#9364 drop fedora-release and fedora-repos from the secure-boot channel
Closed: Fixed 2 years ago by mohanboddu. Opened 2 years ago by zbyszek.

Please drop fedora-release and fedora-repos from the secure-boot channel.

  • When do you need this? (YYYY/MM/DD)
    When convenient.

  • When is this no longer needed or useful? (YYYY/MM/DD)

  • If we cannot complete your request, what is the impact?

It was explicitly added I believe due to signing around licenses

I already did this during the meeting.

@pbrobinson do you have any more info on that? Or perhaps @ausil could chime in?

I don't see how licenses affect it... but I could be missing some history.

I think it was @spot that had it added to the signing channel, it wasn't that long ago.

It was added by @ausil in 2013. (In the puppet repo no less :)

commit a3fe73e7431ed921877b6fac02f9eb0e1e9e21b7
Author: Dennis Gilmore ausil@fedoraproject.org
Date: Wed Aug 21 05:52:34 2013 +0000

add fedora-release to the secure-boot channel

It's a pity we have not put the reasoning to the commit message.

From irc:

[14:19:00] <dgilmore> We never actually implemented the thing we were going to do that required the packages be in secure-boot
[14:19:31] <cverna> oh one quick thing, review-stats now runs in openshift and everything seems to work well :)
[14:19:52] <dgilmore> we were going to tie the release keys to the secure boot key
[14:19:59] <dgilmore> for end to end verification
[14:20:27] <nirik> dgilmore: ah ha. I knew there was some further reason
[14:20:51] <nirik> we can add em back if we ever do that

Closing this ticket for now and we can add them back to secure-boot when we decide to work on it.

Metadata Update from @mohanboddu:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

Just to confirm: is it possible for any proven packager to build and tag fedora-release now?

Login to comment on this ticket.