WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-29 04:51:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
29,839 Commits 9 Branches 0 Tags
3d45c8c79d1dfd47ead1dc407c3bebfa02c548e7
Commit Graph

29839 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pavel Raiskup
3d45c8c79d copr: be-dev: temporarily enable @copr/copr-dev on builders 2020-04-24 21:34:23 +02:00
Pavel Raiskup
d282179097 copr: be: again apply fixes for mock 2.0 
Revert "Revert "copr: be: install new mock on builders""

This reverts commit bc76f65891e6fb6ca6738e5b9ca92c50fd77cc9e.
 2020-04-24 21:34:23 +02:00
Rick Elrod
6cfe3f18f0 Add some more hostgroups to excludes and extract the list out to group_vars/nagios 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2020-04-24 21:34:23 +02:00
Rick Elrod
136d2277a2 kill nagios checks on 3.228.218.234 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2020-04-24 21:34:23 +02:00
Rick Elrod
76e94e62d9 Kill nagios checks on 18.215.229.156 dev host...also, can we get this host a hostname please? 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2020-04-24 21:34:23 +02:00
Dusty Mabe
062091c9de openshift-apps/coreos-ostree-importer: fix volume names in deploymentconfig 
They didn't match the volume names below.
 2020-04-24 21:34:23 +02:00
Dusty Mabe
79a6b6d202 openshift-apps/coreos-ostree-importer: fix filepaths for messaging cert/key 
The extra `-` seems to not be working.
 2020-04-24 21:34:23 +02:00
Kevin Fenzi
b484b4038d robosignatory: add a tag for just updating the config 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:23 +02:00
Pavel Raiskup
86b8bd68a4 copr: backend: fix Rawhide builds 
Fedora Rawhide is now F33, and is signed by F33 keys.  We could move to
mock 2.0 and updated mock-core-configs, but there are several problems
we need to fix first:

- fix copr-rpmbuild to work with relative include()
- use config_opts[f"{pkg_manager}.conf"] in child.cfg
- fix staging so it works, and we can test this...
 2020-04-24 21:34:23 +02:00
Pavel Raiskup
7120f95fd4 Revert "copr: be: install new mock on builders" 
This reverts commit 65ccfab58cd8dc2335f58ff5512084edd9d4b1d9.

There are at least these problems:
- new mock expects 'dnf.conf' to be set in child.cfg, not yum.conf
- relative includes don't work, because copr-rpmbuild copies the
  site-defaults and child.cfg to separate config directory ...
 2020-04-24 21:34:23 +02:00
Pavel Raiskup
ea9c3916bd copr: be: make sure we use mock-core-configs contents 
... and that we only apply our changes on top of that.
 2020-04-24 21:34:23 +02:00
Pavel Raiskup
9496dc9f9f copr: be: install new mock on builders 
This allowed me to remove many hacks, but mostly this is needed to make
fedora-rawhide builds work again, per build errors:

    GPG Keys are configured as:
    file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-32-primary,
    file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-32-primary,
    file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-31-primary
    Error: GPG check FAILED

Unfortunately, due to preparations for temporary movement to AWS cloud
we don't have a working stating instance... so trying directly against
production.
 2020-04-24 21:34:23 +02:00
Pavel Raiskup
9a3787dbfe copr: dev: drop misleading note about copr-dev 2020-04-24 21:34:23 +02:00
Luca BRUNO
6f32bf387c coreos-cincinnati: deploy latest master (73711c0) 2020-04-24 21:34:23 +02:00
Ernestas Kulik
65c4558ad1 playbooks: retrace: Re-enable faf and retrace roles 
But only on the staging machine.
 2020-04-24 21:34:23 +02:00
Ernestas Kulik
90338de82f playbooks: retrace: Run on staging machine as well 2020-04-24 21:34:23 +02:00
Ernestas Kulik
1a568b94ff playbooks: retrace: Include roles in tasks section 
Makes ordering a bit clearer.
 2020-04-24 21:34:23 +02:00
Ernestas Kulik
76cb028f24 inventory: Add staging machine for retrace 2020-04-24 21:34:23 +02:00
Ernestas Kulik
45d448ae5b Rename local retrace roles 
The “local” bit is quite redundant and they are otherwise confusingly
named.
 2020-04-24 21:34:23 +02:00
Luca BRUNO
6deb320b85 coreos-cincinnati: build latest master (73711c0) 2020-04-24 21:34:23 +02:00
Peter Robinson
82f3b97852 robosignatory: IoT: Update 33/rawhide and 32/branched keys for IoT ostree signing 2020-04-24 21:34:23 +02:00
Jakub Kadlcik
36a69b8fa7 Revert "copr: temporarily disable deleting outdated chroots" 
This reverts commit 210192c6035060ae74826d3663f72c44d82334d4.
 2020-04-24 21:34:23 +02:00
Aurélien Bompard
163e9c8549 RabbitMQ: if the tags aren't specified, rabbitmq_user clears them :-/ 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:23 +02:00
Kevin Fenzi
2545b294aa allow f33 side tags 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:23 +02:00
Kevin Fenzi
a845d9ce6d pkgdb-proxy: allow f32 retirements until final freeze 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:23 +02:00
Kevin Fenzi
9694a8c691 inventory: correctly comment the right osbs nodes in prod 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:23 +02:00
Kevin Fenzi
0994065ff2 arm builders / staging: move staging builders to emag, comment out old osbs-aarch64-master01 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:23 +02:00
Dusty Mabe
c06955ee41 openshift-apps/coreos-ostree-importer: add support for fedora messaging 
This adds in configs and secrets for fedora messaging so we can consume
and publish messages as part of our normal coreos-ostree-importer life
cycle.
 2020-04-24 21:34:23 +02:00
Kevin Fenzi
cc7b7fe630 arm builders: move buildvm-armv7-22/23/24 and buildvm-aarch64-22/23 over to buildvmhost-aarch64-17 and off the moonshot 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:23 +02:00
Mohan Boddu
a221f9ce47 Setting f32 as under development 
Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
 2020-04-24 21:34:23 +02:00
Miroslav Suchý
a696618ec2 copr: system-config-firewall-base does not exist on f31 
we used to need it becouse of lokkit, but it seems we do not use it any more
 2020-04-24 21:34:23 +02:00
Miroslav Suchý
788861395c copr: try to set hostname differently 2020-04-24 21:34:23 +02:00
Miroslav Suchý
8c03878231 Revert "copr: try this" 
This reverts commit f6f015e1c205157452f33c1857cab4f5260f2cf8.
 2020-04-24 21:34:23 +02:00
Aurélien Bompard
b60803ee5c RabbitMQ: don't overwrite the admin user 
Users are shared between virtualhosts.

