
...
This value is mostly ignored by the application. It is included in the
Prometheus metrics to simplify calculation availability.
The default is set to 0. The number of hosts in the odcs_backend group
is used for the alternative definition in inventory.
2022-06-14 16:06:43 +02:00
Kevin Fenzi
c31c99a252
pagure: enable tls for smtp in prod too
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 18:07:22 -07:00
Kevin Fenzi
9953c1346f
postfix / also install tls_policy on pagure*
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 18:03:59 -07:00
Kevin Fenzi
352ac4d6fd
pagure / staging: correct path to certs, install tls_policy map
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 18:01:00 -07:00
Kevin Fenzi
0df1496ae6
pagure / staging: enable tls for postfix.
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 17:54:07 -07:00
Kevin Fenzi
f15f50b4dc
apps-fp-o: mode should be 2755 here
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 16:15:40 -07:00
Leonardo Rossetti
48a04b644c
resultsdb-ci-listener image
2022-06-13 21:43:29 +00:00
Kevin Fenzi
cfa99b12e2
letsencrypt: The not yet due message is in stdout
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 14:11:34 -07:00
Leonardo Rossetti
44c8d7d42d
removing deployment_type jina cond.
2022-06-13 17:14:57 +00:00
Kevin Fenzi
91ccdea73f
proxies: Reach ocp4 cluster in prod over vpn instead of sending 421
...
I think I handled all the special cases here already.
We want to switch non iad2 proxies to reach the oco4 cluster over it's
vpn now that it has one. This should allow us to still keep ipv6
available for applications and not have to change dns for moving from
ocp3 cluster anymore. Will roll this out slowly to one proxy then
another, then the rest if it all looks ok.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 10:08:48 -07:00
Kevin Fenzi
6331d992ee
noggin: add another domain to block
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-13 09:04:21 -07:00
Pavel Raiskup
4456ea443a
copr-backend: install the ibm-cloud-list-vms script
2022-06-13 15:06:01 +02:00
Pavel Raiskup
0497b47ce2
copr-builders: helper script for listing IBM Cloud instances
2022-06-13 15:04:53 +02:00
c4ca968be3
openshift-apps/noggin: Explicitly set Fedora deployment settings
...
Upcoming versions of Noggin will require these to be explicitly
set, and there is no harm in setting them now.
Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
2022-06-13 11:56:23 +00:00
664db28a9f
[wiki] comment out $wgActorTableSchemaMigrationStage
...
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
2022-06-13 21:17:08 +10:00
e39c030219
[wiki] change NS_IMAGE* contancts to NS_FILE*
...
mediawiki deprecated the NS_IMAGE constants in favor of the NS_FILE
constants back in 1.14. They were removed in 1.34, so now we change
them.
c429074687/RELEASE-NOTES-1.34 (L225)
2022-06-13 21:01:48 +10:00
f9a1fd07e8
Update OIDC settings for newer versions of plugins
...
mediawiki-OpenIDConnect and mediawiki-PluggableAuth are updated to newer
versions, and the config setup has changed. this tweaks it for the wiki
stage.
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
2022-06-13 19:54:49 +10:00
Leonardo Rossetti
c45d971196
using same value for both username and queue name
2022-06-10 16:21:29 -03:00
Leonardo Rossetti
597a0f015f
using resultsdb-ci-listener{{ env_suffix }} username
2022-06-10 15:42:34 -03:00
Pavel Raiskup
3cd329b914
copr-be: move helpers.py on a syncronized place?
...
Could help with eb1c4410e8
2022-06-10 09:07:28 +02:00
Pavel Raiskup
adc7eb4f95
copr-frontend: fix the epel-{89} comment
2022-06-10 08:41:03 +02:00
Pavel Raiskup
a818ccb3cf
copr-frontend: automatically apply the chroot comment changes
2022-06-10 08:21:16 +02:00
Pavel Raiskup
a67723b492
copr-fe: automatically comment chroots from config
2022-06-10 08:10:22 +02:00
Pavel Raiskup
2d140964cd
copr-builders: move epel-9 from c9s+epel to rhel+epel
...
RHEL 9 is GA, so we can align the EPEL 9 configuration to the current
EPEL 8 pattern.
2022-06-10 07:36:11 +02:00
Kevin Fenzi
849126d89a
openvpn: move ocp_nodes var to all, drop node-selector from testing
...
Putting ocp_nodes in group_vars/all allows both proxies and openvpn
openshift app to use it.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-09 13:51:56 -07:00
Kevin Fenzi
2f07f34aab
openvpn: downgrade to avoid a bug in openvpn-2.5.7-1.fc36
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-09 13:40:36 -07:00
Kevin Fenzi
3fb1742d93
openvpn: fix path to private key
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-09 13:18:05 -07:00
7e084f5140
ocp4: setup VPN on worker nodes
...
Deploy openvpn client on each node with a router.
OpenVPN certs needs to be available for each node in
/srv/private/ansible/files/vpn/pki/issued/$hostname.{crt,key}
2022-06-09 20:13:59 +00:00
Leonardo Rossetti
877aa2f99f
using resultsdb username and password
2022-06-09 20:11:28 +00:00
Kevin Fenzi
49cdae0e41
openvpn / server: add ccd files for ocp worker nodes
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2022-06-09 13:04:57 -07:00
Leonardo Rossetti
0cdacc2746
fixed cert path + removed dev env check
2022-06-09 17:10:00 +00:00
Aurélien Bompard
3da52306b2
Bodhi: workaround python's versioned path for static files
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2022-06-09 17:41:20 +02:00
Mark O Brien
91f3d3b0bc
change nagios checks for http-bodhi to only run on ocp4 proxies
...
Signed-off-by: Mark O Brien <markobri@redhat.com>
2022-06-09 13:17:12 +01:00
Aurélien Bompard
d0b3ad7423
Add a warning about changing python versions
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2022-06-09 13:36:00 +02:00
