We should move to something more secure than md5 for the uploaded sources.
This patch series implements the client-side part of this change.
We might want to drop the md5 fallback once we have migrated completely, that
is when:
1. all archives on the lookaside have been moved to a stronger hash
2. the "sources" file in all git repos has been updated to the same hash
https://fedorahosted.org/rel-eng/ticket/5846
#5846: move away from md5 for look-aside cache
------------------+------------------------
Reporter: till | Owner: rel-eng@…
Type: task | Status: new
Milestone: | Component: other
Keywords: | Blocked By:
Blocking: |
------------------+------------------------
The lookaside cache uses md5, but something more secure like sha-256 or
sha-512 should be used instead. Maybe it should even be made to allow easy
changes in the future.
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5846>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
#5654: Report full image creation for quality website updates
-----------------------------+------------------------
Reporter: shaiton | Owner: rel-eng@…
Type: task | Status: new
Milestone: Fedora 19 Final | Component: koji
Keywords: | Blocked By:
Blocking: |
-----------------------------+------------------------
Hi, we already discussed a bit about this issues with nirik, before the
F19 release day.
However, yesterday was worse as expected.
Please see the number of fixes:
https://git.fedorahosted.org/cgit/fedora-web.git/log/
(7 important fixes after the merge into prod aedf487eb).
== Summary of major issues:
* http://torrent.fedoraproject.org/spins/ changed to
http://torrent.fedoraproject.org/torrents and we had no idea about this.
* The naming scheme of the file changed which introduced a bug in our
spins website build as it is based against the Json file. We had to fix a
2 years old python code. And we did not know about this.
* Each release we have the 32 bit arch named i686 or i386, it's always
changing. We defined variables in order to help us maintain the websites..
And this does not help us. I know that it depends of the proc instruction
set. But where is the need to change that really? Could we avoid it?
Sooner or later we will drop 32 bit arch... Couldn't we define which arch
to stick with?
* We don't know before last minute if the Spin has built for GA and
therefore if it is going to be released. We need to check it manually. And
really, we can't do it all manually. (as lazy programmers we can't even
think about this).
* Even the spins name has changed in the past, which break our code and
already existing URLs. And then we need to define URL redirect... I hope
jam-kde won't be changed to jam-mate-compiz-fusion-dark at some point..
Just wondering...
* The secondary (ARM) path changed from Images/arm/ to Images/armhfp/.. I
understand the need to tell if it's using FP or not, but again we didn't
know about this before testing in prod.
That should not happen again. Please, help me define the best way to avoid
this. It could be improving SOP, or updating a file after each build..
whatever.
It's a probably wider collaboration issues as it is involving primary,
secondary, SIGs (spins, cloud).. But starting with Releng we can probably
sort this and define the smoother solution for all.
What we need in a simple way (script friendly) and easy to generate for
you is a way to get:
All image full name, path (if possible before release), size (not needed
for torrents), format (torrent, spin, dvd, cloud... whatever) and
checksum. What can't be available easily can have an easy process to get
them or at least we need to know how and when to get them.
The most important of course is the image full name. If we don't know that
this image exists (or died), we won't be able to update it.
Any brillant idea?
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5654>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
#5978: Please create a f21-gnome side tag
-----------------------------+------------------------
Reporter: kalev | Owner: rel-eng@…
Type: task | Status: new
Milestone: Fedora 21 Alpha | Component: koji
Keywords: | Blocked By:
Blocking: |
-----------------------------+------------------------
Hi,
Please create a new f21-gnome side tag and build target. We'll be building
GNOME 3.13.91 early next week and this would help ensure it doesn't cause
instabilities in F21 proper while we're preparing it.
Thanks,
Kalev
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5978>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
#5922: skip 32-bit arches for fedora-cloud-atomic.ks and fedora-cloud-bigdata.ks
-----------------------------+------------------------
Reporter: mattdm | Owner: rel-eng@…
Type: task | Status: new
Milestone: Fedora 20 Final | Component: other
Keywords: | Blocked By:
Blocking: |
-----------------------------+------------------------
The Cloud SIG decided that the Atomic and Big Data images will be 64-bit
only. (Docker currently only works in 64 bits, and while big data tools
might work, the target audience is almost always on 64 bits).
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5922>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
#5891: Deliverables and release engineering changes for Fedora.Next/Fedora 21
-----------------------------+------------------------
Reporter: jreznik | Owner: rel-eng@…
Type: enhancement | Status: new
Milestone: Fedora 21 Alpha | Component: other
Keywords: | Blocked By:
Blocking: |
-----------------------------+------------------------
Fedora Working Groups are discussing different options how to deliver
specific Fedora Products. These deliverables has to be collected (and
agreed on) to plan changes in Fedora release engineering process.
This ticket should serve to collect requirements from WGs in a centralized
way (as there's possible overlap etc). For specific implementation
details, new tickets will be created.
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5891>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
#5944: drop "bigdata" from build-cloud-images for f21 -- feature was postponed
-----------------------------+------------------------
Reporter: mattdm | Owner: rel-eng@…
Type: task | Status: new
Milestone: Fedora 20 Final | Component: other
Keywords: | Blocked By:
Blocking: |
-----------------------------+------------------------
Big Data cloud image isn't going to make the milestone, so we should stop
trying to make the image.
Still hoping to do this for F22, so if we can keep the rawhide one,
awesome.
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5944>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
#5679: merge buildbranched/buildrawhide into a single script
-----------------------------+------------------------
Reporter: ausil | Owner: rel-eng@…
Type: task | Status: new
Milestone: Fedora 20 Alpha | Component: koji
Keywords: | Blocked By:
Blocking: |
-----------------------------+------------------------
in order to simplify things it would be good to make a single script to
build rawhide and branched.
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5679>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project