WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-31 01:11:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
28,350 Commits 9 Branches 0 Tags
492a724eecfa557dcd5665f024b2b07eefe00917
Commit Graph

608 Commits

Author SHA1 Message Date
Pierre-Yves Chibon
43f084686d dist-git/pagure: Drop couple of variables not used and already defined 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:11 +02:00
Pierre-Yves Chibon
93074d7249 dist-git/pagure: Enable the issue tracker on the tests namespace 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:11 +02:00
Kevin Fenzi
9f933fddee distgit / fas override: add override for pkfed 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:10 +02:00
Pierre-Yves Chibon
ebddc53593 distgit/pagure: allow cross-project API tokens to merge PRs 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:09 +02:00
Julen Landa Alustiza
2de580306b dist-git: Custom csp policy that allows connecting to apps.fp.o 2020-04-24 21:34:09 +02:00
Pierre-Yves Chibon
a924fac977 dist-git/pagure: Enable the pagure-dist-git 3rd party plugin in staging 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:08 +02:00
Pierre-Yves Chibon
84eebb9615 dist-git/pagure: Allow the update_watch_status ACL 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-06-05 11:29:36 +02:00
Pierre-Yves Chibon
527bf3a995 pagure/dist-git: allow user to change their watch status via the API 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-06-05 11:28:09 +02:00
Owen W. Taylor
4e5928d055 Allow a separate flatpaks/ namespace in production 
Adjust the production distgit and MBS configuration to allow
having a separate flatpaks/ namespace and building from there.

Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
 2019-05-14 18:47:48 +00:00
Kevin Fenzi
9790382e6b distgit/koji_hub: drop updatecrl. No longer used. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-05-13 21:36:09 +00:00
Pierre-Yves Chibon
6c8749cf59 distgit/pagure: Fix the amqp_url for fedora-messaging on pagure 
The cert is now for rabbitmq.stg.fedoraproject.org and not:
rabbitmq01.stg.phx2.fedoraproject.org so having the wrong url in the config
leads to a CertificateError leading to pagure failing to send notifications
on fedora-messaging.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-04-29 11:14:38 +02:00
Patrick Uiterwijk
55c9fb266b Remove cgit from dist-git 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-04-13 15:57:00 +02:00
Stephen Smoogen
2549998aa9 [repospanner/pagure] when using variables.. check what you type twice before committing 2019-04-12 14:45:03 +00:00
Stephen Smoogen
4d9f322a13 [repospanner] When defining ports please use the variables in global.yml to make sure that all the files get edited during a playrun versus just one or two. Thank you. 2019-04-12 14:22:24 +00:00
Owen W. Taylor
76197fc4d0 Prepare staging for a separate flatpaks/ namespace 
Change the distgit staging configuration to allow a flatpaks/ namespace,
and configure Koji and MBS to allow building from there.

Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
 2019-04-10 16:15:54 +00:00
Pierre-Yves Chibon
1319bc99f5 distgit/pagure: indicate to pagure that the git hook have a read-only access to the DB 
This way it'll try to interact with the DB using async processes
(the workers) rather than trying to do it where it does not have
the permissions and crash.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-04-10 13:16:39 +02:00
Stephen Smoogen
7c3fa7c396 Make it so our http configs for repoSpanner do not wander off from each other due to too many cooks and too few pots. Change all repospanner related 8443 to use jinja variable repoSpanner_{{region}}_http 2019-04-09 13:50:01 +00:00
Patrick Uiterwijk
0c7449ea1d Add sslciphers tags 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-04-08 21:41:17 +02:00
Kevin Fenzi
9f4bf69eae pagure / src.fp.o: Drop fedora-altarch, as it's not used. Add cvsadmin as we want them to have access to everything. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-04-08 19:26:32 +00:00
Pierre-Yves Chibon
30f7f775b4 Have pagure log commits on all branches 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-04-08 12:24:27 +02:00
Pierre-Yves Chibon
2b37c83ae3 distgit/pagure: Increase the cross-project ACLs 
This just makes pagure accept to generate project-less API tokens
with these two ACLs.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-04-03 11:50:08 +02:00
Patrick Uiterwijk
85c09a8f50 Update repospanner hook id in stg 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-03-29 12:17:35 +01:00
Pierre-Yves Chibon
307eb2fdfc pagure: Turn off debug mode on pagure.io an src.fp.o 
This leads to some exception being raised instead of by-pass safely.
It was useful at some point because pagure would not log error to
its logs otherwise but Patrick has since fixed it and I believe it
may be triggering some errors now.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-08 16:52:13 +01:00
Pierre-Yves Chibon
6ae1ad74d4 distgit/pagure: actually apply the hotfix 
So in out dist-git setup the git hook have a dedicated configuration
file which only contains a read-only access to the database.
This is because of the way our dist-git is setup where every packager
actually has a shell account on the machine and the hook are run by
that account.
So if the packager manages to get a shell access, they will be able to
read this configuration file and we do not want to give them read/write
access to the database.
Pagure however in the default hook tries to update the database, among
other it tries to clear the cached merge status of the open PR when a
commit is pushed.
For a nice UX, it does this within the hook process, this way there is
no race-condition and users accessing a PR right after a push will get
an up to date merge status (as it will be re-generated).
But we cannot do this in dist-git since we cannot update the database
directly, so instead, with this hotfix, we move the process of cleaning
up the merge status to an async job that will have read/write access
and there may be some race-condition in displaying the merge status
but so be it.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-07 16:31:25 +01:00
Stephen Smoogen
f11158639e [repospanner/hook] Update repospanner hookid 
Due to a missed commit, the repospanner hookid was not updated in
ansible which broke pushes later.
 2019-03-07 11:56:58 +00:00
Pierre-Yves Chibon
a790f2b884 Allow the cross-project ACLs pull_request_create pull_request_comment in staging 
Fixes https://pagure.io/fedora-infrastructure/issue/7623

