add configuration for myconfig.py and certlist.yml
add Secret to hold configuration
add task to deploy secret
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
...we really need to do some poking about to work out what the
heck is going on with token auth, I put a container build in
my quay.io space which should let me hand-edit stuff, I hope.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
There was a typo in logging section of mailman configuration, which caused that
only default log files were created.
Also there is separate logging for gunicorn now, let's use that.
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
This is to help us figure out
https://github.com/release-engineering/waiverdb/issues/219 , it
adds an auth debugging endpoint so we can verify exactly what
fields are present when doing token auth...
Signed-off-by: Adam Williamson <awilliam@redhat.com>
A 1 second health check seems to be too much for this currently, lets
try bumping that up to 5 and see if that stops it being killed a bunch.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit adds two people to two different email aliases used for the
Flock conference:
* Add @amoloney to the `flock-staff@` email alias for greater visibility
to incoming questions about Flock and for on-site coordination.
* Add Natalie Pazmiño as a recipient to the `flock-coc@` email for Code
of Conduct reports at Flock. This is a slightly wider group than our
usual Code of Conduct Committee and Natalie will be on-site this year
to help in case of an issue.
Signed-off-by: Justin W. Flory (he/him) <jwf@redhat.com>
We have these 7 emags that were bvmhosts running 32bit arm builders.
Since we no longer need those, lets repurpose them as aarch64 buildhw.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This sort of seemed to work in staging (although there is some issue
with staging koji).
So, lets try it in production. It will make all the boostrap repo regens
a little slower, but it should get epel8 back working hopefully for now.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
lets try setting the opt to download filelists for the bootstrap chroot.
This is needed for epel8 because the deps for dnf need to resolve
/usr/libexec/platform-python and cannot due to f40 dnf not downloading
filelists by default anymore.
This will affect all bootstrap chroot creation, but it seems the
simpilest solution without changes in koji.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Mailman has huge memory spikes after migration, those are caused by visiting
`/archives/search` URL. This is probably because of the search index still being
regenerated.
This patch will disable the search from both web UI and as a HTTP URL endpoint.
Fixes https://pagure.io/fedora-infrastructure/issue/12043
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
The fedora messaging plugin needs to have MemoryDenyWriteExecute=no
The default is yes, and it causes it to not work at all.
We should probibly investigate and fix this if we can so we can enable
this protection someday.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
To be able to enable timer it needs to have WantedBy in [Install] section. Let's
add a hyperkitty.target to that section.
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
This commit is setting both mailman and hyperkitty to devmode and doesn't allow
them to sent mails anywhere.
I tested that from web UI and using `mail` command on the machine.
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
The configuration does the right thing now, but add the warning
nonetheless, so subsequent changes are less likely to be breaking.
Signed-off-by: Nils Philippsen <nils@redhat.com>
