Pavel Raiskup
30c0defe44
copr-backend: more verbose machine termination
2026-02-07 21:08:10 +01:00
Kevin Fenzi
a9acbd4c0e
bodhi/openshift: restore dropped cd to the right directory
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-02-06 10:17:14 -08:00
Kevin Fenzi
dc3fda7f45
bodhi/openshift: fix missing /
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-02-06 09:59:07 -08:00
Kevin Fenzi
9503d8df11
bodhi / openshift: adjust critpath to pull from forge instead of pagure.io
...
releng moved things from pagure.io/releng to
forge.fedoraproject.org/releng/tooling
Adjust this cron to do likewise.
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-02-06 09:54:04 -08:00
Patrik Polakovič
46fbcc5567
Branch Fedora 44 from Rawhide
...
Signed-off-by: Patrik Polakovič <patrik@alphamail.org >
2026-02-05 19:10:58 +00:00
Greg Sutcliffe
0bb245c653
Zabbix | Rabbit: Fix hardcoded STG entry in zabbix agent drop-in
...
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org >
2026-02-05 11:12:42 +00:00
Miroslav Suchý
6092f3bdb2
set swappiness to 10 for copr machines
2026-02-04 20:45:38 +01:00
Ryan Lerch
1d6aa6f15a
[webhook2fm] fix typo from 8a61479d64
...
Signed-off-by: Ryan Lerch <rlerch@redhat.com >
2026-02-04 11:18:10 +10:00
Ryan Lerch
8a61479d64
[webhook2fm] update staging rediurect URIs
...
Signed-off-by: Ryan Lerch <rlerch@redhat.com >
2026-02-04 11:06:52 +10:00
Ryan Lerch
a36c5a7a16
[forge] add staging ips to webhook ALLOWED_HOST_LIST settings
...
Signed-off-by: Ryan Lerch <rlerch@redhat.com >
2026-02-04 10:21:35 +10:00
Ryan Lerch
a425f8715f
[forge] set default merge style to rebase
...
fixes : forge/forge#353
Signed-off-by: Ryan Lerch <rlerch@redhat.com >
2026-02-04 09:24:20 +10:00
Ryan Lerch
6aab5d6da0
[forge] update ALLOWED_HOST_LIST for webhooks to include internal ips
...
fixes : forge/forge#368
Signed-off-by: Ryan Lerch <rlerch@redhat.com >
2026-02-04 09:20:26 +10:00
Pavel Raiskup
8e09c0498e
copr-be: keep one machine running for Kevin's debugging
2026-02-02 16:55:54 +01:00
Kevin Fenzi
29a00a8986
bastion: fix conditional for ssh tcpforwarding
...
I copy pasted this and left a 'not' in there that made this backwards.
Fix the conditional.
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-31 08:20:16 -08:00
Kevin Fenzi
423f7c0c52
pagure / dist-git: drop hotfix that was pulled into rpm
...
We pulled this fix into the epel8 rpm we are using, so we shouldn't try
and apply it here also.
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-31 08:18:00 -08:00
Kevin Fenzi
c86adb0115
vmhost-x86-copr01: update mac addesses
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-30 13:59:30 -08:00
Kevin Fenzi
278d9427f8
bastion: allow ssh tcp forwarding on bastion hosts
...
We need this in order to be able to use them as jumphosts with ssh.
Without it, there's no easy way to get to any internal machines.
Just enable it here and leave the default off.
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-30 11:16:01 -08:00
Kevin Fenzi
5091fd4373
ocp-rdu3: retire this host/proxy/cert now that we are moved
...
There's no need to keep ocp-rdu3 around anymore, we only used
it when we were moving datacenters last year.
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-30 10:35:10 -08:00
Kevin Fenzi
1bf508dc18
Revert "[robosignatory] Increase the prefetch value"
...
This reverts commit 4fdd0c9fca
2026-01-30 09:39:58 -08:00
Kevin Fenzi
2d28e5de7b
hosts: set specific gateway for a few iso hosts
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-30 09:21:17 -08:00
Aurélien Bompard
72fad29431
Ipsilon: fix the GNOME Damned Lies redirect URL
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org >
2026-01-30 13:03:59 +01:00
Lukas Holecek
81e4fef760
resultsdb: Update image repositories
...
ResultsDB frontend and backend image builds where moved to Konflux.
See also the discussion in PR:
https://github.com/release-engineering/resultsdb_frontend/pull/17
2026-01-29 18:13:15 +00:00
Kevin Fenzi
da680d4ee9
robosignatory: sign f44 also with the f45 ima key
...
We are resigning in prep for branching next week, we need to also make
sure to sign things with the f45 ima key.
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-29 09:19:51 -08:00
David Kirwan
5de7e7921b
forgejo: add backup/pruning cronjobs
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com >
2026-01-29 15:48:00 +00:00
David Kirwan
b5da9bfcc7
forgejo: modify backups pruning retention
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com >
2026-01-29 15:39:21 +00:00
David Kirwan
0f1dbc8094
forgejo: Add backup handling scripts to ansible role
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com >
2026-01-29 15:07:15 +00:00
Michal Konecny
10c25c08f4
[flatpak-indexer] Make the deployment simpler
...
Update the deployment for quay.io changes to make the whole deployment
simpler.
Staging is now pointing to quay.io only. See
https://forge.fedoraproject.org/infra/tickets/issues/11543 for more
details about these changes.
Signed-off-by: Michal Konecny <mkonecny@redhat.com >
2026-01-29 13:50:08 +01:00
Ryan Lerch
8782797c47
[forge] fix group mapping syntax error
...
