On 10/03/2020 16:17, Fabian Arrotin wrote:
Hi all (especially SIG members/contributors) ,
As announced by Jim some time ago, we wanted to redesign the current signing process that is in place for https://cbs.centos.org for CentOS 6 and 7 (so quite some years now)
The goal is to automate as much as possible the workflow, and working for all releases (yeah for CentOS 8 and Stream)
Thomas and myself have worked on the following idea and we're now happy with the results (in our Dev environment) :
- when someone builds a pkg, and that it's tagged to -testing, koji
sends a notification (through koji callback - https://fedoraproject.org/wiki/Koji/WritingKojiCode#Event_Plugin) to a bus
- signing machine listens to the bus, process the tag and push directly
to buildlogs
- when someone tag-build said pkg to -release, the node signs it with
correct gpg key id (from the SIG), push generated repository (including for debuginfo/src.rpm packages) to mirror CDN
Hi,
thank you for putting this stuff together, this is really great.
Can we have tags for opstools and messaging SIG?
opstools[78]-collectd-5-{candidate|testing|release} messaging[78]-qpid-0.30-{candidate|... messaging[78]-rabbitmq-3.8-{candidate|...
Thank you. Matthias