On 10/03/2020 16:17, Fabian Arrotin wrote: > Hi all (especially SIG members/contributors) , > > As announced by Jim some time ago, we wanted to redesign the current > signing process that is in place for https://cbs.centos.org for CentOS 6 > and 7 (so quite some years now) > > The goal is to automate as much as possible the workflow, and working > for all releases (yeah for CentOS 8 and Stream) > > Thomas and myself have worked on the following idea and we're now happy > with the results (in our Dev environment) : > - when someone builds a pkg, and that it's tagged to -testing, koji > sends a notification (through koji callback - > https://fedoraproject.org/wiki/Koji/WritingKojiCode#Event_Plugin) to a bus > - signing machine listens to the bus, process the tag and push directly > to buildlogs > - when someone tag-build said pkg to -release, the node signs it with > correct gpg key id (from the SIG), push generated repository (including > for debuginfo/src.rpm packages) to mirror CDN Hi, thank you for putting this stuff together, this is really great. Can we have tags for opstools and messaging SIG? opstools[78]-collectd-5-{candidate|testing|release} messaging[78]-qpid-0.30-{candidate|... messaging[78]-rabbitmq-3.8-{candidate|... Thank you. Matthias -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20200316/ea3cc05d/attachment-0007.sig>