[CentOS-devel] CPE Weekly Update – Week 20 2022

Fri May 20 10:04:53 UTC 2022
Michal Konecny <mkonecny at redhat.com>

Hi everyone,

This is a weekly report from the CPE (Community Platform Engineering) 
Team. If you have any questions or feedback, please respond to this 
report or contact us on #redhat-cpe channel on libera.chat 
(https://libera.chat/).

Week: 16th May - 20th May 2022

If you wish to read this in form of a blog post, check the post on 
Fedora community blog:
https://communityblog.fedoraproject.org/cpe-weekly-update---week-20-2022/

# Highlights of the week

## Infrastructure & Release Engineering
Goal of this Initiative
-----------------------
Purpose of this team is to take care of day to day business regarding 
CentOS and Fedora Infrastructure and Fedora release engineering work.
It’s responsible for services running in Fedora and CentOS 
infrastructure and preparing things for the new Fedora release (mirrors, 
mass branching, new namespaces etc.).
The ARC (which is a subset of the team) investigates possible 
initiatives that CPE might take on.
Link to planning board: https://zlopez.fedorapeople.org/I&R-2022-05-18.pdf

Update
------

### Fedora Infra
* Fedora Media Writer 5.0.1 is live/done for both windows and macos!
* Email from @redhat.com users to @fedoraproject.org users who use gmail 
is broken due to SPF changes on rh side. [INC2210845 
](https://redhat.service-now.com/surl.do?n=INC2210845)
* Switched to linux-system-roles.nbde_client (automatically unlocking 
encrypted devices via network) role from our home grown incomplete one 
after working thru a dracut bug in RHEL8.3+
* RHEL9 content synced and already switched epel9 to use it.
* Mass update/reboot in progress, outage later today to finish.

### CentOS Infra including CentOS CI
* CentOS Stream storage migration spike (Netapp for nfs/iscsi) (ongoing)
* Duffy fixes and tests (ec2 provisioning working)
* Git.centos.org pagure upgrade/migration (blocked, waiting on internal 
Red Hat Team)
* 9 stream build targets on cbs/koji now consuming centos9s-buildroot 
repositories straight from upstream kojihub for Stream 9 (no latency)
* Business as usual (mirrors, tags)

### Release Engineering
* Archiving older releases
* Updating the EOL release date will be part of the release schedule

### Any Other Bussiness
* All the zuul jobs are now migrated to [centralized 
repository](https://pagure.io/fedora-infra/zuul)


## CentOS Stream
Goal of this Initiative
-----------------------
This initiative is working on CentOS Stream/Emerging RHEL to make this 
new distribution a reality. The goal of this initiative is to prepare 
the ecosystem for the new CentOS Stream.

Updates
-------
* Changes to the c8s module migration code to automatically filter to 
modules that are released.
* Migration of packages to new c8s infrastructure is moving along.
* Fixing the ELN Everything installer.


## CentOS Duffy CI
Goal of this Initiative
-----------------------
Duffy is a system within CentOS CI Infra which allows tenants to 
provision and access bare metal resources of multiple architectures for 
the purposes of CI testing.
We need to add the ability to checkout VMs in CentOS CI in Duffy. We 
have OpenNebula hypervisor available, and have started developing 
playbooks which can be used to create VMs using the OpenNebula API, but 
due to the current state of how Duffy is deployed, we are blocked with 
new dev work to add the VM checkout functionality.

Updates
-------
* Deployment: apply database schema migrations
* Test per tenant quotas and provisioning on EC2


## Package Automation (Packit Service)
Goal of this initiative
-----------------------
Automate RPM packaging of infra apps/packages

Updates
-------
* Mostly business as usual, lots of dependencies
* A fair amount of manual packaging needs to happen for most of our 
applications first
* Reducing a lot of dependency pinning
* Unfortunately packit [doesn’t support 
monorepos](https://github.com/packit/packit/issues/1543) at the moment 
so Bodhi and Datanommer will be blocked until they do. It’s on their 
roadmap.
* scoady pto for ~2 weeks


## Flask-oidc: oauth2client replacement
Goal of this initiative
-----------------------
Flask-oidc is a library used across the Fedora infrastructure and is the 
client for ipsilon for its authentication. flask-oidc uses oauth2client. 
This library is now deprecated and no longer maintained. This will need 
to be replaced with authlib.

Updates:
--------
* Starting to 
[implement](https://github.com/fedora-infra/test-auth/blob/authlib_dev/test_auth/flask_oidc.py) 
flask-oidc api using authlib.


## EPEL
Goal of this initiative
-----------------------
Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special 
Interest Group that creates, maintains, and manages a high quality set 
of additional packages for Enterprise Linux, including, but not limited 
to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), 
Oracle Linux (OL).

EPEL packages are usually based on their Fedora counterparts and will 
never conflict with or replace packages in the base Enterprise Linux 
distributions. EPEL uses much of the same infrastructure as Fedora, 
including buildsystem, bugzilla instance, updates manager, mirror 
manager and more.

Updates
-------
* epel9 up to 2616 source packages (increase of 48 from last week).
* Completed transition of epel9 from building against c9s snapshot to 
building against rhel9.
* Retired multiple epel8 packages that were added in rhel8.6.
* [Identified and 
reported](https://bugzilla.redhat.com/show_bug.cgi?id=2084131) version 
mismatch between c9s gcc and gcc-epel in epel9, working with maintainer 
to provide a compatible version in epel9-next.
* [Ansible rebased to version 5 in 
epel8](https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-67f52f0700) 
(major update) and [added to 
epel9](https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-73e215eb5c).

Kindest regards,
CPE Team