This commit will migrate existing Zuul jobs to pagure.io/fedora-infra/zuul
repository.
This commit also removes one job that is no longer needed.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
This sets up the openQA lab instance to report to the new stg
instance of resultsdb, and use authentication. The scheduler
config file is now mode 0600 because it has a password in it.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Due to http/2 connection reuse bugs, sometimes firefox will decide to
'reuse' a connection to fedoraproject.org for openqa.fedoraproject.org
(since they both have the same tls cert), but openqa is only available
from the 2 iad2 proxies, not all of them. This results in a 503 timeout
and it just not loading. This should make those reused connections get a
421 from proxies and reconnect to the proper ips. (we hope)
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Using "unspecified" will always send just the user's (FAS) username,
which has been known to conflict with existing accounts on Gitlab. The
"persistent" name-id format guarantees uniqueness.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
Right now we are getting emails from redhat.com addresses and verifying
DKIM and stripping it off and sending on. We should leave redhat.com
emails coming from mx2.redhat.com alone so their own DKIM will still be
on the emails. This hopefully will allow these emails to be accepted by
google on the other side. Right now they don't have the signature so
google thinks they are trickery.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This should allow gnome-software users to see the dist upgrade to 36
from both f34 and f35. It's staggered/randomized, so they don't all
upgrade at once.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The `anitya.project.version.update` is deprecated in Anitya message schema,
let's consume `anitya.project.version.update.v2` instead. For now this is only
consumed by staging instance, but will be consumed by production instance as
well on next hotness release.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
Update the message template to latest version.
Schema is no longer part of the-new-hotness repository, they are installed by
pip instead.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
The current playbook assumes the old digicert ssl cert thats in private.
However, we got that in 2020 and it's expired. We switched pagure.io
over to letsencrypt a while back. Somehow we didn't change the playbook
however, or the change was lost somewhere. :(
So, this adds 2 calls to the letsencrypt role to get certs for the prod
and staging pagure instances. I think this should do the right thing
with placement of files, but more eyes welcome.
Without this playbooks runs have the chance of messing up pagure.io
certs, so I think we should fix this asap.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
