Learn more about these different git repos.
Other Git URLs
To run koji builds for Fedora CI (scratch builds for testing and regular builds for ELN) we need a service account.
Currently we use bpeck/jenkins-continuous-infra.apps.ci.centos.org user, see https://koji.fedoraproject.org/koji/userinfo?userID=3978
bpeck/jenkins-continuous-infra.apps.ci.centos.org
But we would like to have a dedicated bot account for Fedora CI SIG, owned by fedora-ci-admin FAS group.
Not urgent, as we currently use the existing account.
--
Fedora CI infra uses user account with no clear ownership.
Metadata Update from @mohanboddu: - Issue tagged with: groomed, medium-gain, medium-trouble
So, you should be able to create the fas account yourself... the only caveats:
You can't use a @fedoraproject.org email address for it at least initially... if you would like us to set it to fedora-ci-admin-users@fedoraproject.org or something, we can do that after the initial creation?
Please make sure it has 'bot' in the name or description so it's obvious it's a non human account.
Metadata Update from @kevin: - Issue untagged with: groomed, medium-gain, medium-trouble
Metadata Update from @pingou: - Issue tagged with: groomed, medium-gain, medium-trouble
@kevin With the Fedora account system updated, can we reset this conversation and try again?
So we need credentials to run builds in Fedora Koji on behalf of Fedora CI SIG as a replacement for bpeck's account we use now.
Also we run builds for Fedora ELN SIG, but i think it is ok to reuse Fedora CI credentials for that.
Do I still need to register fedora ci bot or can you create service account for us?
We could make a service keytab for this now, sure. :)
For that we need to know:
If you can add those, we can make a stg one and test out things, then send you a prod one?
We have fedora-ci-admins group, can it be made the owner of the service account?
https://accounts.fedoraproject.org/group/fedora-ci-admins/
Other options could be:
Use osci-admins+fedoraci@redhat.com This is a dedicated private mailing list for the OSCi team admins at Red Hat. While bot will operate for the Fedora CI SIG, OSCI team can manage the account for that purpose.
osci-admins+fedoraci@redhat.com
My personal mail
Maybe some kind of dedicated private mailing list like fedora-ci-admins@fedoraproject.org ?
Well, I don't care too much what it is as long as we can contact people...
How about we add these to ansible with a comment containing the contact info (all be it mailing list or alias or list of account names)?
Then we know who we have issued them to, how to contact them and can regenerate them again if needed via ansible.
There is another case of this in releng #10374
Take a look at https://pagure.io/releng/issue/10374#comment-761424 there. I am hoping to use that to base a doc from and make it all as self service as possible.
Login to comment on this ticket.