On Jun 13 17:14, Haïkel wrote: > Le 11 juin 2015 20:44, "Brian Stinson" <brian at bstinson.com> a écrit : > > > > Hi All, > > > > I've been lurking at a few SIG meetings this week to get an idea of > > which SIGs are blocked on things in the CBS. So far here is a high-level > > list of outstanding items: > > > > Thanks for raising the topic. > I'll speak with my cloud SIG hat. > > > - Central Authentication for Koji/Gitblit/Lookaside (Priority: HIGH) > > > > - Lookaside upload tools (Priority: HIGH) > > > > +1 > > > - New release of CBS build tools - centpkg, /usr/bin/cbs (Priority: HIGH) > > > > - EPEL package import features in the build tools (Priority: Medium) > > > > I have to disagree EPEL import is much higher priority than centpkg > (especially if it's dissociated from lookaside upload. > Potentially we're shipping outdated packages (ie: recently I fixed a CVE in > our redis package. Had I not been maintaining it in Fedora, it might have > remained unnoticed) Great perspective here! There seems to be two parts to this problem 1.) knowing when an update gets pushed in EPEL/Fedora, AND 2.) the mechanism to grab the sources, import, and build The idea was to have centpkg do the work for (2) since there are some tranformations we need to do on our end (e.g. changing from the Fedora dist-git layout to ours). I think it makes sense for (1) to become the high-priority goal, and some of that work will begin when we start investigating Fedmsg. > > > - Notifications/Messaging from Koji (Priority: Medium) > > > > If your SIG is blocked on something in the CBS or if you have any > > feature requests, please let me know. > > > > Medium priority: > * dist-git > * packages ACLs (reusing pkgdb?) > * reviewing process! > => that's important for traceability and keep consistency in our artefacts. > > As for RDO, we still rely on Fedora and our own infra and we want to > integrate more within the CentOS ecosystem. > And keeping high standards and make it easier to contribute in Cloud SIG. > > As part of CentOS community, I'd rather help other SIGs to also raise their > standards without denying each group identity. Having the infrastructure > and provide guidelines (as in a base starter framework rather than rigid > rules) would help to reach goal. > That's the next challenge to the SIG experience and allow building high > quality community-maintained products. > > I'm really thankful that you're doing the heavy lifting of the > infrastructure needed to that. > > Regards, > H. I'll definitely get those suggestions on the roadmap. I'm eager to close on the core infrastructure so we can get to work on some of those collaboration guidelines you talked about. Thanks for the insight, it's extremely valuable from my perspective. --Brian