Validate-fedora-ci-fixes2

Containerfile

@@ -4,12 +4,13 @@ RUN dnf install -y python3-ogr python3-copr python3-koji python3-pip fedpkg krb5
 
 RUN pip3 install --upgrade sentry-sdk && pip3 check
 
-# Configure SSH to not prompt for host key verification
-RUN mkdir -p /root/.ssh && \
-    echo "Host pkgs.fedoraproject.org" >> /root/.ssh/config && \
-    echo "    StrictHostKeyChecking accept-new" >> /root/.ssh/config && \
-    echo "    UserKnownHostsFile /dev/null" >> /root/.ssh/config && \
-    chmod 600 /root/.ssh/config
+# Add Fedora Pagure host key to system-wide known_hosts
+# This works for both root and non-root users (e.g., in OpenShift)
+RUN mkdir -p /root/.ssh /etc/ssh && \
+    ssh-keyscan -t rsa,ecdsa,ed25519 pkgs.fedoraproject.org >> /root/.ssh/known_hosts && \
+    chmod 600 /root/.ssh/known_hosts && \
+    ssh-keyscan -t rsa,ecdsa,ed25519 pkgs.fedoraproject.org >> /etc/ssh/ssh_known_hosts && \
+    chmod 644 /etc/ssh/ssh_known_hosts
 
 RUN pip3 install git+https://github.com/packit/validation.git
 

README.md

@@ -31,5 +31,10 @@ If you want to run the script on your own:
   token](https://github.com/settings/tokens) with _public_repo_ scope.
 - Set a `GITLAB_TOKEN` environment variable holding a [personal access
   token](https://gitlab.com/-/profile/personal_access_tokens) with _api_ scope.
+- Set a `DEPLOYMENT` environment variable to either `production` or `staging`.
+- For Pagure tests (optional):
+  - Set a `PAGURE_TOKEN` environment variable with a Pagure API token.
+  - Set a `PAGURE_SSH_KEY` environment variable with the path to your SSH private key.
+  - Set a `PAGURE_KEYTAB` environment variable with the path to your Kerberos keytab file.
 - Optionally, set a `SENTRY_SECRET` environment variable if you want to send
   the validation failures to Sentry.