[CentOS-devel] Question about authoritative SIG for specific pkg[s] (wrt ConfigMgmt SIG)

Tue Jul 12 15:06:19 UTC 2016
Brian Stinson <brian at bstinson.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Jul 12 09:10, Fabian Arrotin wrote:
> I  just had a look at CBS and was wondering how one SIG (so not
> ConfigMgmt SIG specific, but let's use that as an example) can interact
> with other SIGs.
> 
> One example is Ansible : it seems some other SIGs are relying on it and
> so actually the ConfigMgmgt SIG isn't able to build it as it's already
> built with the same ENVR but in a different target/tag :
> https://cbs.centos.org/koji/packageinfo?packageID=1947
> 
> What would be the option for this ?
> Actually the direct option is for the ConfigMgmt SIG to just tag that
> build (for example for ansible-2.1.0.0-1.el7) so that it will appear in
> the correct repositories, but I'm wondering if such SIG wouldn't have to
> be considered "authoritative" and so having to discuss/bump/build new
> releases, and then other SIGs can just consume/tag a specific build/ENVR
> they want in their own repositories.
> 
> -- 
> Fabian Arrotin
> The CentOS Project | http://www.centos.org
> gpg key: 56BEC54E | twitter: @arrfab
> 

I don't think we have a way to enforce anything, other than relying on
the SIGs to know their 'downstreams'. It might be good for us to start
with a matrix of packages (which in the short-term will be hard to
maintain). Perhaps we're at the point where enough of this is happening
that we should start investigating a simple pkgdb. 

- --Brian 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJXhQdrAAoJEIMGvNKzCweMI5MP/1uniOHxbrFop2SY/ZV2uCie
MmC72KtOZqK9cZrO7X2e6Ejyc/PV54IxVemkkHn4zW+aBMfqdtOEZls5JTOESTEX
3cJH4MTRXntqpIOqiZs3h70D6X+NfvXy3fcCRDQ21M40vhJioAk480HLLMYZp8GF
WL3cXdfkVcGHNtmHvtxzAAvFUSvwOAxAhUK9Ii01HMxDtkyNwc1ip1Bo33sjcAsl
9akSmgnEwjEWgExsZnSIYRbPyOWXzF2ly20p7CcLLSKavBEm524s6xjQm9ppOrcT
yb+U79NI3li4J3UjzkOrleoUo8q81TeoSJl1bXFdluSlhYhUVNO7JTZQkihdbO9S
mYv3CXeFFFrAbcq75h8J2fB5+88oUJRks6ZJTCcrNXP0TePKMKmmKSvbOodnUOPS
H0dEdxKeCarCkjqHlOJ7S+xpwstfWSkNRHcCuk0YHsjlIwqzwHrDtoqfVfH9ZfF7
ziDW+anUBM1Tennho6jZFnTcqgP9lZ3L7H6Qe3J/CRobjGua7mznMlNb/Vqes7qQ
IXZfe8TcVFRKWoxQaAmckouZ0HbheZwH7Zy6Cb8CXqofSQclvNW8wYk53PTD4yEU
aEpblMxlv/vqBtFZ30Ork779/duQUGIBz//qDlmr8XL6T4ZH8T5z0A8oDYH/ACJL
p/Z5ZsXJbipuMJ/aH6TA
=sFwP
-----END PGP SIGNATURE-----