[CentOS-devel] git.stg.centos.org upgraded to pagure 5.3 (beta) and new feature like mqtt notifications

Fri Feb 22 13:03:07 UTC 2019
Fabian Arrotin <arrfab at centos.org>


In October 2018, we (pre)announced that we were working on a
consolidated pagure infra for git.centos.org and src.fedoraproject.org.
We asked feedback from community and one of the remarks we had was about
being able to follow commits for all /rpms/*

While there were requests to have that available through pagure API
(for people already using the gitblit RPC feature of current
https://git.centos.org instance), another idea was to simply send that
to a message broker, so that people can just subscribe to that broker on
a particular topic and consume the message payloads posted there.

As such MQTT support landed in pagure, we decided to upgrade (both
instances) and we have (only at the CentOS side) implemented MQTT
notifications to a "public" broker

Example :
This dummy commit (specific branch) :

(automatically replicated to

posted the following json message on our MQTT staging broker :

git.stg.centos.org/git.receive {"forced": false, "agent": "arrfab",
"repo": {"custom_keys": [], "name": "bacula", "parent": null,
"date_modified": "1539692831", "access_users": {"owner": ["centosrcm"],
"admin": [], "ticket": [], "commit": []}, "namespace": "rpms",
"priorities": {}, "close_status": [], "access_groups": {"admin": [],
"commit": [], "ticket": []}, "milestones": {}, "user": {"fullname":
"CentOS Sources", "name": "centosrcm"}, "date_created": "1539692831",
"fullname": "rpms/bacula", "url_path": "rpms/bacula", "id": 6, "tags":
[], "description": " Cross platform network backup for Linux, Unix, Mac
and Windows"}, "end_commit": "61cd3575ba64b5f7afbf16eeb5c8dea7293b1241",
"branch": "c7-sig-altarch-test", "authors": [{"fullname": "Fabian
Arrotin", "name": "arrfab"}], "total_commits": 1, "start_commit":

The first part is just the topic, while the message payload is the json

How can you subscribe to that MQTT broker (if you want to automate some
workflow) ?
The only requirement is to trust our ACO (https://accounts.centos.org)
CA cert and also to have your TLS cert from ACO
All those steps are done automatically through centos-cert (from
centos-packager, see https://wiki.centos.org/HowTos/CentosPackager)

From that point, you can use your MQTT client of choice (mosquitto_sub
from mosquitto pkg, or python-paho-mqtt for python client, etc) and
point to mqtt.stg.centos.org:8883

Simple example with mosquitto_sub :

mosquitto_sub --cafile ~/.centos-server-ca.cert --cert ~/.centos.cert
--key ~/.centos.cert -h mqtt.stg.centos.org -p 8883 -t
git.stg.centos.org/# -v

Hope that it helps people willing to get automatic notifications in
"real-time" when repositories are created or that there are new commits
landing there.

Worth noting that it's still only in staging, but once we have a green
light, we should migrate git.centos.org to pagure with the same features
set as the one deployed on staging.

Fabian Arrotin
The CentOS Project | https://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20190222/cd1c2942/attachment-0007.sig>