WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
45,355 Commits 9 Branches 0 Tags
24ecee5ebedb269129cfde787bed2fa14fce346c
Commit Graph

207 Commits

Author SHA1 Message Date
Kevin Fenzi
a754144f19 Update infra pagure.io links to forge.fp.o (WIP) 
This should update all the references we have to
https://pagure.io/fedora-infrastructure to the
new https://forge.fedoraproject.org/infra/tickets/ area.

Do not merge this before the migration on tuesday.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2026-01-20 14:39:40 -08:00
Lenka Segura
8177465025 distgit: hotfix for links to accounts.fpo 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2025-08-11 14:08:53 +02:00
Lenka Segura
ca10dca26a distgit: fix lint errors in distgit role 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2025-08-11 13:06:25 +02:00
James Antill
2a76cdf5a9 distgit: Deploy fedora-messaging conf and certs. 
Signed-off-by: James Antill <james@and.org>
 2025-07-03 17:05:48 -04:00
Michal Konecny
2ec055db6f Use first uppercase letter for all handlers 
This will unify all the handlers to use first uppercase letter for
ansible-lint to stop complaining.

I went through all `notify:` occurrences and fixed them by running
```
set TEXT "text_to_replace"; set REPLACEMENT "replacement_text"; git grep
-rlz "$TEXT" . | xargs -0 sed -i "s/$TEXT/$REPLACEMENT/g"
```

Then I went through all the changes and removed the ones that wasn't
expected to be changed.

Fixes https://pagure.io/fedora-infrastructure/issue/12391

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2025-02-10 20:31:49 +00:00
Ryan Lerch
47c68f478d ansiblelint fixes - fqcn[action-core] - template to ansible.builtin.template 
Replaces references to template: with ansible.builtin.template

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:30:29 +10:00
Ryan Lerch
25391e95b7 ansiblelint fixes - fqcn[action-core] - package to ansible.builtin.package 
Replaces many references to  package: with ansible.builtin.package

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:28:00 +10:00
Ryan Lerch
462176464b ansiblelint fixes-- fqcn[action-core] - command to ansible.builtin.command 
Replaces many references to  command: with ansible.builtin.command

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:26:47 +10:00
Ryan Lerch
6a3816dfdc ansiblelint fixes-- fqcn[action-core] - copy to ansible.builtin.copy 
Replaces many references to 'copy' with ansible.builtin.copy

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:43:31 +10:00
Ryan Lerch
62952df107 ansiblelint fixes-- fqcn[action-core] - file to ansible.builtin.file 
Replaces many references to  file: with ansible.builtin.file

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:41:52 +10:00
Ryan Lerch
691adee6ee Fix name[casing] ansible-lint issues 
fix 1900 failures of the following case issue:

`name[casing]: All names should start with an uppercase letter.`

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-14 20:20:07 +10:00
Nils Philippsen
48f4990dd9 Fix typos 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2024-07-01 13:34:48 +00:00
Lenka Segura
be15763f0f Change permissions on the retired_packages cron 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2024-03-04 09:02:58 +00:00
Lenka Segura
8a3c70cf14 Remove stg condition for running retired-packages script on pkgs01 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2024-02-19 15:16:06 +01:00
Lenka Segura
1ec305ee0b releng: Schedule a cron job to retrieve retired packages nightly 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2023-11-21 08:56:50 +00:00
Pierre-Yves Chibon
2b46c6a7fb basessh/distgit: adjust the way ssh is configured for distgit 
Basically, we are now installing a small wrapper in /usr/local/bin
which just echoes to stdout what should be in the authorized_keys
file for that user.
That content is generated by retrieving the ssh key from sssd via
the command sss_ssh_authorizedkeys as well as the usual ssh way to
restrict the action an user/key can do: command="...".
In this case, we're setting a couple of environment variable that
are needed later on for things to work properly as well as only
allow the user to call the aclchecker.py script provided by pagure.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-04-03 21:16:51 +02:00
Pierre-Yves Chibon
00804542f3 Revert "basessh/distgit: adjust the way ssh is configured for distgit" 
This is still being reviewed and wasn't meant to be pushed out yet

This reverts commit 67844b4504.
 2021-04-03 19:10:54 +02:00
Pierre-Yves Chibon
67844b4504 basessh/distgit: adjust the way ssh is configured for distgit 
Basically, we are now installing a small wrapper in /usr/local/bin
which just echoes to stdout what should be in the authorized_keys
file for that user.
That content is generated by retrieving the ssh key from sssd via
the command sss_ssh_authorizedkeys as well as the usual ssh way to
restrict the action an user/key can do: command="...".
In this case, we're setting a couple of environment variable that
are needed later on for things to work properly as well as only
allow the user to call the aclchecker.py script provided by pagure.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-04-03 19:01:38 +02:00
Kevin Fenzi
5927f7b321 distgit / hooks: only tweak perms on batcave hooks perms 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-01-15 11:39:26 -08:00
Pierre-Yves Chibon
3351fbd3b4 drop run_once when install selinux policies 
Otherwise the policy doesn't get installed everywhere...

