On 06/26/2014 06:26 PM, Thomas Oulevey wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi All, > > The initial idea is to configure Koji and make it available to the > community. > > Thanks to Karanbir/Fabian we already got the hardware and installation > is on going. > > But first, we would like to ask for feedback: > > 1/ PKI setup, a proposal: > - - koji-web use a certificate signed by an external CA (and obviously > trusted) > - - the rest of the koji architecture (hub and kojid) will use a > self-signed CA that we'll use to also generate other certs. The > proposal is to gpg encrypt the CA within a non-public GIT repo. > Talking with Fabian, he already use this method for other > infrastructure project. > - - the clients (at the beginning git.c.o) will use self-signed CA. > > This need to be discussed in the light of future integration of > different user facing tools (koji, git, etc...) and if we want to > provide koji client accesses, as Fedora project does. > > 2/ Hostnames to use: > - - After a round on #centos-devel, cbs.centos.org was the best we can > come up with. Comments ? > - - For the builders machine, we should decide on a decent naming as > this info appears in RPM metadata. > i.e : builder01.cbs.centos.org, builder02.cbs.centos.org, etc... > Do we want to deal with different "architecture family" within the > name (e.g ARM) ? > i.e : x86-builder01.cbs.centos.org, arm-builder01.cbs.centos.org > > Your comments are very welcome! > What would the workflow of RPMs after they are created in koji. How would they land up in respective repos? Will it be a automated method or manual method? This is done using Bodhi in Fedora, so looking for a similar or better solution here too. Thanks, Lala