-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/04/2013 03:52 PM, Matt_Domsch(a)Dell.com wrote:
FESCo would have to change their rules prohibiting shipping
non-official repo files in the main repository. Assuming that
political battle is successful…
We (FESCo) seemed to be fairly agreed on that point (wrt COPR) if we
can solve the technical issues that Kevin brought up in this thread.
I think signing must be done by the copr creator (personally).
As each copr repo is independently timed and created, I’d be OK
with a frequently scheduled rsync that pulls all coprs and drops
them into the master mirrors, for downstreams to pick up at will.
Probably in the pub/alt tree please. That will minimize the # of
mirrors that are looking for them too.
We don't want to do ALL COPRs. There will definitely be a hierarchy.
At the FESCo meeting, we had the general sense that we would only want
to allow a limited set that FESCo has approved be available in the
main repo.
I think the purgatory problem is one for each copr to decide. Some
may be bleeding edge, some may be backports of good stuff that
changes infrequently.
I’d say _/no/_ to the meta-repo, for exactly the above reasons, and
so 2 coprs may conflict and/or compete. That’s their right.
Exactly; hence the need for a FESCo approval to elevate one repo to
"acceptable to have a repo-providing RPM in the main Fedora repositories".
-- Matt Domsch Distinguished Engineer, Director Dell | Software
Group
-----Original Message----- From:
infrastructure-bounces(a)lists.fedoraproject.org
[mailto:infrastructure-bounces@lists.fedoraproject.org] On Behalf
Of Kevin Fenzi
Sent: Wednesday, December 04, 2013 2:20 PM To:
infrastructure(a)lists.fedoraproject.org Subject: Some questions
around coprs
So, at todays fesco meeting there was some discussion about coprs.
http://meetbot.fedoraproject.org/meetbot/fedora-meeting/2013-12-04/fesco....
In particular some folks want to be able to ship copr repo files in
the main Fedora repository. This would allow users to easily
install software from there without having to discover how to
enable it.
However, copr packages are not signed or mirrored currently.
So, this brings up thoughts around if we can somehow sign them, and
how we could mirror them, or even if we want to go down this road
at all.
(as it seems like not a use case copr's was designed for anyhow).
So:
1. Do we even want to persue this?
2. If so, do we have any ideas how signing copr packages could
work?
3. Mirroring doesn't seem like it would be that hard, just rsync
off the repos and push them out in our regular mirroring system.
Could be a fair bit of churn tho, and there's no set schedule, so
we would have to decide on frequency, etc.
4. If coprs moves to being inside koji, could we at that point have
a better time with these needs?
5. Perhaps we could propose some kind if pergatory type setup
between coprs (experemental, just builds, may set your house on
fire, may update incompatibly every day) and fedora repository
packages (with all the updates guidelines, reviews, etc).
Thoughts? comments?
Possibly related to this: I wonder if copr could grow a 'meta
repo' that has all the repodata of all existing coprs. Then you
could just enable one thing and be able to install any coprs?
kevin
_______________________________________________ infrastructure
mailing list infrastructure(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlKgdUYACgkQeiVVYja6o6PQsACfdcxttqo0tFG07TYDjUNP4YCv
5w0An1KlbvjEZLxSWU5H0pG6Go97EgZz
=26mQ
-----END PGP SIGNATURE-----