WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-02 06:20:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,401 Commits 9 Branches 0 Tags
7aa7553b84af5dc8efa78e9d8a4e50dde369052d
Commit Graph

122 Commits

Author SHA1 Message Date
Kevin Fenzi
07c894ea21 pkgs: drop recursive call to facl setting 
In a0046b5b4b there was a bunch of fixes for ansible lint to the
distgit/pagure roles.

However, it seems like a
recursive: true
was added to the facl call, when it wasn't present before.

I noticed this when my playbook run on pkgs was running for several
hours. ;(

I don't think there's any reason to run this recursively,
as permissions should inherit from the top level one and have always
worked without it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-29 15:28:21 -07:00
Michal Konecny
561d6b540d [distgit] Fix typo 
Even with the CI this typo wasn't found till execution of the playbook.
 2025-04-30 14:48:02 +02:00
Michal Konecny
5b0120cea9 [dist-git] Fix for api call token 
There is a local fix on src.fedoraproject.org that is missing on
src.stg.fedoraproject.org. I provided the fix in
https://pagure.io/pagure/pull-request/5525 and this commit is adding it
as patch to ansible, so the change is permanent.
 2025-04-30 12:36:11 +00:00
Michal Konecny
a0046b5b4b [distgit] Fixing ansible lint errors 
This commit is fixing ansible lint errors for distgit role.

It also introduces two new addition to skip list as the structure of our
ansible repository doesn't adhere to ansible standards.

The errors that will be now skipped are:
- role-name[path] - we have plenty of roles that have sub-roles inside
  them and we need to access them
- var-naming[no-role-prefix] - variables for roles are not usually
  prefixed correctly in our repository and forcing people to change that
  will introduce more issues than what it solves
 2025-04-30 10:07:35 +00:00
Aurélien Bompard
d884a0f8ba Use the combined RabbitMQ CA cert in the clients 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-04-11 15:15:45 +02:00
Michal Konecny
6428f8f772 Sunset github2fedmsg and fedmsg 
This commit is removing all the fedmsg related stuff from ansible
repository.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2025-02-13 10:08:51 +00:00
Michal Konecny
2ec055db6f Use first uppercase letter for all handlers 
This will unify all the handlers to use first uppercase letter for
ansible-lint to stop complaining.

I went through all `notify:` occurrences and fixed them by running
```
set TEXT "text_to_replace"; set REPLACEMENT "replacement_text"; git grep
-rlz "$TEXT" . | xargs -0 sed -i "s/$TEXT/$REPLACEMENT/g"
```

Then I went through all the changes and removed the ones that wasn't
expected to be changed.

Fixes https://pagure.io/fedora-infrastructure/issue/12391

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2025-02-10 20:31:49 +00:00
Ryan Lerch
47c68f478d ansiblelint fixes - fqcn[action-core] - template to ansible.builtin.template 
Replaces references to template: with ansible.builtin.template

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:30:29 +10:00
Ryan Lerch
25391e95b7 ansiblelint fixes - fqcn[action-core] - package to ansible.builtin.package 
Replaces many references to  package: with ansible.builtin.package

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:28:00 +10:00
Ryan Lerch
462176464b ansiblelint fixes-- fqcn[action-core] - command to ansible.builtin.command 
Replaces many references to  command: with ansible.builtin.command

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:26:47 +10:00
Ryan Lerch
6a3816dfdc ansiblelint fixes-- fqcn[action-core] - copy to ansible.builtin.copy 
Replaces many references to 'copy' with ansible.builtin.copy

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:43:31 +10:00
Ryan Lerch
62952df107 ansiblelint fixes-- fqcn[action-core] - file to ansible.builtin.file 
Replaces many references to  file: with ansible.builtin.file

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:41:52 +10:00
Ryan Lerch
691adee6ee Fix name[casing] ansible-lint issues 
fix 1900 failures of the following case issue:

`name[casing]: All names should start with an uppercase letter.`

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-14 20:20:07 +10:00
Aurélien Bompard
183f4ff7a4 Distgit: missing dependency 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-12-11 11:51:03 +01:00
Aurélien Bompard
134cfc522f Distgit: deploy the client_secrets file 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-11-14 08:49:23 +01:00
Nils Philippsen
205e2c9ed5 distgit/pagure: Set git directories as safe 
This was fixed previously for pagure.io in the context of
paguremirroring. Turns out, it affects all kinds of git operations, so
document and move accordingly.