Signed-off-by: Ryan Lerch <rlerch@redhat.com >
2026-01-29 14:29:14 +10:00
Ryan Lerch
a9c38bf0b3
[forge] add team mapping for forge-workstation-owners
...
Signed-off-by: Ryan Lerch <rlerch@redhat.com >
2026-01-29 14:21:10 +10:00
Kevin Fenzi
0f4db8328d
Add siguldry pesign bridge role to switch pesign to sigul
...
This role is intended to be run on a build{vm|hw} machine that is in the
secure-boot channel in koji. It sets up the siguldry pesign-bridge that
allows builds done there to call pesign to sign artifacts by bind
mounting a socket into the mock chroot.
This then calls sigul's pesign client which sends the artifact to the
sigul vault via the sigul bridge for signing. The vault has access to
a secure token to sign the artifact with.
This should (once confirmed working) replace the roles/bkernel role that
used a secure card that was directly attached to a buildhw device.
This should allow us to add support for aarch64 as well as more easily
use different hardware or vm's as any of them could be setup to query
the sigul server.
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-29 00:58:41 +00:00
Mattia Verga
c98a72f0c2
bodhi: update to 25.11.3 and disable returning celery results
...
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it >
2026-01-28 16:34:23 +00:00
Samyak Jain
c71e1f8bab
robosignatory: also allow resigning f44 tagged packages with f45 key
...
Signed-off-by: Samyak Jain <samyak.jn11@gmail.com >
2026-01-28 15:38:55 +00:00
Greg Sutcliffe
460cd098d7
Zabbix: fix apache-status access on pkgs
...
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org >
2026-01-27 18:03:36 +00:00
Jiri Kyjovsky
4adce255f5
copr: add powerful builders for riscv team
2026-01-27 11:52:58 +01:00
Adam Williamson
1d65a5dd55
testdays: update git URL to forge
...
Signed-off-by: Adam Williamson <awilliam@redhat.com >
2026-01-26 23:34:39 -08:00
Adam Williamson
ae2cd3530b
roles/openqa/server: drop OpenID auth support
...
We've been using OAuth2 for prod and stg for some time now, so
let's clean this up.
Signed-off-by: Adam Williamson <awilliam@redhat.com >
2026-01-26 15:40:50 -08:00
Adam Williamson
4e4a12f2c3
roles/openqa/server: show more builds on the front page
...
We only have two job groups, so the front page is a bit sad and
empty. Let's show 10 builds per group, not 3.
Signed-off-by: Adam Williamson <awilliam@redhat.com >
2026-01-26 15:37:24 -08:00
Greg Sutcliffe
a72e5b2fbf
Zabbix: fix different handling of /apache-status on proxy hosts
...
Seems like the proxies don't want to handle port 80 nicely, I get
errors in Zabbix for them using localhost:80/apache-status (which
works elsewhere, like sundries). However using https/443 seems to
work, so we'll do that instead.
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org >
2026-01-26 11:39:48 +00:00
Greg Sutcliffe
3b9f1808a2
Zabbix: fixes infra/tickets#12976 - add apache-status monitoring
...
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org >
2026-01-26 11:22:52 +00:00
Jiri Kyjovsky
de8f2a8197
copr: add emulated riscv64 resalloc tags
2026-01-26 10:17:11 +01:00
Kevin Fenzi
1b938e0c7a
Revert "koji: re-block some koji endpoints due to scrapers"
...
This reverts commit ffbcb36d91
2026-01-25 10:46:37 -08:00
Kevin Fenzi
ffbcb36d91
koji: re-block some koji endpoints due to scrapers
...
They are hitting these endpoints really hard.
Might be able to lift it later...
Signed-off-by: Kevin Fenzi <kevin@scrye.com >
2026-01-25 10:24:17 -08:00
Adam Williamson
ec42689b4d
Update fedora-nightlies URLs for forgejo migration
...
Signed-off-by: Adam Williamson <awilliam@redhat.com >
2026-01-23 18:48:32 -08:00
Adam Williamson
804efd40d1
Update pagure.io/fedora-qa to forge.fedoraproject.org/quality
...
Quality org has completed moving repos to Forgejo (all but one),
so let's update all of these.
Signed-off-by: Adam Williamson <awilliam@redhat.com >
2026-01-23 15:31:46 -08:00
Greg Sutcliffe
ac05b2c713
DHCP: update mac for x86-copr02 - fix typo
...
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org >
2026-01-23 13:26:12 +00:00
Greg Sutcliffe
e073db663d
DHCP: update mac for x86-copr02
...
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org >
2026-01-23 13:23:35 +00:00
David Kirwan
c7b256b857
communishift: wip shutting down projects marked for deletion
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com >
2026-01-23 13:23:03 +00:00
Greg Sutcliffe
01ab35531a
Zabbix: fixes infra/tickets#12992 - add IPA backup monitoring
...
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org >
2026-01-23 10:22:29 +00:00
Gregory Bartholomew
7e69bf85e8
redirect torrent.fp.o to fp.o/torrents
...
Signed-off-by: Gregory Bartholomew <gregory.lee.bartholomew@gmail.com >
2026-01-22 22:31:24 +00:00
Adam Williamson
2a8f208ce6
Fix qa redirect (remove trailing slash)
...
The qa.fp.o redirect is to a wiki page, it should not have a
trailing slash.
Signed-off-by: Adam Williamson <awilliam@redhat.com >
2026-01-22 14:16:53 -08:00
