Hi all,
the reasons, why I started to think about some shared koji shadow setup,
were
- allow multiple people co-work on maintaining koji shadow on secondary
arches
- track all config changes in git, so it is clear who made what change
(and why)
- store the configs and logs at a default and visible place
Currently it is setup by
http://ppc.koji.fedoraproject.org/shadow/tmp/setup-shared-shadow
which means
- everything happens under /home/shadow
- people need to be members of a group
- configs are in shared dir, but certs are taken from people's home dirs
The idea is that there is one person who works on branched (and rawhide)
and another who is responsible for updates in released Fedoras (looks
at failed builds, updates the "exclude" list, etc.).
The group membership should have 2 levels - first is OS level for
people to be able to login and to modify the configs on the hub, second
could be to limit the shadowers from whole "admin" permission in Koji to
"buildfromsrpm" only.
There is also a wrapper script for koji-shadow that
- does log rotation using screen to capture the logs
- selects the right config which is derived from the tag
- allows to build everything from a tag or individual builds
See
http://s390.koji.fedoraproject.org/shadow/bin/run-shadow.sh.dev for
latest version.
This scheme works fine for months on s390 koji and to some degree also
on ppc koji. In my opinion having standardised procedures can only
help, even when there are plans for reworking the secondary arches
workflow in koji 2.0.
Dan