communishift: rename task being called in cleanup notification playbook

Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>

playbooks/manual/communishift_send_email_notifications.yml

@@ -9,17 +9,10 @@
     - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 
   tasks:
-    - name: Configure the communishift virtualenv
-      ansible.builtin.pip:
-        name: "{{ communishift_package }}"
-      with_items: "{{ communishift_package_list }}"
-      loop_control:
-        loop_var: communishift_package
-
     - name: Communishift Retrieve FASJSON data
       include_role:
         name: communishift
-        tasks_from: retrieve-communishift-admin-data
+        tasks_from: cleanup-administration-retrieve-data
 
     - name: Communishift Cluster Cleanup Tasks
       with_items: "{{ communishift_projects }}"
@@ -31,7 +24,3 @@
             - cleanup-administration-tasks
       loop: "{{ lookup('dict', communishift_projects) }}"
 
-  vars:
-    communishift_package_list:
-      - kubernetes
-      - boto3

roles/communishift/tasks/cleanup-administration-retrieve-data.yml

@@ -12,7 +12,7 @@
   register: communishift_project_emails_fasjson_response
   run_once: true
 
-- name: Check if this project should be deleted
+- name: Create fact communishift_project_emails
   ansible.builtin.set_fact:
     communishift_project_emails: "{{ communishift_project_emails_fasjson_response['matched_groups'] | from_json }}"
 

roles/communishift/tasks/cleanup-administration-send-notifications.yml

@@ -1,8 +1,4 @@
 ---
-- name: Debug
-  debug:
-    msg: "{{ item }}"
-
 - name: Check if this project should be deleted
   ansible.builtin.set_fact:
     should_not_delete: "{{ item.value.do_not_delete | default(false) }}"
@@ -11,11 +7,14 @@
   community.general.mail:
     host: localhost
     port: 25
-    subject: "Fedora Communishift Notification: {{ item.value.name }}"
+    subject: "Fedora Communishift Notification for project: {{ item.value.name }}"
     body: >
-      Dear Administrator,
+      Dear Fedora Communishift Project Administrators (BCC'd),
 
-      This is a reminder that the Communishift project {{ item.value.name }} will be deleted during the Fedora post
+      DEBUG_TEST
+      {{ communishift_project_emails[item.value.name]['email_list'] }}
+
+      This is a reminder that the Communishift project {{ item.value.name }} will be disasbled and then later deleted during the Fedora post
       release process at the same time the oldest fedora is retired (1 month after a new fedora release).
 
       Please ensure you have a backup of any important configuration or data from your project. Consult Openshift docs.
@@ -25,8 +24,10 @@
       Make sure to reference the project name and please provide a reason for the extention, also please include how long you wish the extention to be
       in place for.
     from: admin@fedoraproject.org
-    to: "{{ communishift_project_emails[item.value.name]['email_list'] }}"
-    cc: admin@fedoraproject.org
+    #to: "infrastructure@lists.fedoraproject.org"
+    to: "davidkirwanirl@gmail.com"
+    #bcc: "{{ communishift_project_emails[item.value.name]['email_list'] }}"
+    #cc: admin@fedoraproject.org
     headers:
       - Reply-To=admin@fedoraproject.org
     charset: us-ascii

roles/communishift/tasks/cleanup-administration-shutdown-services.yml

@@ -0,0 +1,9 @@
+---
+- name: Check if this project should be deleted
+  ansible.builtin.set_fact:
+    should_not_delete: "{{ item.value.do_not_delete | default(false) }}"
+
+- name: Debug
+  debug:
+    msg: "Project {{ item }} marked for deletion"
+  when: "not should_not_delete"

roles/communishift/tasks/cleanup-administration-tasks.yml

@@ -1,3 +0,0 @@
----
-# - include_tasks: retrieve-communishift-admin-data.yml
-- include_tasks: send-tenant-deletion-notifications.yml

roles/communishift/tasks/cleanup-administration.yml

@@ -0,0 +1,3 @@
+---
+- include_tasks: cleanup-administration-send-notifications.yml
+# - include_tasks: cleanup-administration-shutdown-services.yml

roles/communishift/tasks/start-tenant-project-cleanup.yml

@@ -1,7 +0,0 @@
----
-- name: "Offboard the Communishift tenant project"
-  debug:
-    msg: "delete task for project: {{ item.value.name }}"
-  when: "not should_not_delete"
-  tags:
-    - communishift_cluster_cleanup

roles/copr/backend/files/systemd/system/lighttpd.service.d/nnp.conf

@@ -0,0 +1,4 @@
+# https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#NoNewPrivileges=
+# https://docs.kernel.org/userspace-api/no_new_privs.html
+[Service]
+NoNewPrivileges=no

roles/copr/backend/handlers/main.yml

@@ -14,3 +14,6 @@
 
 - name: Restart node_exporter
   action: service name=node_exporter state=restarted
+
+- name: Restart postgresql
+  service: name=postgresql state=restarted

roles/copr/backend/tasks/main.yml

@@ -416,3 +416,15 @@
   notify: Restart node_exporter
   tags:
     - prometheus_node_exporter
+
+- name: Install custom systemd service files
+  ansible.builtin.copy: src=systemd dest=/etc
+  notify:
+    - Systemctl daemon-reload
+    - Restart lighttpd
+
+- name: Make sure ResallocWebUI can connect to the database
+  ansible.builtin.lineinfile:
+    path: /var/lib/pgsql/data/pg_hba.conf
+    line: local all resalloc peer
+  notify: Restart postgresql

roles/copr/hypervisor/tasks/main.yml

@@ -13,6 +13,7 @@
   tags:
     - config
     - openstack
+  when: ansible_distribution == 'RedHat' and ansible_distribution_major_version|int == 8
 
 # - name: Enable swap in fstab
 #   mount: name=none src=LABEL=swap
@@ -39,7 +40,6 @@
   - libvirt-daemon
   - podman
   - virt-install
-  - python3-glanceclient
   tags:
     - openstack
     - packages

roles/openshift-apps/noggin/templates/gunicorn.conf.py

@@ -1,4 +1,4 @@
 bind = ["0.0.0.0:8080"]
 accesslog = "-"
 errorlog = "-"
-timeout = 60
+timeout = 120