WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 05:51:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
7aa7553b84af5dc8efa78e9d8a4e50dde369052d
fedora-infra_ansible/inventory/group_vars/openqa_lab
Adam Williamson 5da2faac67 openqa/server: allow OAuth2 authentication, enable on lab 
OpenID support in FAS is going away. openQA has OAuth2 support.
I've tested this config to work with manual edits on lab, now
ansiblizing it (for lab only to start with).

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2025-03-28 13:40:57 -07:00

54 lines
2.2 KiB
Plaintext
Raw Blame History

# This setup is a bit out of the ordinary for a staging system. As the openqa
# scheduler needs up-to-date information from the wiki and koji, it doesn't
# work well as a proper staging host.
#
# We decided to keep it a pseudo-staging host that will get new versions of
# openqa first and will be a staging host for most intensive purposes but from
# a firewall rule POV, it will be a staging-friendly production host
#
# it should still be using the stg proxies and the external hostname will still
# be stg.fedoraproject.org
# this is to enable nested virt, which we need for disk image creation
virt_install_command: "{{ virt_install_command_one_nic }} --cpu=host-passthrough,+vmx"
deployment_type: stg
external_hostname: openqa.stg.fedoraproject.org
freezes: false
# AMQP publisher/listener-related stuff
openqa_amqp_this_cacertfile: "{{ openqa_amqp_stg_cacertfile }}"
openqa_amqp_this_certfile: "{{ openqa_amqp_stg_certfile }}"
openqa_amqp_this_keyfile: "{{ openqa_amqp_stg_keyfile }}"
openqa_amqp_this_url: "{{ openqa_amqp_stg_url }}"
openqa_amqp_this_username: "{{ openqa_amqp_stg_username }}"
openqa_amqp_scheduler_queue: "{{ openqa_amqp_prod_username }}_scheduler_stg"
# auth stuff
openqa_auth_method: OAuth2
openqa_oauth2_secret: "{{ openqa_stg_oidc_secret }}"
openqa_assetsize_updates_aarch64: 50
openqa_assetsize_ppc: 300
openqa_assetsize_updates_ppc: 100
openqa_compose_arches: x86_64,aarch64,ppc64le
openqa_dbname: openqa-stg
openqa_dbpassword: "{{ stg_openqa_dbpassword }}"
openqa_dbuser: openqastg
openqa_env: staging
openqa_env_suffix: .stg
openqa_key: "{{ stg_openqa_apikey }}"
# all our workers need NFS access
openqa_nfs_workers: "{{ groups['openqa_lab_workers'] }}"
# install openQA from updates-testing - this is staging, we live
# ON THE EDGE (radical guitar riff)
openqa_repo: updates-testing
openqa_resultsdb_url: https://resultsdb.stg.fedoraproject.org/api/v2.0/
openqa_resultsdb_user: "{{ stg_resultsdb_httpd_user }}"
openqa_resultsdb_password: "{{ stg_resultsdb_httpd_password }}"
openqa_secret: "{{ stg_openqa_apisecret }}"
openqa_update_arches: ['aarch64', 'x86_64', 'ppc64le']
openqa_webapi_plugins: FedoraMessaging
openqa_wikitcms_hostname: stg.fedoraproject.org
wikitcms_token: "{{ private }}/files/openidc/staging/wikitcms.json"
Reference in New Issue View Git Blame Copy Permalink