On 11/28/2010 11:25 AM, Jon Stanley wrote:
So I have an interesting situation. I have an SCM (CVS, don't
laugh)
that requires kerberized gserver authentication. How do I use Koji
with this? I don't mind embedding a password for a user that has
read-only access to the repo somewhere, but I really don't want to if
I can avoid it.
In all my setups the cvs server supports anonymous read-only access.
At present, koji's scm url spec does not support an embedded password.
I'm not sure if that's a practice we want to encourage.
At present, kojid uses pserver for cvs:// scm urls. This is hard-coded
currently.
When kojid uses kerberos to authenticate to the hub, there is a kerberos
cache in /var/tmp/kojid.ccache, /but/ it does not set KRB5CCNAME, or for
that matter ever renew the ticket.
Short version, if you can't allow anonymous read-only access then there
are a lot of code changes between you and your goal. Making such changes
sanely may be a bit of a challenge.
Also, with the interesting requirement of a Makefile with target
srpm,
how do folks generate that for externally developed packages? Frankly,
most of the packages that we're going to build are rebuilds of RHEL
content with minor changes (sometimes a patch, sometimes just pathname
changes, etc), so generating an SRPM and feeding it directly to koji
is easier than maintaining some SCM layout that's foreign to us and a
lookaside cache. Note that the reason we want to use koji is build
reproducibility, but we'll be saving the SRPM's used in some location.
A makefile is not required. You can change the 'make sources' command to
something else in the allowed_scms config. Granted, this is a relatively
recent change.