fedora-infra_ansible

mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 14:02:12 +08:00

Author	SHA1	Message	Date
Adam Saleh	7bbb860d52	Add more privileges to appowners on staging.	2021-03-15 16:13:37 +01:00
Aurélien Bompard	593d7fe7f0	Add support for installing OS app that don't match with the ansible app And use it for the CentOS instance of Noggin. Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-11-30 14:06:11 +01:00
Aurélien Bompard	b16660ab24	Setup Elections for FASJSON access Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-09-16 10:37:04 +02:00
Aurélien Bompard	f02d19dcb9	IPA client for openshift: deploy a krb5.conf file Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-09-11 12:17:00 +02:00
Aurélien Bompard	45a8658c04	Noggin: small fixups Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-08-20 15:11:56 +02:00
Aurélien Bompard	cdaaf4326f	Fix indentation Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-08-20 11:09:43 +02:00
Aurélien Bompard	b7e08d6d48	Mutualize the ipa client config in openshift Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-08-20 11:07:59 +02:00
Clement Verna	e1538d32e4	openshift object-delete: add .yml to the object file to be deleted Signed-off-by: Clement Verna <cverna@tutanota.com>	2020-04-24 21:34:26 +02:00
Michael Scherer	dfdd9ab4d4	Fix typo in the name Mainly to increase my edit count	2020-04-24 21:34:25 +02:00
Luca BRUNO	9c64952e3b	openshift/rbac: allow project owners to cancel-builds This tweaks project-owners RBAC to allow updating a build, in order to make `cancel-build` work. Ref: https://pagure.io/fedora-infrastructure/issue/8005 Signed-off-by: Luca BRUNO <luca.bruno@coreos.com>	2020-04-24 21:34:11 +02:00
Dusty Mabe	e4cfcb55e8	openshift: match on objecttype for project delete This was a typo in 0acb753.	2020-04-24 21:34:08 +02:00
Kevin Fenzi	13dd31da04	openshift: handle deleting projects Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-04-24 21:34:08 +02:00
Patrick Uiterwijk	cb987b9af0	Require true value Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-06-29 21:57:19 +02:00
Patrick Uiterwijk	ce79bda4d9	Allow re-encrypt Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-06-29 21:56:33 +02:00
Patrick Uiterwijk	43af7f9206	Fix up egresspolicy source vs dest Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-06-20 09:44:10 +02:00
Patrick Uiterwijk	6bf7c579c2	make egresspolicy customization less simple Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-06-03 15:47:23 +02:00
Patrick Uiterwijk	c07c9415a0	Allow custom egress policies for special cases Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-06-03 15:43:39 +02:00
Patrick Uiterwijk	66cda5eb15	Make it possible to disallow any internal communications Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-29 20:33:11 +02:00
Patrick Uiterwijk	c8b31c025b	allow openshift routes to specify termination Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-11 18:05:05 +02:00
Patrick Uiterwijk	21b3c9a2b3	Add secret-tls Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-11 17:42:21 +02:00
Patrick Uiterwijk	003519afdd	Allow specifying a route path Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 21:20:18 +02:00
Patrick Uiterwijk	2e099edfa4	ipsilon: add username route Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 14:19:32 +02:00
Patrick Uiterwijk	bbaa0f409b	openshift/project: fix if condition Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:54:16 +02:00
Patrick Uiterwijk	446d00d549	Add tag to egresspolicy role Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:42:49 +02:00
Patrick Uiterwijk	72ac044a5e	openshift/project: simplify egresspolicy - different env db won't allow access anyway Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:41:55 +02:00
Patrick Uiterwijk	8de1035266	Make the var into a default Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:35:39 +02:00
Patrick Uiterwijk	eac122c543	openshift/project: define default egress policy to prevent fas db access Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:32:55 +02:00
Patrick Uiterwijk	e4aed9c9f2	Delete object file from disk Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-04-05 21:07:38 +02:00
Patrick Uiterwijk	dc591da083	Add openshift/object-delete role Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-04-05 21:05:46 +02:00
Mikolaj Izdebski	1e46efdc75	Install npm and celery on Transtats and restore route annotations Credits go to suanand for providing the patch.	2019-02-21 15:40:38 +01:00
Patrick Uiterwijk	878988d92d	Revert "Disable auto-update for appowners role" This reverts commit `10c88b0933`.	2018-12-08 20:02:53 +01:00
Patrick Uiterwijk	10c88b0933	Disable auto-update for appowners role Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-12-04 07:55:27 +01:00
Kevin Fenzi	6c24a3e84b	add rollbacks to app owners in openshift	2018-11-15 22:13:13 +00:00
Patrick Uiterwijk	864f2e1372	Fix up the appowners binding to use the namespace-local one Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-09-13 10:39:56 +02:00
Mikolaj Izdebski	bbdceb24c6	Allow appowners to run builds (create buildconfigs/instantiate)	2018-08-23 20:27:59 +00:00
Mikolaj Izdebski	c0b53f5bd8	Reorganize os appowners role yaml	2018-08-23 20:25:29 +00:00
Kevin Fenzi	53b40839ff	update apiGroups	2018-08-23 19:54:54 +00:00
Patrick Uiterwijk	8f7596d509	Deploymentconfigs/logs has been moved to the openshift.io group Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-07-04 14:04:17 +02:00
Dan Callaghan	436ed9eabf	waiverdb: trigger import-image instead of start-build Nowadays we have an imagestream, which pulls pre-built waiverdb images from quay.io, and a buildconfig, which then layers some Fedora-infra-specific stuff on top. When we have a new version to deploy, the imagestream should pick up the new image from quay.io, which triggers a build of the buildconfig, which triggers a deploy of the deploymentconfig. So we shouldn't need to explicitly fire off start-build anymore. We shouldn't need to explicitly fire off import-image either, because it is set to "scheduled" pull policy. But I am not sure what the schedule is. Right now it says it last polled 5 days ago... that may itself be a bug. Regardless, this gives us a nice way to make it pull the latest image. This patch adds a new, very simple role "import-image" to fire off the oc import-image command, following the precedent of the existing "start-build" role.	2018-06-28 14:41:17 +10:00
Patrick Uiterwijk	328a30b31f	The notfound is on stderr Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-05-31 03:42:41 +02:00
Patrick Uiterwijk	5b626b20a0	Fix openshift/secret-file role Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-05-31 03:40:33 +02:00
Patrick Uiterwijk	9ea8cd8b2b	Attempt delete/add on change Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-05-15 21:37:27 +02:00
Patrick Uiterwijk	7deedf5d7e	Actually fail the secret-file role if another one already existed for now This role needs to be fixed to actually apply changes, so whomever sees this gets the fun of fixing this. Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-05-15 21:34:07 +02:00
Patrick Uiterwijk	51769d8533	Change when Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-05-03 13:59:10 +02:00
Patrick Uiterwijk	09a12cf4b5	When we try to apply project.yml, the namespace does not yet exist Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-05-03 13:58:06 +02:00
Ralph Bean	a0314660d8	Typofix.	2018-04-20 16:17:03 +00:00
Patrick Uiterwijk	312c9f8cf6	Only do secret apply if changed Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-04-19 17:37:08 +02:00
Patrick Uiterwijk	633c64b7d2	Only oc apply if the file changed Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-04-19 17:35:26 +02:00
Patrick Uiterwijk	1a0920ceee	Just don't add whitespace. You don't remove waht you don't add Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-04-19 13:48:40 +00:00
Patrick Uiterwijk	671f033999	Again, this is an imagestream, not a route Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-04-19 13:48:02 +00:00

1 2 3

107 Commits