WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 05:51:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,401 Commits 9 Branches 0 Tags
7aa7553b84af5dc8efa78e9d8a4e50dde369052d
Commit Graph

787 Commits

Author SHA1 Message Date
Patrick Uiterwijk
85c09a8f50 Update repospanner hook id in stg 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-03-29 12:17:35 +01:00
Pierre-Yves Chibon
307eb2fdfc pagure: Turn off debug mode on pagure.io an src.fp.o 
This leads to some exception being raised instead of by-pass safely.
It was useful at some point because pagure would not log error to
its logs otherwise but Patrick has since fixed it and I believe it
may be triggering some errors now.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-08 16:52:13 +01:00
Pierre-Yves Chibon
6ae1ad74d4 distgit/pagure: actually apply the hotfix 
So in out dist-git setup the git hook have a dedicated configuration
file which only contains a read-only access to the database.
This is because of the way our dist-git is setup where every packager
actually has a shell account on the machine and the hook are run by
that account.
So if the packager manages to get a shell access, they will be able to
read this configuration file and we do not want to give them read/write
access to the database.
Pagure however in the default hook tries to update the database, among
other it tries to clear the cached merge status of the open PR when a
commit is pushed.
For a nice UX, it does this within the hook process, this way there is
no race-condition and users accessing a PR right after a push will get
an up to date merge status (as it will be re-generated).
But we cannot do this in dist-git since we cannot update the database
directly, so instead, with this hotfix, we move the process of cleaning
up the merge status to an async job that will have read/write access
and there may be some race-condition in displaying the merge status
but so be it.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-07 16:31:25 +01:00
Stephen Smoogen
f11158639e [repospanner/hook] Update repospanner hookid 
Due to a missed commit, the repospanner hookid was not updated in
ansible which broke pushes later.
 2019-03-07 11:56:58 +00:00
Pierre-Yves Chibon
a790f2b884 Allow the cross-project ACLs pull_request_create pull_request_comment in staging 
Fixes https://pagure.io/fedora-infrastructure/issue/7623

