On Tue, Jul 11, 2023 at 08:42:31AM +0200, Aurelien Bompard wrote:
> So, something broke, I forgot that the bodhi user also publishes to the
> org.fedoraproject.{env}.pungi.
> I fixed that now but there were quite a few messages rejected during my
> night. It may be necessary to restart the compose.
So, something broke, I forgot that the bodhi user also publishes to the
org.fedoraproject.{env}.pungi.
I fixed that now but there were quite a few messages rejected during my
night. It may be necessary to restart the compose.
Aurélien
Le lun. 10 juil. 2023 à 17:43, Aurelien Bompard
a écrit :
>
On Mon, Jul 10, 2023 at 11:44 AM Aurelien Bompard
wrote:
>
> All the other accounts are only allowed to send to the topics they have
> defined in Ansible.
> This opens the door to letting external services publish to our message bus,
> since we can make sure they can only publish to their namesp
Thanks for driving this forward!
kevin
signature.asc
Description: PGP signature
___
infrastructure mailing list -- infrastructure@lists.fedoraproject.org
To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Fedora Code of Conduc
Done. The following users are not protected by ACLs (which means they can
send to any topics):
- notifs-web and notifs-backend, because we'll remove the old FMN soonish
- alt-src: I couldn't contact the owner (Siteshwar?). Related to CentOS
Stream. I tried to contact Brian Stinston.
- coreos: Same,
Hey folks!
After a lot of asking around and quite a bit of testing on staging, I'm
ready to enable topic authorization on production. If your application does
not declare the `sent_topics` regexp in Ansible, it will only be allowed to
publish on topics that start with
`org.fedoraproject.{env}.{rab