Attached is a revised patch.
Thanks!
On Tue, May 16, 2017 at 11:10 PM, InvalidPath <invalid.path(a)gmail.com>
wrote:
Hey Randy, Ok takinig a look at this I wanted to toss you some
questions
on your comments below.
Thanks.
On Tue, May 16, 2017 at 8:45 AM, Randy Barlow <
bowlofeggs(a)fedoraproject.org> wrote:
> I've inserted comments inline:
>
> On Tue, 2017-05-02 at 09:33 -0600, InvalidPath wrote:
> > From 557ed944045f3d3241f485f4cf7713d2362a4129 Mon Sep 17 00:00:00
> > 2001
> > From: Ben Hart <invalid.path(a)gmail.com>
> > Date: Tue, 2 May 2017 09:27:20 -0600
> > Subject: [PATCH] Combined staging and production template files
> >
> > ---
> > roles/bodhi2/base/templates/bodhi-stg_prd-ini.j2 | 592
> Done.
>
> I recommend naming the new file production.ini, since that's the name
> it gets installed as on staging and production. It will also help me
> review this patch much more easily, because I'll see the differences
> between current production.ini and the new production.ini more clearly.
>
> I'll make a few more comments below, but I'll do a more thorough review
> once the diff is based off production.ini since that will be much
> easier for my soft, human brain.
>
> > +++++++++++++++++++++++
> > 1 file changed, 592 insertions(+)
> > create mode 100644 roles/bodhi2/base/templates/bodhi-stg_prd-ini.j2
> >
> > diff --git a/roles/bodhi2/base/templates/bodhi-stg_prd-ini.j2
> > b/roles/bodhi2/base/templates/bodhi-stg_prd-ini.j2
> > new file mode 100644
> > index 0000000..27f59a4
> > --- /dev/null
> > +++ b/roles/bodhi2/base/templates/bodhi-stg_prd-ini.j2
> > @@ -0,0 +1,592 @@
> > +[filter:proxy-prefix]
> > +use = egg:PasteDeploy#prefix
> > +prefix = /
> > +scheme = https
> > +
> > +[app:main]
> > +use = egg:bodhi-server
> > +filter-with = proxy-prefix
> > +
> > +
> Done
> We don't need this comment since this is a more typical style.
>
> > +
> > +#Misc Info at beginning of files
> > +{% if env == 'production' %}
> Done, typos
> I'm not sure this is valid Jinja syntax. I think you want == instead of
> --.
>
> Also, we probably do want this section to be the same between staging
> and production.
> Done I wasnt sure about this section since production had it but
> staging didnt. But likely a good idea for both envs to meet the same
> requirements yes?
>
> > + #PRD Info:
> > + # Release status
> > + # pre-beta enforces the 'Pre Beta' policy defined here:
> > + #
https://fedoraproject.org/wiki/Updates_Policy
> > + f26.status = pre_beta
> > +
> > + f26.post_beta.mandatory_days_in_testing = 7
> > + f26.post_beta.critpath.num_admin_approvals = 0
> > + f26.post_beta.critpath.min_karma = 2
> > + f26.post_beta.critpath.stable_after_days_without_neg
> > ative_karma = 14
> > +
> > + f26.pre_beta.mandatory_days_in_testing = 3
> > + f26.pre_beta.critpath.num_admin_approvals = 0
> > + f26.pre_beta.critpath.min_karma = 1
> > + ## Atomic OSTree support
> > + ## This will compose Atomic OSTrees during the push p
> > rocess using the fedmsg-atomic-composer
> > + ##
https://github.com/fedora-infra/ class="Apple-tab-span"
> > style="white-space:pre"> fedmsg-atomic-composer
> > + ##
> > + compose_atomic_trees = true
> > +{% endif %}
> > +
> > +##
> > +## Messages
> > +##
> > +
> > +# A notice to flash on the front page
> > +frontpage_notice =
> > +
> > +# A notice to flash on the New Update page
> > +newupdate_notice =
> > +
> > +testing_approval_msg = This update has reached %d days in testing
> > and can be pushed to stable now if the maintainer wishes
> > +not_yet_tested_msg = This update has not yet met the minimum testing
> > requirements defined in the <a
href="https://fedoraproject.org/wiki/P
> > ackage_update_acceptance_criteria">Package Update Acceptance
> > Criteria</a>
> > +not_yet_tested_epel_msg = This update has not yet met the minimum
> > testing requirements defined in the <a href="https://fedoraproject.or
> > g/wiki/EPEL_Updates_Policy">EPEL Updates Policy</a>
> > +stablekarma_comment = This update has reached the stable karma
> > threshold and will be pushed to the stable updates repository
> > +
> > + testing_approval_msg_based_on_karma = This update has
> > reached the stable karma threshold and can be pushed to stable now if
> > the maintainer wishes.
