For some reason f26 builders are spewing a lot more audit messages than
other machines. This currently makes the epylog reports pretty usless
since they are so big.
At least for now I would like to just weed all of them out:
diff --git a/roles/epylog/files/merged/weed_local.cf
index 0fbaeb7..e0f996d 100644
@@ -8,7 +8,7 @@ ansible.*: Invoked.*
ansible.*: message repeated.*
-auditd.*: Audit daemon rotating log files
this also of course needs a run of logserver playbook after applying this.
A few fixes for ostree commit signing for f27/rawhide.
[PATCH 1/3] robosig: add in commit signing for f27
[PATCH 2/3] robosig: sign ostree rawhide with f28 key
[PATCH 3/3] robosig: add in ostree signing for rawhide ppc64le
I have another patch to add to the award-oldschool-badges cronjob for
the Badges role. It's a one-line change, patch file is attached.
I'm not sure if this minor or a change needs to be voted on or not – if
not, feel free to merge this in.
Justin W. Flory
I have another quick and simple patch attached for the ansible.git repo.
This one adds a mapping for the DotNet SIG's FAS group to their new
badge that was just pushed up.
Let me know if anything else is needed. Thanks!
Justin W. Flory
This came up in the FESCo meeting today.
In my last discussions with Randy, we were planning on merging,
releasing, and deploying the modular bodhi masher work after Beta
freeze thawed - but FESCo would rather see proof of it before freeze
is up. This is reasonable. We would've liked to have it before Beta,
but contiguous PTO schedules + Flock made that not possible.
Anyways, here we are. I volunteered to take on trying to rebase the
modular masher patches from https://github.com/fedora-infra/bodhi/pull/1697
and cutting a hotfix release of Bodhi.. and to exercise it very
carefully in staging. I want to try upgrading it and downgrading it,
and making sure it won't interrupt the mainline mash if anything is
wrong with it.
I don't think I need an FBR for staging - this is more of a
pre-emptive request. If all goes well with that staging
upgrade/downgrade, is the infra group OK with upgrading also in prod
before the freeze is up?
It's not a super small change. What sort of checks would help raise
confidence? What should I watch out for? Can you help add items to
my TODO list in #1795? (Feel free to edit the ticket there and just
p.s., for the ultimate prod upgrade, I'll send a separate email asking
for approval after I've crossed off items on the list.
p.p.s., for the ultimate prod upgrade, I'll do it at night US+EU TZ
which is when I expect usage will be slightly less.
Good Morning Everyone,
Yesterday, Ralph and I held our monthly meeting: WCFIDFF2.0 (cf $subject). This
is a meeting I started to schedule with Ralph earlier this summer. The idea is
to help prioritize things on the Fedora Infra side as well as keeping each other
informed on what is being worked on and may come in the future and how we can
help each other.
I wanted to send a recap of these discussions but missed the opportunity last
month, so here it is this time.
On the F2.0 front:
- Top priority is getting bodhi ready and shaped for modules.
This relates to the recent FESCo decision and is being tracked upstream at:
Ralph is going to work on this and is likely going to require help from Randy.
- The ODCS hosts have been created but are missing shared storage (nfs/gluster)
between the frontend and backend hosts.
This is not a top priority but it would be appreciated if someone knowing how to
do it, has some spare cycles to look into it. Otherwise it will be processed
- Security audit for ODCS and freshmaker (to prioritize in this order) are still
pending but I know Patrick has them on his radar.
This is also not a top priority since bodhi for modules takes the precedence but
it will get higher on the priority list once bodhi is figured out.
- The follow up from pagure deployment on dist-git is getting lower, there is
only one item left: migrating the watch statuses from pkgdb to pagure.
This has been queued to be fixed.
Hoping this is useful,
When I set this up the other week at flock I didn't realize that giving
the full url here would simply redirect to it.
We instead need the path to it so it will properly return a 404 to the
diff --git a/roles/fedora-docs/proxy/files/fedora-docs.conf
index 508ad1d..ebce645 100644
@@ -1,5 +1,5 @@
-ErrorDocument 404 https://docs.fedoraproject.org/_images/404.html
+ErrorDocument 404 /_images/404.html
AddType application/epub+zip .epub
AddType image/svg+xml .svg
I tested this in stg and it works now as expected.
In addition to applying this of course I need to run the proxy playbooks.