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:23 +02:00
Miroslav Suchý
4cd114788e copr: try this 2020-04-24 21:34:23 +02:00
Miroslav Suchý
33c5c9511b copr: do not set hostname in aws 
because we do not have dns set there and it simply do not do what it should do
 2020-04-24 21:34:23 +02:00
Miroslav Suchý
c96b973b60 remove deprecation warning 
addressing:
TASK [Install desired extra packages (dnf)] *********************************************************************************************
Friday 14 February 2020  14:03:04 +0000 (0:00:00.062)       0:00:12.297 *******
[DEPRECATION WARNING]: Invoking "dnf" only once while using a loop via squash_actions is deprecated. Instead of using a loop to supply
multiple items and specifying `pkg: "{{ item }}"`, please use `pkg: ['ntpdate', 'libselinux-python']` and remove the loop. This feature
will be removed in version 2.11. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
 2020-04-24 21:34:23 +02:00
Miroslav Suchý
d2ce8afd46 do not modify fedora*.repo when deploying in AWS 2020-04-24 21:34:23 +02:00
Aurélien Bompard
2df32fbe0c RabbitMQ: use the proper tags for the messaging-bridges playbook 2020-04-24 21:34:22 +02:00
Aurélien Bompard
9370ffcf7e Add the rabbitmq_cluster tag to the rabbit roles 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Miroslav Suchý
82fec0f69c copr: run this part no aws too 2020-04-24 21:34:22 +02:00
Miroslav Suchý
9289ef9558 copr: become root as to AWS we connect as fedora@ 2020-04-24 21:34:22 +02:00
Miroslav Suchý
d73af67872 copr: puth copr_keygen_dev_aws into dev group 2020-04-24 21:34:22 +02:00
Miroslav Suchý
5377410dba copr: spin up copr-keygen-dev in AWS 2020-04-24 21:34:22 +02:00
Aurélien Bompard
16ba6fdbff RabbitMQ: add server_name_indication to the federation parameters 
The Federation plugin uses an AMQP client that verifies that the
hostname it's connecting to is the right one. Our RabbitMQ server
TLS certificates only have the "public" name as Subject Alternative Name
and in that case apparently the client does not check the CN. Therefore
this changeset sets the client parameter to expect the "public" name in
the certificate.

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Pierre-Yves Chibon
ec0f28a35f monitor-gating: Try changing the service of the keytab 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:22 +02:00
Pierre-Yves Chibon
7b891562d2 Update the configuration so no more manual changes after branching are needed 
Patch from Miro Hrončok submitted upstream at:
https://pagure.io/fedora-ci/simple-koji-ci/pull-request/36

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:22 +02:00
Aurélien Bompard
8f5de8c822 Also create zmq.topic in /pubsub 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Aurélien Bompard
48de31d042 RabbitMQ: leave it to apps to grant access to the nagios-monitoring user 
Because those vhosts may not be created yet when the main RabbitMQ
playbook is run.

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Pierre-Yves Chibon
f21127ef84 monitor-gating: Adjust the key which is used as filename 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:22 +02:00