> > + not_yet_tested_msg_based_on_karma = This update has not reached
> the stable karma threshold.
>
> We probably do want this section to be the same on staging and
> production.
> Done
>
> > +
> > +# Libravatar - If this is true libravatar will work as normal.
> > Otherwise, all
> > +# libravatar links will be replaced with the string "libravatar.org"
> > so that
> > +# the tests can still pass.
> > +libravatar_enabled = True
> > +# Set this to true if you want to do federated dns libravatar lookup
> > +libravatar_dns = False
> > +
> > +# Set this to True in order to send fedmsg messages.
> > +fedmsg_enabled = True
> > +
> > +# Captcha - if 'captcha.secret' is not None, then it will be used
> > for comments
> > +# captcha.secret must be 32 url-safe base64-encoded bytes
> > +# you can generate afresh with >>>
> > cryptography.fernet.Fernet.generate_key()
> > +
> > +{% if env == "staging" %}
> > +captcha.secret = {{ bodhi2CaptchaSecretSTG }}
> > +{% else %}
> > +captcha.secret = {{ bodhi2CaptchaSecret }}
> > +{% endif %}
> > +# Dimensions
> > +captcha.image_width = 300
> > +captcha.image_height = 80
> > +# Any truetype font will do.
> > +captcha.font_path = /usr/share/fonts/liberation/LiberationMono-
> > Regular.ttf
> > +captcha.font_size = 36
> > +# Colors
> > +captcha.font_color = #000000
> > +captcha.background_color = #ffffff
> > +# In pixels
> > +captcha.padding = 5
> > +# If a captcha sits around for this many seconds, it will stop
> > working.
> > +captcha.ttl = 300
> > +
> > +#datagrepper_url =
http://localhost:5000
> > +{% if env == "staging" %}
> > +datagrepper_url =
https://apps.stg.fedoraproject.org/datagrepper
>
> I think this will define datagrepper_url twice on staging. We probably
> want an if statement above this line too.
> Both original files contained the same preamble in this section up until
> the captcha secret, but are you saying the same captcha for stg and prd?
>
> > +badge_ids = binary-star|both-bull-and-self
> -transcended-tester-viii|catching-the-bull-tester-iv|corpora
> te-drone|corporate-overlord|corporate-shill|discovery-of-
> the-footprints-tester-ii|in-search-of-the-bull-tester-i|
> is-this-thing-on-updates-testing-i|is-this-thing-on-
> updates-testing-ii|is-this-thing-on-updates-testing-iii|
> is-this-thing-on-updates-testing-iv|it-still-works!|
> like-a-rock-updates-stable-i|like-a-rock-updates-stable-ii|
> like-a-rock-updates-stable-iii|like-a-rock-updates-
> stable-iv|mic-check!-updates-testing-v|missed-the-train|
> override,-you-say|perceiving-the-bull-tester-iii|reaching-
> the-source-tester-ix|return-to-society-tester-x|riding-
> the-bull-home-tester-vi|stop-that-update!|take-this-and-
> call-me-in-the-morning|taming-the-bull-tester-v|tectonic!-
> updates-stable-v|the-bull-transcended-tester-vii|what-
> goes-around-comes-around-karma-i|what-goes-around-
> comes-around-karma-ii|what-goes-around-comes-around-
> karma-iii|what-goes-around-comes-around-karma-iv|white-
> hat|you-can-pry-it-from-my-cold,-dead-hands
> > +{% else %}
> > +datagrepper_url =
https://apps.fedoraproject.org/datagrepper
> > +badge_ids = binary-star|both-bull-and-self-transcended-tester-
> > viii|catching-the-bull-tester-iv|corporate-drone|corporate-
> > overlord|corporate-shill|discovery-of-the-footprints-tester-ii|in-
> > search-of-the-bull-tester-i|is-this-thing-on-updates-testing-i|is-
> > this-thing-on-updates-testing-ii|is-this-thing-on-updates-testing-
> > iii|is-this-thing-on-updates-testing-iv|it-still-works!|like-a-rock-
