Some questions around coprs
Stephen Gallagher
sgallagh at redhat.com
Thu Dec 5 12:44:54 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/04/2013 03:52 PM, Matt_Domsch at Dell.com wrote:
> FESCo would have to change their rules prohibiting shipping
> non-official repo files in the main repository. Assuming that
> political battle is successful…
We (FESCo) seemed to be fairly agreed on that point (wrt COPR) if we
can solve the technical issues that Kevin brought up in this thread.
>
> I think signing must be done by the copr creator (personally).
>
> As each copr repo is independently timed and created, I’d be OK
> with a frequently scheduled rsync that pulls all coprs and drops
> them into the master mirrors, for downstreams to pick up at will.
> Probably in the pub/alt tree please. That will minimize the # of
> mirrors that are looking for them too.
>
We don't want to do ALL COPRs. There will definitely be a hierarchy.
At the FESCo meeting, we had the general sense that we would only want
to allow a limited set that FESCo has approved be available in the
main repo.
> I think the purgatory problem is one for each copr to decide. Some
> may be bleeding edge, some may be backports of good stuff that
> changes infrequently.
>
> I’d say _/no/_ to the meta-repo, for exactly the above reasons, and
> so 2 coprs may conflict and/or compete. That’s their right.
>
Exactly; hence the need for a FESCo approval to elevate one repo to
"acceptable to have a repo-providing RPM in the main Fedora repositories".
> -- Matt Domsch Distinguished Engineer, Director Dell | Software
> Group
>
>
>
> -----Original Message----- From:
> infrastructure-bounces at lists.fedoraproject.org
> [mailto:infrastructure-bounces at lists.fedoraproject.org] On Behalf
> Of Kevin Fenzi
>
> Sent: Wednesday, December 04, 2013 2:20 PM To:
> infrastructure at lists.fedoraproject.org Subject: Some questions
> around coprs
>
> So, at todays fesco meeting there was some discussion about coprs.
> http://meetbot.fedoraproject.org/meetbot/fedora-meeting/2013-12-04/fesco.2013-12-04-17.59.log.html#l-52
>
>
>
> In particular some folks want to be able to ship copr repo files in
> the main Fedora repository. This would allow users to easily
> install software from there without having to discover how to
> enable it.
>
> However, copr packages are not signed or mirrored currently.
>
> So, this brings up thoughts around if we can somehow sign them, and
> how we could mirror them, or even if we want to go down this road
> at all.
>
> (as it seems like not a use case copr's was designed for anyhow).
>
> So:
>
> 1. Do we even want to persue this?
>
> 2. If so, do we have any ideas how signing copr packages could
> work?
>
> 3. Mirroring doesn't seem like it would be that hard, just rsync
> off the repos and push them out in our regular mirroring system.
> Could be a fair bit of churn tho, and there's no set schedule, so
> we would have to decide on frequency, etc.
>
> 4. If coprs moves to being inside koji, could we at that point have
> a better time with these needs?
>
> 5. Perhaps we could propose some kind if pergatory type setup
> between coprs (experemental, just builds, may set your house on
> fire, may update incompatibly every day) and fedora repository
> packages (with all the updates guidelines, reviews, etc).
>
> Thoughts? comments?
>
> Possibly related to this: I wonder if copr could grow a 'meta
> repo' that has all the repodata of all existing coprs. Then you
> could just enable one thing and be able to install any coprs?
>
> kevin
>
>
>
> _______________________________________________ infrastructure
> mailing list infrastructure at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlKgdUYACgkQeiVVYja6o6PQsACfdcxttqo0tFG07TYDjUNP4YCv
5w0An1KlbvjEZLxSWU5H0pG6Go97EgZz
=26mQ
-----END PGP SIGNATURE-----
More information about the infrastructure
mailing list