Fixes: releng#12181
Fixes: fedora-infrastructure#12010

Signed-off-by: Nils Philippsen <nils@redhat.com>
 2024-06-27 11:21:19 +02:00
Nils Philippsen
0adf0869a6 distgit/pagure: Appease yamllint 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2024-06-27 11:21:07 +02:00
Michal Konecny
38ca9f6f73 [distgit/pagure] Set ACL for newly created files in /var/log/pagure 
Fix for https://pagure.io/fedora-infrastructure/issue/11957 was introduced to
pagure role, but it wasn't added to dist-git role as well. Let's fix that.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-04 10:40:45 +02:00
Kevin Fenzi
3c960624f4 fas2: good bye! You served long and well 
Remove fas2 and all the checks that depended on it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-07-01 12:09:36 -07:00
Pierre-Yves Chibon
0d1d2aace5 distgit/pagure: create the git user and add it to the packager group 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-01 16:25:10 +01:00
Pierre-Yves Chibon
7868dcfa81 distgit/pagure: add a hotfix tag where we fix the /var/log/pagure folder 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-02-12 09:52:00 +01:00
Pierre-Yves Chibon
0b3a2cc4a8 distgit/pagure: use symlink instead of complicated paths 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-05 15:58:58 +01:00
Pierre-Yves Chibon
8890fb10a9 distgit/pagure: add missing '/' 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-05 15:50:20 +01:00
Pierre-Yves Chibon
77096060f6 distgit/pagure: Configure selinux in distgit just like on pagure.io 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-11-05 15:48:41 +01:00
Kevin Fenzi
d9e8f5951a distgit: correct path to pagure_sar.py script 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-02 09:27:38 -07:00
Pierre-Yves Chibon
4ceb0b2c1c distgit/pagure: Drop old code dealing with phx2 and py2 and rhel7 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-27 09:46:58 +02:00
Pierre-Yves Chibon
84f046eaba distgit/pagure: Drop 1755 in favor of spelled out permissions on /var/log/pagure 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-27 09:44:44 +02:00
Pierre-Yves Chibon
e6c0433e19 distgit/pagure: set the sticky bit on /var/log/pagure so the group membership remains 
The owner itself does not really matter, especially when considering the
section above where the pagure user is created in the packager group.

Fixes https://pagure.io/releng/issue/9623

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-24 11:24:28 +02:00
Pierre-Yves Chibon
43a68e2c57 distgit/pagure: another clean up of old cruft from another time (py2/rhel7) 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-23 13:15:24 +02:00
Pierre-Yves Chibon
745e7b04ce distgit/pagure: remove old cruft from another time (py2/rhel7) 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-23 13:14:19 +02:00
Pierre-Yves Chibon
7c51566c36 distgit/pagure: Log auth-related into in a file on disk and create the place for it 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-23 12:59:20 +02:00
Pierre-Yves Chibon
891dcaac2b distgit: give access to the fedora-messaging certs to the packager group 
This solves the permission denied error packager would see otherwise
when pushing to dist-git as the hooks would fail to send notifications
on the fedora-messaging bus.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-06-10 10:06:13 +02:00
Pierre-Yves Chibon
4d2f3eb5ac distgit/pagure: flip httpd_can_network_connect on the host 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-27 16:37:29 +02:00
Pierre-Yves Chibon
e0ed6697f4 distgit: make the iad2 host closer to the current staging and different from phx2 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-25 23:10:15 +02:00
Pierre-Yves Chibon
85649b78b3 distgit/pagure: in staging we no longer have fedmsg 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 15:57:43 +02:00
Pierre-Yves Chibon
69f8d706d0 distgit/pagure: drop the fas2 hotfix since this is no longer used 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 12:56:44 +02:00
Pierre-Yves Chibon
107d6e331f distgit/pagure: use python3 in staging and keep prod to python2 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 12:56:26 +02:00
Pierre-Yves Chibon
1320bb90b2 distgit/pagure: libsemanage-python is python3-libsemanage on rhel8 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 12:49:57 +02:00
Pierre-Yves Chibon
66c4bb4a18 distgit/pagure: install different packages in stg vs prod 
Since we're currently rebuilding stg on rhel8 while prod is still
rhel7

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 11:46:58 +02:00
Pierre-Yves Chibon
85d6c77276 distgit/pagure: Drop installing pygment2 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-20 11:44:46 +02:00
Stephen Smoogen
c9f3d2d8be [pkgs] A ternary needs 2 arguments. I removed one in the previous commit and should have changed the code completely instead. 2020-04-24 21:34:20 +02:00
Stephen Smoogen
ccaa519dd3 [pkgs]: remove mentions of repospanner so that playbooks will set up things without it 2020-04-24 21:34:20 +02:00
Pierre-Yves Chibon
a23e73df37 distgit/pagure: Turn off the pagure-sync-bugzilla cron job 
This script has been ported to its own upstream at:
https://pagure.io/Fedora-Infra/distgit-bugzilla-sync
and is now running as a cron job in openshift (twice a day).

So we can remove it from this role/host.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:20 +02:00
Pierre-Yves Chibon
43be9500bd distgit/pagure: drop a hotfix that is no longer needed 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:20 +02:00
Pierre-Yves Chibon
de81dd973d distgit/pagure: change how the group name is defined 
The previous approach didn't seem to be liked by ansible

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:17 +02:00
Pierre-Yves Chibon
c9260c2884 dist-git/pagure: src.fp.o doesn't know about the repoSpanner group so use pagure instead 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:17 +02:00
Pierre-Yves Chibon
fb664e3745 dist-git/pagure: enable fedora-messaging in prod as well 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:17 +02:00
Pierre-Yves Chibon
93074d7249 dist-git/pagure: Enable the issue tracker on the tests namespace 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:11 +02:00
Pierre-Yves Chibon
a924fac977 dist-git/pagure: Enable the pagure-dist-git 3rd party plugin in staging 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:08 +02:00
Kevin Fenzi
29ed16ab01 pkgs: Do not try and allow repoSpanner access to pagure config in prod as it isn't deployed there yet. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-03-06 02:03:20 +00:00