> > updates-stable-i|like-a-rock-updates-stable-ii|like-a-rock-updates-
> > stable-iii|like-a-rock-updates-stable-iv|mic-check!-updates-testing-
> > v|missed-the-train|override,-you-say|perceiving-the-bull-tester-
> > iii|reaching-the-source-tester-ix|return-to-society-tester-x|riding-
> > the-bull-home-tester-vi|stop-that-update!|take-this-and-call-me-in-
> > the-morning|taming-the-bull-tester-v|tectonic!-updates-stable-v|the-
> > bull-transcended-tester-vii|what-goes-around-comes-around-karma-
> > i|what-goes-around-comes-around-karma-ii|what-goes-around-comes-
> > around-karma-iii|what-goes-around-comes-around-karma-iv|white-
> > hat|you-can-pry-it-from-my-cold,-dead-hands
> > +{% endif %}
> > +
> > +##
> > +## Wiki Test Cases
> > +##
> > +
> > +## Query the wiki for test cases
> > +query_wiki_test_cases = False
> > +wiki_url =
https://fedoraproject.org/w/api.php
> > +test_case_base_url =
https://fedoraproject.org/wiki/
> > +
> > +# Email domain to prepend usernames to
> > +default_email_domain =
fedoraproject.org
> > +
> > +# domain for generated message IDs
> > +{% if env == "staging" %}
> > +message_id_email_domain =
admin.stg.fedoraproject.org
> > +{% else %}
> > +message_id_email_domain =
admin.fedoraproject.org
> > +{% endif %}
> > +
> > +##
> > +## Mash settings
> > +##
> > +
> > +# If defined, the bodhi masher will ensure that messages are signed
> > with the given cert
> > +{% if env == "staging" %}
> > +releng_fedmsg_certname = shell-bodhi-
> >
backend01.stg.phx2.fedoraproject.org
> > +{% else %}
> > +{% if ansible_hostname == 'bodhi-backend01' %}
> > +releng_fedmsg_certname = shell-bodhi-
> >
backend01.phx2.fedoraproject.org
> > +{% else %}
> > +releng_fedmsg_certname = shell-bodhi-
> >
backend03.phx2.fedoraproject.org
> > +{% endif %}
> > +{% endif %}
> > +
> > +# The masher is a bodhi instance that is responsible for composing
> > the update
> > +# repositories, regenerating metrics, sending update notices,
> > closing bugs,
> > +# and other costly operations. To set an external masher, set the
> > masher to
> > +# the baseurl of the bodhi instance. If set to None, this bodhi
> > instance
> > +# will act as a masher as well.
> > +#masher = None
> > +
> > +# Where to initially mash repositories
> > +{% if env == "staging" %}
> > +mash_dir = /var/cache/bodhi/mashing
> > +{% else %}
> > +mash_stage_dir = /mnt/koji/mash/updates
> > +{% endif %}
> > +
> > +mash_conf = /etc/bodhi/mash.conf
> > +
> > +createrepo_cache_dir = /var/cache/createrepo
> > +
> > +## Our periodic jobs
> > +#jobs = clean_repo nagmail fix_bug_titles cache_release_data
> > approve_testing_updates
> > +jobs = cache_release_data refresh_metrics approve_testing_updates
> > +
> > +## Comps configuration
> > +comps_dir = /var/cache/bodhi/comps
> > +comps_url =
https://pagure.io/fedora-comps.git
> > +
> > +##
> > +## Mirror settings
> > +##
> > +
> > +file_url =
https://download.fedoraproject.org/pub/fedora/linux/updat
> > es
> > +master_repomd =
http://download01.phx2.fedoraproject.org/pub/fedora/
> > linux/updates/%s/%s/repodata/repomd.xml
> > +fedora_master_repomd =
http://download01.phx2.fedoraproject.org/pub/
> > fedora/linux/updates/%s/%s/repodata/repomd.xml
> > +fedora_epel_master_repomd =
http://download01.phx2.fedoraproject.org
> > /pub/epel/%s/%s/repodata/repomd.xml
> > +
> > +fedora_stable_master_repomd =
http://download01.phx2.fedoraproject.o
> > rg/pub/fedora/linux/updates/%s/%s/repodata/repomd.xml
> > +fedora_testing_master_repomd =
http://download01.phx2.fedoraproject.
