WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 05:51:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,401 Commits 9 Branches 0 Tags
7aa7553b84af5dc8efa78e9d8a4e50dde369052d
Commit Graph

86 Commits

Author SHA1 Message Date
Ryan Lerch
a0cd459d47 Fix some references in tasks dropping .j2 
When fixing conflicts when merging the PR containing commit 47c68f4,
some of the .j2 suffuxes i added in tasks were erronounusly dropped.

this fixes those.

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 19:44:59 +10:00
Ryan Lerch
47c68f478d ansiblelint fixes - fqcn[action-core] - template to ansible.builtin.template 
Replaces references to template: with ansible.builtin.template

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:30:29 +10:00
Ryan Lerch
3c41882bb0 ansiblelint fixes - fqcn[action-core] - shell to ansible.builtin.shell 
Replaces references to shell: with ansible.builtin.shell

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:29:10 +10:00
Ryan Lerch
462176464b ansiblelint fixes-- fqcn[action-core] - command to ansible.builtin.command 
Replaces many references to  command: with ansible.builtin.command

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:26:47 +10:00
Ryan Lerch
62952df107 ansiblelint fixes-- fqcn[action-core] - file to ansible.builtin.file 
Replaces many references to  file: with ansible.builtin.file

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:41:52 +10:00
Aurélien Bompard
f3517ab537 Escape jinja template chars when necessary 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-01-14 17:25:50 +01:00
Ryan Lerch
691adee6ee Fix name[casing] ansible-lint issues 
fix 1900 failures of the following case issue:

`name[casing]: All names should start with an uppercase letter.`

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-14 20:20:07 +10:00
Ryan Lerch
098a9fedf2 openshift/project - rename yaml/yml templates to .j2 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-14 08:37:30 +10:00
Aurélien Bompard
acc40816b7 Rewrite prefixes when forwarding vars in openshift roles 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-12-03 11:24:58 +01:00
Ryan Lerch
776866cba3 [ansible-lint] prefix variable names for openshift/object role 
ansible-lint requires that variables for roles are prefixed with the
name of the role. This commit prefixes the variables for the
openshift/object role with object_ as required by ansible-lint

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2024-12-03 10:48:45 +01:00
Ryan Lerch
01ace51513 [ansible-lint] prefix variable names for openshift/project role 
ansible-lint requires that variables for roles are prefixed with the
name of the role. This commit prefixes the rvariables for the
openshift/project role with project_ as required by ansible-lint

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2024-12-03 10:48:44 +01:00
Adam Williamson
4194cafaf4 prometheusRules - try going back to exactly how it was before yamllint 
...i.e. without a comment before it to suppress yamllint. Maybe
that doesn't work either?

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2024-11-30 11:28:52 -08:00
Adam Williamson
501cb25519 Revert "openshift: try and fix an error caused by yamllint cleanup" 
This reverts commit 054bc753ac.
It doesn't seem to help. No idea why prometheusRules is blowing
up now, then :(
 2024-11-30 11:08:05 -08:00
Adam Williamson
054bc753ac openshift: try and fix an error caused by yamllint cleanup 
It looks like these #jinja2 comments don't work with a space
between the # and the jinja2, or something. I'm getting errors
on this template when trying to run an openshift playbook ATM.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2024-11-30 10:58:05 -08:00
Ryan Lerch
89f6f1fc32 Fix majority of remaining yamllint warnings and errors 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2024-11-28 17:31:45 +10:00
Aurélien Bompard
33c98f7467 Allow appowners to create pods in MirrorManager 
Ref: https://discussion.fedoraproject.org/t/openshift-permissions-for-appowners/133816

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-10-16 12:22:27 +02:00
Kevin Fenzi
620dbb5753 openshift: drop egress policy 
We had this with SDN networking, but no more with newer networking.
We also don't use it anywhere, it was mostly for when fas2 was running
in openshift to isolate it and it's not there anymore.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-05-22 15:30:54 -07:00
Siteshwar Vashisht
021c8fe152 ocp_monitoring: remove repeat_interval field 
Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
 2023-11-23 18:23:58 +01:00
Michal Konecny
c5e61168bb [openshift/project] Fix the parameter order for oc apply 
The file needs to be specified after `-f` parameter otherwise it fails with
unexpected args error.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-23 16:39:48 +01:00
Kevin Fenzi
9e2b0cda9d openshift: validate when applying objects 
Right now if there's a yml thats indented incorrectly, but parts of it
are fine, oc apply will apply those parts that are valid and just ignore
the rest. So, lets add a --validate=strict to have it reject these
entirely, so we know they have something wrong in them and we can fix
it, rather than being confused that they didn't apply anything.