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-06 16:19:49 +01:00
Kevin Fenzi
29ed16ab01 pkgs: Do not try and allow repoSpanner access to pagure config in prod as it isn't deployed there yet. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-03-06 02:03:20 +00:00
Pierre-Yves Chibon
9aa0c13345 Use quotes... annoying ansible 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 17:28:34 +01:00
Pierre-Yves Chibon
238c62b290 Make the certs available to repoSpanner on dist-git/stg 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 17:22:49 +01:00
Pierre-Yves Chibon
48fdb8060e Fix ownership of the certs for pagure and koji 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 16:46:07 +01:00
Pierre-Yves Chibon
723b21b2f0 Let's try specifying the mode as a string 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:20:56 +01:00
Pierre-Yves Chibon
e10aebdca4 Try another way to represent the dict 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:18:09 +01:00
Pierre-Yves Chibon
1921f94538 Another typo to remove 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:12:17 +01:00
Pierre-Yves Chibon
977eb9fd1e typi typo 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 15:09:25 +01:00
Pierre-Yves Chibon
3490c41c63 src.fp.o: Create /etc/fedora-messaging manually 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 14:50:02 +01:00
Pierre-Yves Chibon
4cf80b62a2 Let's try giving it some space(s) 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 14:40:55 +01:00
Pierre-Yves Chibon
55b6c9cb63 Start porting pagure at src.fp.o to fedora-messaging 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-03-04 14:26:43 +01:00
Julen Landa Alustiza
02a0635be4 set admin email config variable 2019-03-01 16:43:12 +01:00
Pierre-Yves Chibon
89fce190b9 [distgit/pagure] hotfix the default hook to clean the PR merge status async 
This is necessary because of the way our dist-git is deployed, the git hook
only have a read-only access to the database so they can't reset the cached
merge status of the open PRs in the same process so we need to do this via
an async process which is basically what this hotfix does.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-27 17:23:25 +01:00
Pierre-Yves Chibon
dd2d0643ec [distgit/pagure] Drop --autoreload from our systemd service file 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-27 10:31:55 +00:00
Kevin Fenzi
c86b14b950 pagure / repoSpanner: Fix typo on acl task. It's permissions instead of permission. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-02-23 17:58:22 +00:00
Patrick Uiterwijk
685bdf987f Allow repoSpanner access to pagure cfg 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-02-21 13:02:22 +01:00
Pierre-Yves Chibon
5480289f1c Place the cron job in a dedicated file 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 12:05:19 +01:00
Pierre-Yves Chibon
89ceaf5e06 Apparently the minute and hour must be in quotes 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 12:00:22 +01:00
Pierre-Yves Chibon
d0ae5f84a7 Export the repo info as JSON every two hours 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 11:58:50 +01:00
Pierre-Yves Chibon
c444bb0a61 Install a repospanner-admin config file in /etc/pagure 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-02-12 11:46:03 +01:00
Kevin Fenzi
8212ee4f20 pagure: disable pagure_api_key_expire_mail.timer jobs for now. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-02-08 23:49:40 +00:00
Patrick Uiterwijk
4a7649d651 Modules.... 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-01-31 12:17:49 +01:00
Patrick Uiterwijk
6c68095f33 RCM can push to master 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-01-31 12:15:23 +01:00
Pierre-Yves Chibon
dedb06e674 pagure-dist-git is now officially replacing python-pagure-dist-git 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-01-07 15:41:25 +01:00
Pierre-Yves Chibon
9069676c66 Enable the cron job sending reminders about API keys on src.fp.o 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2019-01-07 15:41:25 +01:00
Kevin Fenzi
c95ded92e8 add bugzilla exception for thofmann - https://pagure.io/releng/issue/7905 2018-12-18 19:40:11 +00:00
Pierre-Yves Chibon
c055c82949 Allow user to view the pull_request_create ACL 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-12-09 21:18:48 +01:00
Pierre-Yves Chibon
ccc571a70a Allow the ACL to create PR for the API tokens 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-12-09 21:10:41 +01:00
Kevin Fenzi
ed43e211cf add bugzilla exception for dwd 2018-12-07 20:30:36 +00:00
Patrick Uiterwijk
1bec672ede Make external committers available to the hooks 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 17:48:50 +01:00
Patrick Uiterwijk
a8dfa2c319 Keep this suexec line for cgit for now 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 12:53:51 +01:00
Patrick Uiterwijk
82ae94410b Use in-pagure HTTP pull/push 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 12:46:09 +01:00
Patrick Uiterwijk
d876e90554 We have no need for gitolite 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 12:45:01 +01:00
Patrick Uiterwijk
5ed0fcc812 Do not use gitolite in the push process anymore 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 12:23:45 +01:00
Patrick Uiterwijk
17eb141edb Allow the other internal proxy too 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 12:15:07 +01:00
Patrick Uiterwijk
3c408d88b0 Configure keyhelper/aclchecker for prod 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 11:58:48 +01:00
Patrick Uiterwijk
66802257fa Make PDC URL available to pagure 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 11:52:16 +01:00
Patrick Uiterwijk
5cd44ca6fe Set up prod ACL config 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-21 11:29:29 +01:00
Pierre-Yves Chibon
de6a872b95 python2-pagure-dist-git got renamed simply python-pagure-dist-git 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-11-21 11:19:23 +01:00
Pierre-Yves Chibon
35fdf52ad3 New pagure is now running on src.fp.o 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-11-20 11:05:44 +01:00
Kevin Fenzi
9a3865176b you can only have one when 2018-11-12 00:59:20 +00:00
Patrick Uiterwijk
97d0aa22b4 Also allow pushing to tags for releng 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-10-22 16:37:29 +02:00
Pierre-Yves Chibon
04dbc96fdc Turn off emailing on watchcommits on the main app and the git hooks 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2018-10-17 12:33:13 +02:00
Patrick Uiterwijk
fa3745b508 Use the hook ID 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-10-16 11:26:22 +00:00
Patrick Uiterwijk
ad0d416f2a Update the name of the blacklist var 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-10-12 10:22:28 +02:00