> > org/pub/fedora/linux/updates/testing/%s/%s/repodata/repomd.xml
> > +fedora_epel_stable_master_repomd =
http://download01.phx2.fedoraproj
> >
ect.org/pub/epel/%s/%s/repodata/repomd.xml
> > +fedora_epel_testing_master_repomd =
http://download01.phx2.fedorapro
> >
ject.org/pub/epel/testing/%s/%s/repodata/repomd.xml
> > +
> > +## The base url of this application
> > +{% if env == "staging" %}
> > +base_address =
https://bodhi.stg.fedoraproject.org/
> > +{% else %}
> > +base_address =
https://bodhi.fedoraproject.org/
> > +{% endif %}
> > +
> > +## Supported update types
> > +update_types = bugfix enhancement security newpackage
> > +
> > +## Supported architechures
> > +##
> > +## To handle arch name changes between releases, you
> > +## can also configure bodhi to support one arch *or*
> > +## another. For example, EPEL5 mashes produce 'ppc'
> > +## repos, where EPEL6 produces 'ppc64'. To handle this
> > +## scenario, you can specify something like:
> > +##
> > +## arches = ppc/ppc64
> > +##
> > +arches = i386 x86_64 armhfp
>
>
> The order of the list isn't significant here, so I think we can
> eliminate the if statement and make them the same.
> Done
>
> > +
> > +##
> > +## Email setting
> > +##
> > +
> > +{ if env == "production" }
> > +smtp_server = bastion
> > +
> > +# The updates system itself. This email address is used in fetching
> > Bugzilla
> > +# information, as well as email notifications
> > +bodhi_email = updates(a)fedoraproject.org
> > +bodhi_password = {{ bodhiBugzillaPassword }}
> > +{% else %}
> > +bodhi_email = updates(a)fedoraproject.org
> > +{% endif %}
> > +
> > +# The address that gets the requests
> > +release_team_address = bodhiadmin-members(a)fedoraproject.org
> > +
> > +# The address to notify when security updates are initially added to
> > bodhi
> > +security_team = security_respons-members(a)fedoraproject.org
> > +
> > +# Public announcement lists
> > +fedora_announce_list = package-announce(a)lists.fedoraproject.org
> > +fedora_test_announce_list = test(a)lists.fedoraproject.org
> > +fedora_epel_announce_list = epel-package-announce(a)lists.fedoraprojec
> > t.org
> > +fedora_epel_test_announce_list = epel-devel(a)lists.fedoraproject.org
> > +
> > +# Superuser groups
> > +admin_groups = proventesters security_respons bodhiadmin sysadmin-
> > main
> > +
> > +# Users that we don't want to show up in the "leaderboard(s)"
> > +stats_blacklist = bodhi anonymous autoqa taskotron
> > +
> > +# A list of non-person users
> > +system_users = bodhi autoqa taskotron
> > +
> > +# The max length for an update title before we truncate it in the
> > web ui
> > +max_update_length_for_ui = 70
> > +
> > +# The number of days used for calculating the 'top testers' metric
> > +top_testers_timeframe = 900
> > +
> > +# The email address of the proventesters
> > +proventesters_email = proventesters-members(a)fedoraproject.org
> > +
> > +# Disabled for the initial release.
> > +stacks_enabled = False
> > +
> > +# These are the default requirements that we apply to stacks,
> > packages, and
> > +# updates. Users have free-reign to override them for each kind of
> > entity. At
> > +# the end of the day, we only consider the requirements defined by
> > single
> > +# updates themselves when gating in the backend masher process.
> > +site_requirements = depcheck upgradepath
> > +## Some day we'll have rpmgrill, and that will be cool. Ask tflink.
> > +#site_requirements = depcheck upgradepath rpmgrill
> > +
> > +# Where do we send update announcements to ?
> > +# These variables should be named per:
> > Release.prefix_id.lower()_announce_list
> > +#fedora_announce_list =
> > +#fedora_test_announce_list =
> > +#fedora_epel_announce_list =
> > +#fedora_epel_test_announce_list =
> > +
> > +# Cache settings
> > +dogpile.cache.backend = dogpile.cache.dbm
> > +dogpile.cache.expiration_time = 100
> > +dogpile.cache.arguments.filename = /var/cache/bodhi/dogpile-
> > cache.dbm
> > +
> > +# Exclude sending emails to these users
> > +exclude_mail = autoqa taskotron
> > +
> > +##
> > +## Buildsystem settings
> > +##
> > +
> > +# What buildsystem do we want to use? For development, we'll use a
> > fake
> > +# buildsystem that always does what we tell it to do. For
> > production, we'll
> > +# want to use 'koji'.
