[CentOS-devel] Making EPEL available in CBS for SIG builds

Mon May 10 16:35:58 UTC 2021
Fabian Arrotin <arrfab at centos.org>

On 10/05/2021 18:08, Johnny Hughes wrote:
> On 5/7/21 8:15 AM, Matthew Miller wrote:
>> On Fri, May 07, 2021 at 08:07:12AM +0200, Fabian Arrotin wrote:
>>> So we have two solutions and the easiest/fastest one is probably just to
>>> import pkgs in koji and SIG can just tag-build what they want/need
>>> (including cherry-picking ENVR) but with the downside effect of pkg
>>> signed with a different gpg key (and so my original question to Fedora :
>>> is that allowed  ?)
>>
>> I don't *think* that would be a problem. It's too bad RPMs can't have
>> multiple signatures.
>>
>> But wouldn't cherry-picking ENVR cause problems if a system has EPEL
>> enabled?
>>
> 
> I personally think the best option is just to use the EPEL repos as
> external repos and to require epel-release in repos where you require
> epel package to be installed.

Sure, that would solve part of the problems SIGs asked initially to
solve by just importing builds but other problems would then remain :
- no way for them to tag a particular ENVR (that they can test and
control in their tags)
- still a need to rebuild EPEL pkgs (like for infra tags, etc)

FWIW, Aoife said (in SIG-infra meeting today,
https://centos.org/minutes/2021/May/centos-meeting.2021-05-10-14.03.html) that
she'll reach out to Fesco to see if they agree on the "let's import and
redistribute - part/tagged pkgs - Epel pkgs through cbs.centos.org" for SIGs

OTOH, if all that is complicated (to find an agreement/policy), we can
just continue like before : letting SIGs rebuild epel pkgs in
cbs.centos.org and move on (and close RFE tickets about this on the
infra tracker) :)

-- 
Fabian Arrotin
The CentOS Project | https://www.centos.org
gpg key: 17F3B7A1 | twitter: @arrfab