| *** apevec has joined #softwarefactory | 09:54 | |
| lyr | Is there an option in sfconfig to only provision (new) workers ? A bit like Ansible's --limit maybe ? I'ld like to use it in my consul-template which keeps arch.yaml up to date as a post templating command | 10:55 |
|---|---|---|
| lyr | 2nd question, logged with admin, trying to logout I get a 404 "The requested URL /r/logout was not found on this server.". Bug ? Misconfiguration ? | 11:03 |
| lyr | 3rd question, I configured Github oauth, after & successful login @ github, it comes back to SF & fails with a "Authorization failure: Failed to fetch emails". I alos tried using my account email, and a non MFA enabled account w/o success | 11:09 |
| mhu | lyr, about the 3rd question, is that all you see in /var/log/cauth/cauth.log ? | 11:13 |
| lyr | mhu: yes | 11:13 |
| lyr | 2020-12-07 11:07:19,444 ERROR [cauth.GithubAuthPlugin] [TID: 57b83e2f] Failed to fetch emails: <Response [403]> | 11:13 |
| mhu | lyr I wonder if you've given enough authorizations to the SF app when github asks during the first login | 11:16 |
| mhu | looks like the authenticated user hasn't allowed access to emails | 11:16 |
| lyr | Here's the logs with cauth switched to debug | 11:16 |
| lyr | https://paste.garrigue.re/?d48d2ae0368aa452#3K4fRgj7chgoxfhB7JNiXiMZYCRAbnMALCPJZDfPoAa1 | 11:16 |
| mhu | lyr, if you look at this URL https://github.com/settings/applications | 11:18 |
| mhu | and look for the SF application | 11:18 |
| mhu | you should see among the permissions: "Access user email addresses (read-only)" | 11:18 |
| lyr | Ah indeed, it was no access | 11:19 |
| lyr | fixed, seems all good | 11:19 |
| lyr | thanks mhu | 11:19 |
| mhu | yw, glad to be of help! | 11:19 |
| lyr | mhu: I checked the doc while taking notes, the email permission is missing | 11:40 |
| lyr | Here https://softwarefactory-project.io/docs/operator/zuul_operator.html#create-a-github-app | 11:41 |
| *** rfolco has joined #softwarefactory | 11:54 | |
| apevec | that's the github app for zuul itself (for accessing PRs etc.) | 12:10 |
| apevec | mhu, this is SF cauth doc? https://softwarefactory-project.io/docs/operator/auths.html | 12:11 |
| mhu | apevec, correct | 12:26 |
| mhu | lyr, apevec I haven't authorized a SF app via GH in a while but I think you're asked to confirm the correct permissions the first time automatically | 12:27 |
| mhu | I'm checking the code in cauth, and we do set the following default scope: "user:email, read:public_key" | 12:28 |
| mhu | so lyr must have unchecked email access inadvertently | 12:29 |
| tristanC | lyr: there is no option to only provision workers, but here is an example playbook to do that: https://softwarefactory-project.io/cgit/software-factory/sf-ops/tree/maintenance/spin-executor.yaml | 12:55 |
| sfbender | Fabien Boucher created software-factory/shake-factory master: Add bs-webapi as dependency https://softwarefactory-project.io/r/20268 | 14:46 |
| lyr | mhu: I created the github app | 15:07 |
| lyr | at this point I had to fiddle with the permission (or so I though) | 15:07 |
| sfbender | Merged software-factory/shake-factory master: Add extra javascript libraries https://softwarefactory-project.io/r/20081 | 15:38 |
| sfbender | Merged software-factory/shake-factory master: Add bs-webapi as dependency https://softwarefactory-project.io/r/20268 | 15:38 |
| *** apevec has quit IRC | 18:41 | |
| *** zenkuro has joined #softwarefactory | 19:03 | |
| *** sshnaidm has quit IRC | 21:49 | |
| *** zenkuro has quit IRC | 21:51 | |
| *** sshnaidm has joined #softwarefactory | 22:08 | |
| *** rfolco has quit IRC | 22:34 | |
| *** rfolco has joined #softwarefactory | 22:43 | |
| *** rfolco has quit IRC | 22:48 | |
| sfbender | Nicolas HICHER created software-factory/sf-config master: sf-repos: Add static nodepool config file management https://softwarefactory-project.io/r/20272 | 23:24 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!