Uploaded image for project: 'CentOS Stream'
  1. CentOS Stream
  2. CS-1376

Migrate koji infra auth from REDHAT.COM to IPA.REDHAT.COM

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Minor
    • None
    • None
    • Infrastructure
    • None

    Description

      All the provisioned infra for Stream koji (and related services) was configured to use REDHAT.COM keytab files.

      That krb5 REALM is now considered legacy and all internal services should point to IPA.REDHAT.COM (there is a cross trust at this stage).

      Pointer : https://source.redhat.com/groups/public/identity-access-management/identity__access_management_wiki/2022_policy_changes

      We should:

      • migrate/test our .stg. (staging) environment to IPA.REDHAT.COM
      • once fully tested, ask for new keytabs
      • schedule/announce a maintenance window and reconfigure our whole koji Stream infra

      Attachments

        Issue Links

          depends on

          Task - A task that needs to be done. CS-1409 Convert koji STG env to IPA.REDHAT.COM

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed

          Activity

            Public project attachment banner

              context keys: [headless, issue, helper, isAsynchronousRequest, project, action, user]
              current Project key: CS

              People

                Unassigned Unassigned
                farrotin@redhat.com Fabian Arrotin
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated: