Please add a new tag for the Proposed Updates SIG:
$sig = sig-proposed-updates $version = 9s, 10s $project = packages $version = main
leading to proposed-updates{9,10}s-packages-main-{candidate,testing,release}. This will be used to hold proposed updates submitted as MRs to CentOS Stream repos. cc @dcavalca who's the SIG sponsor, @jonathanspw the SIG chair.
proposed-updates{9,10}s-packages-main-{candidate,testing,release}
We need the following macros set for the build:
%dist .~proposed.el9
%dist .~proposed.el10
the tilde is to make sure any official build with the same release number would sort higher than the proposed-updates build
e.g.
$ rpmdev-vercmp 1.0.0-2.el9 1.0.0-2.~proposed.el9 1.0.0-2.el9 > 1.0.0-2.~proposed.el9
This should inherit the following external repos for c9s:
centos9s-baseos centos9s-appstream centos9s-crb centos9s-buildroot
and for c10s:
centos10s-baseos centos10s-appstream centos10s-crb centos10s-buildroot
The vendor string should be set to CentOS Proposed Updates SIG.
CentOS Proposed Updates SIG
We also need a GitLab group under https://gitlab.com/CentOS/ - maybe ProposedUpdates - and for members, make jonathanspw and salimma sponsors
And a signing key
Thanks!
This all looks good to me :thumbsup:
This request should be updated with the following parameters:
Tag info:
$sig = proposed-updates
DistTags:
%dist ~proposed.el9
%dist ~proposed.el10
The vendor string should be set to CentOS to match the main distribution so that sticky vendor systems consider these updates equivalent and final updates seamlessly replace these..
CentOS
@ngompa pointed out that we probably want to set the vendor string to be the same as stock CentOS Steam, as otherwise installs using vendor pinning won't be able to seamlessly switch between packages when MRs are merged in Stream proper. Down the road it'd be better to handle this in DNF via vendor equivalencies, but those don't exist yet, so using the same string seems reasonable for the time being.
Metadata Update from @arrfab: - Issue assigned to arrfab
Metadata Update from @arrfab: - Issue tagged with: authentication, cbs, centos-build-pipeline, centos-common-infra, feature-request, high-gain, medium-trouble
@salimma , @dcavalca , @ngompa : I guess it's a new SIG that hasn't been publicly announced (yet) :) (I know there was a proposal about fasttrack SIG last month so I guess it's related)
I can easily create the new tags/targets (and corresponding new SIG gpg key for it) but my only concern is about the name proposed-updates as using dash - isn't following our tags convention and so automation : https://docs.centos.org/centos-sig-guide/cbs/#cbs-sigs-tags-structure
proposed-updates
-
So either use something like proposed_updates or proposedupdates ? Really waiting on your feedback because I need also to create new group in FAS/ACO that would match (for koji/cbs permissions) and so we need to chose now and not later :)
proposed_updates
proposedupdates
As a summary :
CentOS <name> SIG
Happy to work on in as soon as I'll have the needed info (seems to be just the SIG name
@salimma , @dcavalca , @ngompa : I guess it's a new SIG that hasn't been publicly announced (yet) :) (I know there was a proposal about fasttrack SIG last month so I guess it's related) I forgot to mention that - but yes, this is the (proposed) SIG formerly known as Fast Track, which got approved yesterday but the bikeshedding process (because people have qualms about what Fast Track connotes) resulted in proposed updates being the consensus instead. Bonus point: it is used by Debian and Ubuntu for similar use cases so that helps align expectations I can easily create the new tags/targets (and corresponding new SIG gpg key for it) but my only concern is about the name proposed-updates as using dash - isn't following our tags convention and so automation : https://docs.centos.org/centos-sig-guide/cbs/#cbs-sigs-tags-structure Good catch, thanks So either use something like proposed_updates or proposedupdates ? proposed_updates seems more readable, otherwise it starts reading like German Really waiting on your feedback because I need also to create new group in FAS/ACO that would match (for koji/cbs permissions) and so we need to chose now and not later :)
I forgot to mention that - but yes, this is the (proposed) SIG formerly known as Fast Track, which got approved yesterday but the bikeshedding process (because people have qualms about what Fast Track connotes) resulted in proposed updates being the consensus instead. Bonus point: it is used by Debian and Ubuntu for similar use cases so that helps align expectations
I can easily create the new tags/targets (and corresponding new SIG gpg key for it) but my only concern is about the name proposed-updates as using dash - isn't following our tags convention and so automation : https://docs.centos.org/centos-sig-guide/cbs/#cbs-sigs-tags-structure Good catch, thanks
So either use something like proposed_updates or proposedupdates ? proposed_updates seems more readable, otherwise it starts reading like German
Really waiting on your feedback because I need also to create new group in FAS/ACO that would match (for koji/cbs permissions) and so we need to chose now and not later :)
To verify - for FAS/ACO this will then be sig-proposed_updates right? Since for Hyperscale it's hyperscale tag / sig-hyperscale group
sig-proposed_updates
hyperscale
sig-hyperscale
As a summary : creating new SIG group (with name to be defined here) with two sponsors new SIG key to be added in signing and also pub key exported to website creating new cbs/koji tags/targets inheriting that new group/new key (and modifying dist macro to be CentOS and not CentOS <name> SIG (which was requested by default for SIGs in cbs) Happy to work on in as soon as I'll have the needed info (seems to be just the SIG name
Plus the tag for packages should not have the leading dot, as @ngompa noted. Just ~proposed.el9 / ~proposed.el10
~proposed.el9
~proposed.el10
Thanks Fabian!
Yes, dist tags can be set to whatever we want, as it's a koji parameter, but for the rest it's all inherited everywhere (including for which key to use, where to push etc) So if you all agree on proposed_updates , I'll go with that (still waiting for more +1 from new SIG, hopefully getting announce about it soon) :)
Metadata Update from @arrfab: - Issue priority set to: Waiting on External (was: Needs Review)
I'm ok with proposed_updates here
+1
Also please give @jonathanspw permissions to build inside the extras tag for the release package
For reference, https://git.centos.org/centos/board/issue/130 was the board approval ticket for the SIG.
Thanks for the confirmation and link :) I'd like to take this opportunity to work on this with @gwmngilfen but due to to conflicting meetings for the two of us, we'll just do work in pairing mode next Monday , on all needed aspects (IPA groups/aliases/gpg key/new koji tags/etc)
Created :
* Checking distribution el9s configuration... -> Checking proposed_updates config... Creating user : proposed_updates Using default options for proposed_updates/packages Creating tag : proposed_updates9s-packages-main-candidate Creating tag : proposed_updates9s-packages-main-testing Creating tag : proposed_updates9s-packages-main-release -> creating proposed_updates9s-packages-main-el9s Added external repo centos9s-baseos to tag proposed_updates9s-packages-main-el9s-build (priority 5) Added external repo centos9s-appstream to tag proposed_updates9s-packages-main-el9s-build (priority 10) Added external repo centos9s-crb to tag proposed_updates9s-packages-main-el9s-build (priority 15) Added external repo centos9s-buildroot to tag proposed_updates9s-packages-main-el9s-build (priority 20) * Checking distribution el10s configuration... -> Checking proposed_updates config... Using default options for proposed_updates/packages Creating tag : proposed_updates10s-packages-main-candidate Creating tag : proposed_updates10s-packages-main-testing Creating tag : proposed_updates10s-packages-main-release -> creating proposed_updates10s-packages-main-el10s Added external repo centos10s-baseos to tag proposed_updates10s-packages-main-el10s-build (priority 5) Added external repo centos10s-appstream to tag proposed_updates10s-packages-main-el10s-build (priority 10) Added external repo centos10s-crb to tag proposed_updates10s-packages-main-el10s-build (priority 15) Added external repo centos10s-buildroot to tag proposed_updates10s-packages-main-el10s-build (priority 20)
https://gitlab.com/CentOS/proposed_updates is also created, and mapped to new https://accounts.centos.org/group/sig-proposed_updates/ group that was also created.
Can you verify that you have all the needed info, and verify that it's working fine for you in cbs/koji and then close the ticket please ? FWIW, new gpg key was created and pushed to https://www.centos.org/keys/#proposed-updates-sig
Forgot to mention also that @jonathanspw is part of the extras group to let him tag -release packages to extras-common
Thank you! I was off yesterday, will try today
Looks like - @jonathanspw is marked as a sponsor in ACO but somehow doesn't show as a member in gitlab.com/CentOS/proposed_updates. I added him manually - I'm not marked as a sponsor in ACO, @arrfab can you make me one? Thanks
@jonathanspw is marked as a sponsor in ACO but somehow doesn't show as a member in gitlab.com/CentOS/proposed_updates. I added him manually
This shouldn't be necessary, membership is updated whenever one reauths on gitlab.
yes please : don't manually add gitlab individual accounts rights here and there .. otherwise, why are we just even trying to use FAS/ACO groups ? ;-) @salimma : also your request was about @jonathanspw being the chair but I don't see anywhere that you also wanted to be one ;-)
apologies, I forgot to mention that - Jonathan is the chair for the new SIG, I'm co-chair so in practice we both should probably have sponsor permissions. Thanks!
yeah, you're now added too as sponsor
Closing as all work was done
Metadata Update from @arrfab: - Issue close_status updated to: Fixed with Explanation - Issue status updated to: Closed (was: Open)
Haven't got round to publishing cento sure leased proposed_updates yet, I will reopen if it turns out I don't have the permission to publish. Can confirm everything else seems to work
Typing on mobile... I meant cento sure leased proposed_updates
centos-release-proposed_updates
Log in to comment on this ticket.