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 16:48:42 +01:00
Pierre-Yves Chibon
1df7a7c0d3 distgit: add a selinux tag 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 15:38:09 +01:00
Pierre-Yves Chibon
1ef758c408 distgit: install another custom selinux policy 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-10 15:35:33 +01:00
Pierre-Yves Chibon
3f03400dac distgit: drop pagure related selinux config since it's now handled in the pagure role 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-05 17:27:27 +01:00
Pierre-Yves Chibon
a7e2a97fad distgit: drop selinux config from the distgit role as it is now in pagure role 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-05 17:24:18 +01:00
Pierre-Yves Chibon
19ad9380b0 dist-git: clean up the playbook for the left over phx2 sections 
Remove all the sections there were RHEL7/phx2/gitolite related
now that we're running on RHEL8 with python3 and all of its goodies

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-10 12:51:56 +00:00
Pierre-Yves Chibon
f2066c896d distgit: looks like the acl action does not support with_items, pity 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-06-16 20:56:31 +02:00
Pierre-Yves Chibon
b57fcaccf7 distgit: Add missing tag to a task 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-06-16 20:53:17 +02:00
Pierre-Yves Chibon
46b327807f distgit: turn on fedora-messaging notification and give apache access to the git hook cert and keys 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-06-15 13:56:38 +02:00
Pierre-Yves Chibon
5b4ba6cd8e distgit: install py3-grokmirror in staging/iad2 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-27 07:59:26 +02:00
Pierre-Yves Chibon
1dfa047cec distgit: python-grokmirror is now available on epel8-infra 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-26 22:42:53 +02:00
Pierre-Yves Chibon
e0ed6697f4 distgit: make the iad2 host closer to the current staging and different from phx2 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-25 23:10:15 +02:00
Pierre-Yves Chibon
592e4749c1 distgit: create the pkgs.stg certs via letsencrypt 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-23 15:56:46 +02:00
Pierre-Yves Chibon
687230bfb8 distgit: turn off grokmirror for now in stg 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-23 15:08:51 +02:00
Pierre-Yves Chibon
3ad71fd2a0 distgit: Install mod_auth_openidc via modules in RHEL8 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-22 17:54:51 +02:00
Pierre-Yves Chibon
23c94a35d1 distgit: now that the dist-git package is available, a number of steps can be re-enabled 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-22 11:30:58 +02:00
Pierre-Yves Chibon
93a30623c6 distgit: another place we're being bitten by the lack of dist-git package 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 18:28:06 +02:00
Pierre-Yves Chibon
7c2b0b2923 distgit: a few other places where the missing dist-git needs to be accounted for 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 17:59:15 +02:00
Pierre-Yves Chibon
54cbb646a5 distgit: dist-git is not yet available for rhel8, so is its config folder 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 17:38:33 +02:00
Pierre-Yves Chibon
6881735c06 distgit: fun thing, dist-git isn't available for rhel8 atm... 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 17:04:13 +02:00
Pierre-Yves Chibon
6ef5a99f56 distgit: mod_auth_openidc is not in rhel8 yet 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 16:45:20 +02:00
Pierre-Yves Chibon
ce213161a3 distgit: adjust the list of packages to be installed in stg/rhel8 and drop gitolite there as well 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 16:24:45 +02:00
Stephen Smoogen
ccaa519dd3 [pkgs]: remove mentions of repospanner so that playbooks will set up things without it 2020-04-24 21:34:20 +02:00
Kevin Fenzi
9790382e6b distgit/koji_hub: drop updatecrl. No longer used. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-05-13 21:36:09 +00:00
Patrick Uiterwijk
55c9fb266b Remove cgit from dist-git 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-04-13 15:57:00 +02:00
Patrick Uiterwijk
0c7449ea1d Add sslciphers tags 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-04-08 21:41:17 +02:00
Pierre-Yves Chibon
5480289f1c Place the cron job in a dedicated file 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 12:05:19 +01:00
Pierre-Yves Chibon
89ceaf5e06 Apparently the minute and hour must be in quotes 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 12:00:22 +01:00
Pierre-Yves Chibon
d0ae5f84a7 Export the repo info as JSON every two hours 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 11:58:50 +01:00
Pierre-Yves Chibon
c444bb0a61 Install a repospanner-admin config file in /etc/pagure 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 11:46:03 +01:00
Kevin Fenzi
9a3865176b you can only have one when 2018-11-12 00:59:20 +00:00