> > +buildsystem = koji
> > +
> > +# Koji's XML-RPC hub
> > +{ if env == "staging" %}
> > +koji_hub =
https://koji.stg.fedoraproject.org/kojihub
> > +
> > +# Root url of the Koji instance to point to. No trailing slash
> > +koji_url =
http://koji.stg.fedoraproject.org
> > +
> > +# URL of where users should go to set up their notifications
> > +fmn_url =
https://apps.stg.fedoraproject.org/notifications/
> > +
> > +# URL of the resultsdb for integrating checks and stuff
> > +resultsdb_url =
https://taskotron.stg.fedoraproject.org/resultsdb/
> > +resultsdb_api_url =
https://taskotron.stg.fedoraproject.org/resultsd
> > b_api/
> > +
> > +fedmenu.url =
https://apps.stg.fedoraproject.org/fedmenu
> > +fedmenu.data_url =
https://apps.stg.fedoraproject.org/js/data.js
> > +{% else %}
> > +# Koji's XML-RPC hub
> > +koji_hub =
https://koji.fedoraproject.org/kojihub
> > +
> > +# Root url of the Koji instance to point to. No trailing slash
> > +koji_url =
https://koji.fedoraproject.org
> > +
> > +# URL of where users should go to set up their notifications
> > +fmn_url =
https://apps.fedoraproject.org/notifications/
> > +
> > +# URL of the resultsdb for integrating checks and stuff
> > +resultsdb_url =
https://taskotron.fedoraproject.org/resultsdb/
> > +resultsdb_api_url =
https://taskotron.fedoraproject.org/resultsdb_ap
> > i/
> > +
> > +fedmenu.url =
https://apps.fedoraproject.org/fedmenu
> > +fedmenu.data_url =
https://apps.fedoraproject.org/js/data.js
> > +{% endif %}
> > +
> > +# Koji Krb stuff
> > +krb_ccache = /tmp/krb5cc_%{uid}
> > +krb_principal = bodhi/bodhi{{ env_suffix }}.fedoraproject.org@{{
> > ipa_realm }}
> > +krb_keytab = /etc/krb5.bodhi_bodhi{{ env_suffix
> > }}.fedoraproject.org.keytab
> > +
> > +##
> > +## ACL system
> > +## Choices are 'pkgdb', which will send a JSON query to the
> > pkgdb_url below,
> > +## or 'dummy', which will always return guest credentials (used for
> > local
> > +## development).
> > +##
> > +
> > +{ if env == "staging" %}
> > +acl_system = dummy
> > +
> > +##
> > +## Package DB
> > +##
> > +pkgdb_url =
https://admin.stg.fedoraproject.org/pkgdb
> > +
> > +initial_bug_msg = %s has been submitted as an update to %s. %s
> > +stable_bug_msg = %s has been pushed to the %s repository. If
> > problems still persist, please make note of it in this bug report.
> > +testing_bug_msg =
> > + If you want to test the update, you can install it with
> > + $ su -c 'dnf --enablerepo=updates-testing update %s'
> > + You can provide feedback for this update here: %s
> > +testing_bug_epel_msg =
> > + If you want to test the update, you can install it with
> > + $ su -c 'yum --enablerepo=epel-testing update %s'
> > + You can provide feedback for this update here: %s
> > +{% else %}
> > +acl_system = pkgdb
> > +
> > +##
> > +## Package DB
> > +##
> > +pkgdb_url =
https://admin.fedoraproject.org/pkgdb
> > +
> > +bugtracker = bugzilla
> > +initial_bug_msg = %s has been submitted as an update to %s. %s
> > +stable_bug_msg = %s has been pushed to the %s repository. If
> > problems still persist, please make note of it in this bug report.
> > +testing_bug_msg =
> > + See
https://fedoraproject.org/wiki/QA:Updates_Testing for
> > + instructions on how to install test updates.
> > + You can provide feedback for this update here: %s
> > +
> > +testing_bug_epel_msg =
> > + See
https://fedoraproject.org/wiki/QA:Updates_Testing for
> > + instructions on how to install test updates.
> > + You can provide feedback for this update here: %s
> > +{% endif %}
> > +
> > +# The username/password for our bugzilla account comes
> > +# from the bodhi_{email,password} fields.
