| |
@@ -133,6 +133,7 @@
|
| |
- fedora-messaging # needed by pungi to emit fedora-messages.
|
| |
- python3-bugzilla # needed by ftbfs scrips/cron.
|
| |
- fedora-repo-zdicts # needed for pungi to make zchunk repodata
|
| |
+ - fedrq # needed by `sig_policy` script
|
| |
tags:
|
| |
- releng
|
| |
|
| |
@@ -205,6 +206,12 @@
|
| |
copy: src="rawhide-iot" dest=/etc/cron.d/rawhide-iot
|
| |
when: inventory_hostname.startswith('compose-iot-01.iad2')
|
| |
|
| |
+ # put cron job in for enforcing FESCo SIG Policy
|
| |
+ # https://docs.fedoraproject.org/en-US/fesco/SIG_policy/
|
| |
+ - name: sig_policy cron
|
| |
+ template: src="sig_policy.j2" dest=/etc/cron.d/sig_policy
|
| |
+ when: inventory_hostname.startswith('compose-x86-01.iad2')
|
| |
+
|
| |
- name: Create /etc/pki/fedora-messaging
|
| |
file:
|
| |
dest: /etc/pki/fedora-messaging
|
| |
The variable name should change to something with underscores (e.g.
{{ fesco_sig_policy_src_token }}
) and that needs to be defined in the ansible-private repo like @kevin said.