[CentOS-devel] CPE Weekly Update – Week 24 2022

Fri Jun 17 10:15:45 UTC 2022
Michal Konecny <mkonecny at redhat.com>

Hi everyone,

This is a weekly report from the CPE (Community Platform Engineering) 
Team. If you have any questions or feedback, please respond to this 
report or contact us on #redhat-cpe channel on libera.chat 
(https://libera.chat/).

Week: 13th - 17th June 2022

If you wish to read this in form of a blog post, check the post on 
Fedora community blog:
https://communityblog.fedoraproject.org/cpe-weekly-update--week-24-2022/

# Highlights of the week

## Infrastructure & Release Engineering
Goal of this Initiative
-----------------------
Purpose of this team is to take care of day to day business regarding 
CentOS and Fedora Infrastructure and Fedora release engineering work.
It’s responsible for services running in Fedora and CentOS 
infrastructure and preparing things for the new Fedora release (mirrors, 
mass branching, new namespaces etc.).
The ARC (which is a subset of the team) investigates possible 
initiatives that CPE might take on.
Link to planning board: https://zlopez.fedorapeople.org/I&R-2022-06-15.pdf
Link to docs: https://docs.fedoraproject.org/en-US/infra/

Update
------

### Fedora Infra
* Resultsdb almost moved to ocp4 in prod, just a few parts to finish 
(Thanks Leo!)
* Ocp4 cluster now on our vpn, so all proxies can reach apps (thanks 
darknao!)
* Wiki upgrade looking good in staging, prod to come (thanks ryan!)
* Some more vm’s to f36
* About 50% done moving apps to ocp4.
* Image builder prod move blocked due to firewall issues

### CentOS Infra including CentOS CI
* https://git.centos.org went live last monday
* Trying to resume discussion with RH IT for Stream storage migration
* New CI infra deployment tasks to be ready
* https://lists.centos.org/pipermail/ci-users/2022-June/004547.html

### Release Engineering
* ELN composes were broken over the weekend because of ODCS backend / 
front end version mismatch
* Nodejs-sig removed as the default assignee on a bunch of components in BZ
* we have discovered workflow in bodhi that locks update in a weird 
state more info https://github.com/fedora-infra/bodhi/issues/4566


## CentOS Stream
Goal of this Initiative
-----------------------
This initiative is working on CentOS Stream/Emerging RHEL to make this 
new distribution a reality. The goal of this initiative is to prepare 
the ecosystem for the new CentOS Stream.

Updates
-------
* We imported all RPMs for modules (CentOS Stream 8) to the shared 
buildsystem
* All sources imported to GitLab (CentOS Stream 8)


## CentOS Duffy CI
Goal of this Initiative
-----------------------
Duffy is a system within CentOS CI infrastructure allowing tenants to 
provision and access machines (physical and/or virtual, of different 
architectures and configurations) for the purposes of CI testing. 
Development of Duffy is largely finished, we're currently planning and 
testing deployment scenarios.

Updates
-------
* Test and polish `duffy client …` experience
* Docs and CentOS Dojo talk prep


## Package Automation (Packit Service)
Goal of this initiative
-----------------------
Automate RPM packaging of infra apps/packages

Updates
-------
* Almost finished, only mirrormanager2 remaining from our critical apps 
on Github
* Couple of outliers (fasjson, flask-mod-auth) need downstream repos created
* Datanommer.models manually packaged so datagrepper can be automated
* Noggin now fully automated


## Flask-oidc: oauth2client replacement
Goal of this initiative
-----------------------
Flask-oidc is a library used across the Fedora infrastructure and is the 
client for ipsilon for its authentication. flask-oidc uses oauth2client. 
This library is now deprecated and no longer maintained. This will need 
to be replaced with authlib.

Updates:
--------
* Working [poc 
app](https://app-flask-oidc-dev.apps.ocp.stg.fedoraproject.org/oidc/) 
which authenticates against noggin/ipa using authlib and OIDC.
* Working on an upstream PR with the working code now.


## EPEL
Goal of this initiative
-----------------------
Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special 
Interest Group that creates, maintains, and manages a high quality set 
of additional packages for Enterprise Linux, including, but not limited 
to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), 
Oracle Linux (OL).

EPEL packages are usually based on their Fedora counterparts and will 
never conflict with or replace packages in the base Enterprise Linux 
distributions. EPEL uses much of the same infrastructure as Fedora, 
including buildsystem, bugzilla instance, updates manager, mirror 
manager and more.

Updates
-------
* This week we have 6315 (+297)  packages, from 2806 (+76) source packages
* [XFCE now available in 
epel9-testing](https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-5fe886dfa9)
* Removed epel9 packages that were included in rhel9.0
* oniguruma: [backported 
fix](https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-a9236c0113) 
for CVE-2019-13225 (moderate) from rhel8 to epel7
* drbd: pull request to [switch pacemaker dependency from requires to 
recommends](https://src.fedoraproject.org/rpms/drbd/pull-request/2) to 
comply with policy


Kindest regards,
CPE Team