> > +
> > +{ if env == "staging" %}
> > +bz_server =
https://partner-bugzilla.redhat.com/xmlrpc.cgi
> > +{% else %}
> > +bz_server =
https://bugzilla.redhat.com/xmlrpc.cgi
> > +
> > +#bz_cookie =
> > +
> > +# Bodhi will avoid touching bugs that are not against the following
> > products
> > +bz_products = Fedora,Fedora EPEL
> >
>
> bz_server seems to be defined in two blocks here - let's just define it
> once.
> Done
>
> > +
> > +##
> > +## Packages that should suggest a reboot
> > +##
> > +reboot_pkgs = kernel kernel-smp kernel-xen-hypervisor kernel-PAE
> > kernel-xen0 kernel-xenU kernel-xen kernel-xen-guest glibc hal dbus
> > +
> > +##
> > +## Critical Path Packages
> > +##
https://fedoraproject.org/wiki/Critical_path_package
> > +##
> > +
> > +# Enable this to query the Fedora Package Database for the list of
> > Critical
> > +# Path Packages. If disabled, it'll just use the hardcoded list
> > below.
> > +
> > +{ if env == "production" %}
> > +critpath.type = pkgdb
> > +{% endif %}
> > +
> > +# You can hardcode a list of critical path packages instead of using
> > the PackageDB
> > +{ if env == "staging" %}
> > +critpath.pkgs = kernel
> > +{% endif %}
> > +
> > +# The number of admin approvals it takes to be able to push a
> > critical path
> > +# update to stable for a pending release.
> > +critpath.num_admin_approvals = 0
> > +
> > +# The net karma required to submit a critial path update to a
> > pending release)
> > +critpath.min_karma = 2
> > +
> > +# Allow critpath to submit for stable after 2 weeks with no negative
> > karma
> > +critpath.stable_after_days_without_negative_karma = 14
> > +
> > +# The minimum amount of time an update must spend in testing before
> > +# it can reach the stable repository
> > +fedora.mandatory_days_in_testing = 7
> > +fedora_epel.mandatory_days_in_testing = 14
> > +
> > +##
> > +## Release status
> > +##
> > +
> > +# Pre-beta enforces the Pre Beta policy defined here:
> > +#
https://fedoraproject.org/wiki/Updates_Policy
> > +#f15.status = 'pre_beta'
> > +#f15.pre_beta.mandatory_days_in_testing = 3
> > +#f15.pre_beta.critpath.num_admin_approvals = 0
> > +#f15.pre_beta.critpath.min_karma = 1
> > +
> > +# For test cases.
> > +f7.status = post_beta
> > +f7.post_beta.mandatory_days_in_testing = 7
> > +f7.post_beta.critpath.num_admin_approvals = 0
> > +f7.post_beta.critpath.min_karma = 2
> > +
> > +# The number of days worth of updates/comments to display
> > +feeds.num_days_to_show = 7
> > +feeds.max_entries = 20
> > +
> > +##
> > +## Buildroot Override
> > +##
> > +
> > +# Number of days before expiring overrides
> > +buildroot_overrides.expire_after = 1
> > +
> > +##
> > +## Groups
> > +##
> > +
> > +# FAS Groups that we want to pay attention to
> > +# When a user logs in, bodhi will look for any of these groups and
> > associate #
> > +# them with the user. They will then appear as the users effective
> > principals in
> > +# the format "group:groupname" and can be used in Pyramid ACE's.
> > +important_groups = proventesters provenpackager releng-team
> > security_respons packager bodhiadmin virtmaint-sig kde-sig eclipse-
> > sig infra-sig gnome-sig python-sig robotics-sig qa-tools-sig nodejs-
> > sig lxqt-sig astro-sig
> > +
> > +# Groups that can push updates for any package
> > +admin_packager_groups = provenpackager releng-team security_respons
> > +
> > +# User must be a member of this group to submit updates
> > +mandatory_packager_groups = packager
> > +
> > +##
> > +## updateinfo.xml configuraiton
> > +##
> > +updateinfo_rights = Copyright (C) 2015 Red Hat, Inc. and others.
