Learn more about these different git repos.
Other Git URLs
Describe the issue For toddler koji_block_retired, that blocks retired packages in koji, we need permissions to do so. Please give pkglist permission to toddlers/os-control01.stg.iad2.fedoraproject.org
koji_block_retired
pkglist
toddlers/os-control01.stg.iad2.fedoraproject.org
When do you need this? (YYYY/MM/DD) Preferably sooner than later, retired packages now have to be blocked in koji manually as described in this ticket: https://pagure.io/releng/issue/12192
If we cannot complete your request, what is the impact? No retired packages automatically blocked in koji.
Is this only in stg to test? Or both stg and prod?
Both stg and prod. We tested it on staging manually with @abompard and the toddler was working. So toddlers/os-control01.stg.iad2.fedoraproject.org and toddlers/os-control01.iad2.fedoraproject.org
toddlers/os-control01.iad2.fedoraproject.org
Metadata Update from @jnsamyak: - Issue tagged with: medium-gain, medium-trouble, ops
I did stg... but prod the user doesn't seem to exist. ;(
I think you need to login once with it in order for it to start existing...
Hey @kevin
Whenever you get time, can you mention what you did there to add perms? Just curious!
Yeah, sorry... it was just 'stg-koji grant-permission pkglist toddlers/os-control01.stg.iad2.fedoraproject.org'
I did stg... but prod the user doesn't seem to exist. ;( I think you need to login once with it in order for it to start existing...
Not sure I have permissions to do that.
well, normally you would just use the keytab, but in this case yeah, thats anoying.
So, I manually added it:
koji add-user toddlers --principal toddlers/os-control01.iad2.fedoraproject.org
koji grant-permission pkglist toddlers
Did that get it working? ;)
Thanks Kevin! To see that working I would need someone to merge this PR on ansible: https://pagure.io/fedora-infra/ansible/pull-request/2198 and these two PRs on toddlers: https://pagure.io/fedora-infra/toddlers/pull-request/241 for main and https://pagure.io/fedora-infra/toddlers/pull-request/242 for staging, and eventually on production as well.
All those should be merged and deployed.
Can you check on things?
Checking on staging one more time and I get koji.ActionNotAllowed: policy violation (package_list) again, which is the error it was throwing when the toddlers didn't have the perms.
koji.ActionNotAllowed: policy violation (package_list)
@abompard
@lenkaseg Could this be related to mass branching that happened recently?
No idea to be honest, but I'm not aware of all stuff that is happening during mass branching. If you mean the koji outage, that should be long gone, no?
Metadata Update from @lenkaseg: - Issue untagged with: medium-gain, medium-trouble, ops
oops, what did I do with the tags?
Metadata Update from @lenkaseg: - Issue tagged with: medium-gain, medium-trouble, ops
Ok, confirmed that it works, thanks @abompard to have a look!
Opening PR for production branch: https://pagure.io/fedora-infra/toddlers/pull-request/245#
This issue can be closed.
Thanks @lenkaseg !
Metadata Update from @kevin: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Correction, this PR is meant for toddlers production: https://pagure.io/fedora-infra/toddlers/pull-request/247# (the previous one included non-koji_block_retired-related changes)
Log in to comment on this ticket.