Signed-off-by: Kevin Fenzi kevin@scrye.com
 2023-11-08 14:11:02 -08:00
Kevin Fenzi
dfeac79e65 openshift: fix copypasta in crd 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-02-13 16:01:15 -08:00
Kevin Fenzi
f7ceb69349 openshift: more fixes to crds 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-02-13 15:59:01 -08:00
Kevin Fenzi
ba7a6248bb openshift: use correct crd for projects 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-02-13 15:53:28 -08:00
Kevin Fenzi
b1aeba28dc openshift-apps: adjust appowners for more picky oc client 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-02-13 11:08:07 -08:00
Francois Andrieu
f450173400 ocp_monitoring: enable alerting by default 2023-02-09 17:57:39 +00:00
Francois Andrieu
953f2e5c4a ocp_monitoring: fix cronjob alert rule 2023-02-05 22:52:10 +00:00
Francois Andrieu
1304f93460 ocp_monitoring: allows a separate list of alert recipients 2023-02-05 22:49:44 +00:00
Francois Andrieu
caa4f85ed2 ocp_monitoring: move rules to openshift/project role 2023-01-27 00:08:30 +00:00
Francois Andrieu
66726137ae websites: add alerts for pod/job/build errors 2023-01-25 22:41:39 +00:00
Kevin Fenzi
8d3c180496 openshift / project: do not recurse on permissions 
There's some files that get created later (like keytabs) that we don't
want to keep changing back and forth and causing things to not be
idempotent.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-21 14:16:56 -07:00
Mark O Brien
5d906f9b8c openshift: undo uneccesary changes 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 18:01:22 +00:00
Mark O Brien
2d9b23d066 openshift: change shell to command 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 17:20:57 +00:00
Mark O Brien
cebd4ce05f openshift: check return code instead of stderr 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:51:40 +00:00
Mark O Brien
baf4fb0812 openshift: remove temp debug command 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:49:34 +00:00
Mark O Brien
dc2c941c49 openshift: fix yaml indentation 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:42:26 +00:00
Mark O Brien
45fb1e6af1 openshift: add temp debug statement 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:41:11 +00:00
Francois Andrieu
911bb8ac4f openshift: allow appowner to start a rollout 2021-04-28 21:32:05 +00:00
Francois Andrieu
492fe4f671 openshift: update egressPolicy for iad2 2021-04-03 18:44:31 +00:00
Adam Saleh
7bbb860d52 Add more privileges to appowners on staging. 2021-03-15 16:13:37 +01:00
Michael Scherer
dfdd9ab4d4 Fix typo in the name 
Mainly to increase my edit count
 2020-04-24 21:34:25 +02:00
Luca BRUNO
9c64952e3b openshift/rbac: allow project owners to cancel-builds 
This tweaks project-owners RBAC to allow updating a build, in order
to make `cancel-build` work.

Ref: https://pagure.io/fedora-infrastructure/issue/8005
Signed-off-by: Luca BRUNO <luca.bruno@coreos.com>
 2020-04-24 21:34:11 +02:00
Patrick Uiterwijk
43af7f9206 Fix up egresspolicy source vs dest 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-06-20 09:44:10 +02:00
Patrick Uiterwijk
6bf7c579c2 make egresspolicy customization less simple 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-06-03 15:47:23 +02:00
Patrick Uiterwijk
c07c9415a0 Allow custom egress policies for special cases 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-06-03 15:43:39 +02:00
Patrick Uiterwijk
66cda5eb15 Make it possible to disallow any internal communications 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-05-29 20:33:11 +02:00
Patrick Uiterwijk
bbaa0f409b openshift/project: fix if condition 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-05-09 13:54:16 +02:00
Patrick Uiterwijk
446d00d549 Add tag to egresspolicy role 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-05-09 13:42:49 +02:00
Patrick Uiterwijk
72ac044a5e openshift/project: simplify egresspolicy - different env db won't allow access anyway 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-05-09 13:41:55 +02:00
Patrick Uiterwijk
8de1035266 Make the var into a default 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-05-09 13:35:39 +02:00
Patrick Uiterwijk
eac122c543 openshift/project: define default egress policy to prevent fas db access 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-05-09 13:32:55 +02:00