Hello, I would like to hear about the community opinion on this. The pipeline delivery team currently installs a number of packages in some of their pipeline tasks, this package list (package + package version) is stored in a file and that file gets updated when a new version of a listed package is around in Koji. The problem is that Koji is being used to check for new package versions but that doesn't mean a compose was run which can lead to a situation where mirrors do not have that "latest" package version that was built on koji (a compose is run weekly). To illustrate things in a practical way: - A new version (1.34.0) of NetworkManager was built in koji: https://koji.mbox.centos.org/koji/packageinfo?packageID=1433; - The package is not available in centos mirrors (yet): http://mirror.centos.org/centos/8-stream/BaseOS/aarch64/os/Packages/ ; - The package gets updated in this file: https://gitlab.com/redhat/edge/ci-cd/manifests/-/blob/update-package-NetworkManager-1.34.0-0.1.el8/package_list/c8s-image-manifest.txt#L9 ; - The pipeline job fails because yum can't find that version of the package in the BaseOS repository. I know that we can download those RPMs directly from Koji but I was wondering if this is where the SIG could/should step in and make the user experience a bit better by providing a single source of truth, be it a repository or some tooling, to retrieve package info and show where they stand. Any thoughts on this? Thanks! -- Leonardo Rossetti Red Hat <https://www.redhat.com> lrossett at redhat.com <https://www.redhat.com> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-automotive-sig/attachments/20210923/550b75b4/attachment-0001.html>