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-06 16:19:49 +01:00
Kevin Fenzi
29ed16ab01 pkgs: Do not try and allow repoSpanner access to pagure config in prod as it isn't deployed there yet. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-03-06 02:03:20 +00:00
Pierre-Yves Chibon
9aa0c13345 Use quotes... annoying ansible 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 17:28:34 +01:00
Pierre-Yves Chibon
238c62b290 Make the certs available to repoSpanner on dist-git/stg 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 17:22:49 +01:00
Pierre-Yves Chibon
48fdb8060e Fix ownership of the certs for pagure and koji 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 16:46:07 +01:00
Pierre-Yves Chibon
723b21b2f0 Let's try specifying the mode as a string 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:20:56 +01:00
Pierre-Yves Chibon
e10aebdca4 Try another way to represent the dict 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:18:09 +01:00
Pierre-Yves Chibon
1921f94538 Another typo to remove 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:12:17 +01:00
Pierre-Yves Chibon
977eb9fd1e typi typo 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:09:25 +01:00
Pierre-Yves Chibon
3490c41c63 src.fp.o: Create /etc/fedora-messaging manually 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 14:50:02 +01:00
Pierre-Yves Chibon
4cf80b62a2 Let's try giving it some space(s) 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 14:40:55 +01:00
Pierre-Yves Chibon
55b6c9cb63 Start porting pagure at src.fp.o to fedora-messaging 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 14:26:43 +01:00
Julen Landa Alustiza
02a0635be4 set admin email config variable 2019-03-01 16:43:12 +01:00
Pierre-Yves Chibon
89fce190b9 [distgit/pagure] hotfix the default hook to clean the PR merge status async 
This is necessary because of the way our dist-git is deployed, the git hook
only have a read-only access to the database so they can't reset the cached
merge status of the open PRs in the same process so we need to do this via
an async process which is basically what this hotfix does.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-27 17:23:25 +01:00
Pierre-Yves Chibon
dd2d0643ec [distgit/pagure] Drop --autoreload from our systemd service file 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-27 10:31:55 +00:00
Kevin Fenzi
c86b14b950 pagure / repoSpanner: Fix typo on acl task. It's permissions instead of permission. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-02-23 17:58:22 +00:00
Patrick Uiterwijk
685bdf987f Allow repoSpanner access to pagure cfg 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-02-21 13:02:22 +01:00
Pierre-Yves Chibon
5480289f1c Place the cron job in a dedicated file 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 12:05:19 +01:00
Pierre-Yves Chibon
89ceaf5e06 Apparently the minute and hour must be in quotes 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 12:00:22 +01:00
Pierre-Yves Chibon
d0ae5f84a7 Export the repo info as JSON every two hours 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 11:58:50 +01:00
Pierre-Yves Chibon
c444bb0a61 Install a repospanner-admin config file in /etc/pagure 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 11:46:03 +01:00
Kevin Fenzi
8212ee4f20 pagure: disable pagure_api_key_expire_mail.timer jobs for now. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-02-08 23:49:40 +00:00
Patrick Uiterwijk
4a7649d651 Modules.... 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-01-31 12:17:49 +01:00
Patrick Uiterwijk
6c68095f33 RCM can push to master 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-01-31 12:15:23 +01:00
Pierre-Yves Chibon
dedb06e674 pagure-dist-git is now officially replacing python-pagure-dist-git 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-01-07 15:41:25 +01:00