[CentOS-devel] Making EPEL available in CBS for SIG builds

Tue May 11 11:43:07 UTC 2021
Neal Gompa <ngompa13 at gmail.com>

On Mon, May 10, 2021 at 11:52 PM Johnny Hughes <johnny at centos.org> wrote:
> On 5/10/21 11:35 AM, Fabian Arrotin wrote:
> > On 10/05/2021 18:08, Johnny Hughes wrote:
> >> On 5/7/21 8:15 AM, Matthew Miller wrote:
> >>> On Fri, May 07, 2021 at 08:07:12AM +0200, Fabian Arrotin wrote:
> >>>> So we have two solutions and the easiest/fastest one is probably just to
> >>>> import pkgs in koji and SIG can just tag-build what they want/need
> >>>> (including cherry-picking ENVR) but with the downside effect of pkg
> >>>> signed with a different gpg key (and so my original question to Fedora :
> >>>> is that allowed  ?)
> >>>
> >>> I don't *think* that would be a problem. It's too bad RPMs can't have
> >>> multiple signatures.
> >>>
> >>> But wouldn't cherry-picking ENVR cause problems if a system has EPEL
> >>> enabled?
> >>>
> >>
> >> I personally think the best option is just to use the EPEL repos as
> >> external repos and to require epel-release in repos where you require
> >> epel package to be installed.
> >
> > Sure, that would solve part of the problems SIGs asked initially to
> > solve by just importing builds but other problems would then remain :
> > - no way for them to tag a particular ENVR (that they can test and
> > control in their tags)
> > - still a need to rebuild EPEL pkgs (like for infra tags, etc)
> EPEL does not maintain multiple ENVRs, right?  So if they need that,
> they will have to create it themselves.  Either we use EPEL or we don't.
>  You guys decide.
> BUt IF we ARE going to use EPEL, the we need to use it.  Not rebuild it
> and resign it.  If that causes too mant problems, then keep doing what
> we are doing.  There are pros and cons to switching.

I want us to use EPEL as-is. SIGs consuming EPEL content should not
have the expectation of frozen-ness, they should be working with EPEL
maintainers to make sure their stuff works. The problem with this
whole discussion is that SIGs basically don't want to work with EPEL
maintainers, which is a totally crap way to do things. In Hyperscale,
our policy is that stuff goes into our repo *only if it doesn't make
sense for EPEL* because we understand that basically *nobody* runs
CentOS without EPEL.

To be blunt, any SIG who thinks that their content isn't already used
alongside EPEL is basically fooling themselves. They should consume
EPEL as it is and deal with it.

真実はいつも一つ!/ Always, there's only one truth!