> > +
> > +##
> > +## Authentication & Authorization
> > +##
> > +
> > +# pyramid.openid
> > +{ if env == "staging" %}
> > +openid.success_callback = bodhi.server.security:remember_me
> > +openid.provider =
https://id.stg.fedoraproject.org/openid/
> > +openid.url =
https://id.stg.fedoraproject.org/
> > +openid_template = {username}.id.fedoraproject.org
> > +openid.sreg_required = email
> > +{% else %}
> > +openid.success_callback = bodhi.server.security:remember_me
> > +openid.provider =
https://id.fedoraproject.org/openid/
> > +openid.url =
https://id.fedoraproject.org/
> > +openid_template = {username}.id.fedoraproject.org
> > +openid.sreg_required = email
> > +{% endif %}
> > +
> > +##
> > +## Pyramid settings
> > +##
> > +pyramid.reload_templates = false
> > +pyramid.debug_authorization = false
> > +pyramid.debug_notfound = false
> > +pyramid.debug_routematch = false
> > +pyramid.default_locale_name = en
> > +
> > +pyramid.includes =
> > + pyramid_tm
> > +
> > +debugtoolbar.hosts = 127.0.0.1 ::1
> > +
> > +##
> > +## Database
> > +##
> > +{ if env == "staging" %}
> > +sqlalchemy.url = postgresql://bodhi2:{{ bodhi2PasswordSTG }}@db-
> > bodhi/bodhi2
> > +{% else %}
> > +sqlalchemy.url = postgresql://bodhi2:{{ bodhi2Password }}@db-
> > bodhi/bodhi2
> > +{% endif %}
>
> I recently changed the url in staging.ini, so you should be sure to
> pick up that change.
>
Hmm, I just repulled the ansible repo.. I see the same url in staging as
above. staging.ini.j2 line 400 path:
/home/bhart/SpiderOak Hive/Projects/ansible/roles/bodhi2/base/templates
+
> > +##
> > +## Templates
> > +##
> > +mako.directories = bodhi:server/templates
> > +
> > +##
> > +## Authentication & Sessions
> > +##
> > +
> > +authtkt.secret = {{ bodhi2AuthTkt }}
> > +session.secret = {{ bodhi2SessionSecret }}
> > +authtkt.secure = true
> > +
> > +# pyramid_beaker
> > +session.type = file
> > +session.data_dir = /var/cache/bodhi/sessions/data
> > +session.lock_dir = /var/cache/bodhi/sessions/lock
> > +
> > +{ if env == "staging" %}
> > +session.key = {{ bodhi2SessionKeySTG }}
> > +{% else %}
> > +session.key = {{ bodhi2SessionKey }}
> > +{% endif %}
> > +
> > +session.cookie_on_exception = true
> > +# Tell the browser to only send the cookie over TLS
> > +session.secure = true
> > +# Create a cookie that is only valid for one day
> > +session.timeout = 86400
> > +cache.regions = default_term, second, short_term, long_term
> > +cache.type = memory
> > +cache.second.expire = 1
> > +cache.short_term.expire = 60
> > +cache.default_term.expire = 300
> > +cache.long_term.expire = 3600
> > +
> > +[server:main]
> > +use = egg:waitress#main
> > +host = 0.0.0.0
> > +port = 6543
> > +
> > +[pshell]
> > +m = bodhi.server.models
> > +t = transaction
> > +# Begin logging configuration
> > +
> > +[loggers]
> > +keys = root, bodhi, sqlalchemy
> > +
> > +[handlers]
> > +keys = console
> > +
> > +[formatters]
> > +keys = generic
> > +
> > +[logger_root]
> > +level = INFO
> > +handlers = console
> > +
> > +[logger_bodhi]
> > +level = DEBUG
> > +handlers =
> > +qualname = bodhi
> > +
> > +[logger_sqlalchemy]
> > +level = WARN
> > +handlers =
> > +qualname = sqlalchemy.engine
> > +# "level = INFO" logs SQL queries.
> > +# "level = DEBUG" logs SQL queries and results.
> > +# "level = WARN" logs neither. (Recommended for production
> > systems.)
> > +
> > +[handler_console]
> > +class = StreamHandler
> > +args = (sys.stderr,)
> > +level = NOTSET
> > +formatter = generic
> > +[formatter_generic]
> > +format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s]
> > %(message)s
> > +
> > +# End logging configuration
> > \ No newline at end of file
> > --
> > 2.9.3
> _______________________________________________
> infrastructure mailing list -- infrastructure(a)lists.fedoraproject.org
> To unsubscribe send an email to infrastructure-leave(a)lists.fed
>
oraproject.org
>
>