ansible/inventory/group_vars/osbs_masters

---
# Define resources for this group of hosts here.
_osbs_reactor_config_map:
  artifacts_allowed_domains: []
  #- download.devel.redhat.com/released
  #- download.devel.redhat.com/devel/candidates

  clusters:
    aarch64:
      - enabled: True
        max_concurrent_builds: 1
        name: "aarch64"
    x86_64:
      - enabled: True
        max_concurrent_builds: 2
        name: "x86_64"
  clusters_client_config_dir: "/var/run/secrets/atomic-reactor/client-config-secret"
  content_versions:
    - v2
  flatpak:
    base_image: "registry.fedoraproject.org/flatpak-build-base:latest"
    metadata: both
  group_manifests: True
  image_equal_labels:
    - ['description', 'io.k8s.description']
  image_labels:
    authoritative-source-url: "{{ source_registry }}"
    distribution-scope: public
    vendor: "Fedora Project"
  koji:
    auth:
      krb_keytab_path: "FILE:/etc/krb5.osbs_{{ osbs_url }}.keytab"
      krb_principal: "osbs/{{osbs_url}}@{{ ipa_realm }}"
    hub_url: "https://koji{{ env_suffix }}.fedoraproject.org/kojihub"
    root_url: "https://koji{{ env_suffix }}.fedoraproject.org/"
  odcs:
    api_url: "https://odcs{{ env_suffix }}.fedoraproject.org/api/1"
    auth:
      openidc_dir: "/var/run/secrets/atomic-reactor/odcs-oidc-secret"
    default_signing_intent: "unsigned"
    signing_intents:
      - keys: []
        name: unsigned
  openshift:
    auth:
      enable: True
    build_json_dir: /usr/share/osbs
    insecure: true
    url: "https://{{ osbs_url }}"
  platform_descriptors: "{{ osbs_platform_descriptors }}"
  prefer_schema1_digest: False
  registries:
    - auth:
        cfg_path: /var/run/secrets/atomic-reactor/v2-registry-dockercfg
      url: https://candidate-registry.fedoraproject.org/v2
  required_secrets:
    - v2-registry-dockercfg
    - odcs-oidc-secret
  skip_koji_check_for_base_image: True
  source_registry:
    insecure: True
    url: "{{ source_registry }}"
  sources_command: "{{ osbs_conf_sources_command }}"
  version: 1
  worker_token_secrets:
    - x86-64-orchestrator
    - aarch64-orchestrator
    - client-config-secret
_osbs_scratch_reactor_config_map_overrides:
  image_labels:
    distribution-scope: private
#Docker command delegated host
composer: compose-x86-01.iad2.fedoraproject.org
docker_cert_dir: "/etc/docker/certs.d/candidate-registry.fedoraproject.org"
docker_registry: "candidate-registry.fedoraproject.org"
koji_url: "koji.fedoraproject.org"
lvm_size: 60000
mem_size: 8192
# Nagios configuration
nagios_Check_Services:
  dhcpd: false
  httpd: false
  named: false
  nrpe: true
  sshd: true
  swap: false
num_cpus: 2
openshift_node_labels: {'region': 'infra'}
openshift_schedulable: False
osbs_client_conf_path: /etc/osbs.conf
osbs_conf_readwrite_users:
  - "system:serviceaccount:{{ osbs_namespace }}:default"
  - "system:serviceaccount:{{ osbs_namespace }}:builder"
osbs_conf_service_accounts:
  - koji
  - builder
osbs_conf_sources_command: fedpkg sources
osbs_conf_worker_clusters:
  aarch64:
    - max_concurrent_builds: 1
      name: aarch64
      openshift_url: "https://osbs-aarch64-master01.iad2.fedoraproject.org:8443/"
      verify_ssl: 'false'
  x86_64:
    - max_concurrent_builds: 2
      name: x86_64
      openshift_url: "https://osbs.fedoraproject.org/"
      verify_ssl: 'false'
osbs_koji_username: "kojibuilder"
osbs_namespace: "osbs-fedora"
osbs_odcs_enabled: true
osbs_orchestrator_cpu_limitrange: "95m"
osbs_orchestrator_default_nodeselector: "orchestrator=true"
osbs_platform_descriptors:
  - architecture: amd64
    platform: x86_64
  - architecture: arm64
    platform: aarch64
osbs_reactor_config_maps:
  - data: "{{ _osbs_reactor_config_map }}"
    name: reactor-config-map
  - data: >
      {{ _osbs_reactor_config_map |

         combine(_osbs_scratch_reactor_config_map_overrides, recursive=True) }}
    name: reactor-config-map-scratch
osbs_url: "osbs.fedoraproject.org"
osbs_worker_default_nodeselector: "worker=true"
osbs_worker_namespace: worker
osbs_worker_service_accounts:
  - orchestrator
  - builder
source_registry: "registry.fedoraproject.org"
tcp_ports: [80, 443, 8443]