[CentOS-devel] CPE Weekly Update – Week 17 2022

Fri Apr 29 10:56:46 UTC 2022
Michal Konecny <mkonecny at redhat.com>

Hi everyone,

This is a weekly report from the CPE (Community Platform Engineering) 
Team. If you have any questions or feedback, please respond to this 
report or contact us on #redhat-cpe channel on libera.chat 
(https://libera.chat/).

Week: 25th April - 29th April 2022

If you wish to read this in form of a blog post, check the post on 
Fedora community blog:
https://communityblog.fedoraproject.org/cpe-weekly-update-week-17-2022/

# Highlights of the week

## Infrastructure & Release Engineering
Goal of this Initiative
-----------------------
Purpose of this team is to take care of day to day business regarding 
CentOS and Fedora Infrastructure and Fedora release engineering work.
It’s responsible for services running in Fedora and CentOS 
infrastructure and preparing things for the new Fedora release (mirrors, 
mass branching, new namespaces etc.).
The ARC (which is a subset of the team) investigates possible 
initiatives that CPE might take on.
Link to planning board: https://zlopez.fedorapeople.org/I&R-27-04-2022.pdf

Update
------

### Fedora Infra
* Issues sending email from fedoraproject.org -> redhat.com. Finally got 
tls connection reuse working so we didn’t hit their limits.
* FCOS apps (almost) all moved from ocp3->ocp4 clusters
* Cleaned up after a bodhi bug left rawhide updates in limbo.
* Very close to having resultsdb in ocp4 stg working, just some url 
adjustments left hopefully.
* Anitya and the-new-hotness messaging schemas were moved to separate 
repositories
https://github.com/fedora-infra/the-new-hotness-messages
https://github.com/fedora-infra/anitya-messages

### CentOS Infra including CentOS CI
* Deploying RHEL (like Fedora Infra) in infra is [now 
supported](https://pagure.io/centos-infra/issue/739)
* [Duffy testing/fixes](https://pagure.io/centos-infra/issue/712) still 
ongoing
* Openshift upgrade (fixing jenkins image and [sync 
issue](https://pagure.io/centos-infra/issue/728))
* Bussiness As Usual (new tags/mirrors changes requests)



### Release Engineering
* F36 RC composes 1.1 on friday 1.2 yesterday
* Discussion about where container images live and potential move to quay.io



## CentOS Stream
Goal of this Initiative
-----------------------
This initiative is working on CentOS Stream/Emerging RHEL to make this 
new distribution a reality. The goal of this initiative is to prepare 
the ecosystem for the new CentOS Stream.

Updates
-------
* Prototyping CI actions for Stream 9 using Duffy system, awaiting 
onboarding from infra
* New compose released
* Upcoming: Reviewing Stream container and image build processes
* Improvements to the CVE checker have been rolled out
* Fedora ELN is being used as a prototype for SHA-1 removal in Fedora



## CentOS Duffy CI
Goal of this Initiative
-----------------------
Duffy is a system within CentOS CI Infra which allows tenants to 
provision and access bare metal resources of multiple architectures for 
the purposes of CI testing.
We need to add the ability to checkout VMs in CentOS CI in Duffy. We 
have OpenNebula hypervisor available, and have started developing 
playbooks which can be used to create VMs using the OpenNebula API, but 
due to the current state of how Duffy is deployed, we are blocked with 
new dev work to add the VM checkout functionality.

Updates
-------
* Parallelize running provisioning/deprovisioning playbooks
* More testing and minor fixes


## Package Automation (Packit Service)
Goal of this initiative
-----------------------
Automate RPM packaging of infra apps/packages

Updates
-------
* backlog is stocked with plenty of our apps for the time being, more to 
be added as needed
* Expect emails, lots of emails
* fasjson-client, fedora-messaging and datagrepper currently being worked on
* currently able to build in copr, minus some hiccups
* we are currently looking at the best way to version. what are the 
teams thoughts on moving spec files upstream? it makes everything 
cleaner in packit. thoughts on a postcard please



## Flask-oidc: oauth2client replacement
Goal of this initiative
-----------------------
Flask-oidc is a library used across the Fedora infrastructure and is the 
client for ipsilon for its authentication. flask-oidc uses oauth2client. 
This library is now deprecated and no longer maintained. This will need 
to be replaced with authlib.

Updates:
--------
* Currently finding all instances of oauth2client code in the current 
flask-oidc code, mapping functionality to whats available in the authlib 
library.


## EPEL
Goal of this initiative
-----------------------
Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special 
Interest Group that creates, maintains, and manages a high quality set 
of additional packages for Enterprise Linux, including, but not limited 
to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), 
Oracle Linux (OL).

EPEL packages are usually based on their Fedora counterparts and will 
never conflict with or replace packages in the base Enterprise Linux 
distributions. EPEL uses much of the same infrastructure as Fedora, 
including buildsystem, bugzilla instance, updates manager, mirror 
manager and more.

Updates
-------
* EPEL9 up to 2416 source packages (increase of 45 from last week)
* qt5-5.15.3 update in CentOS Stream 8 and 9 has caused [update 
breakages for KDE 
users](https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org/thread/ENI3SYPO7NOVTVDE6FTXB6I5PBOSFQ7D/) 
on those distros (EPEL8 and EPEL9).  Updated packages are being built as 
we speak.
* Unblocked python-aiosignal by adding python-pytest-asyncio to EPEL9.
* Unblocked several openstack packages by adding python-ddt to EPEL9.
* Resolved python-aiohttp installation issue by adding 
python-async-timeout to EPEL9.
* Updated GitPython in EPEL7 to resolve issue with cloning large 
repositories.
* Bump release of python-cheetah in EPEL7 to fix upgrade path from 
python-cheetah in CentOS 7 Extras.
* Updated incompatible updates policy to reduce minimum time in testing 
from 2 weeks to 1 week to match regular updates policy.


Kindest regards,
CPE Team