* Dependencies are now installed with best=1
* rpmutils.NVR is now equal to srpmproc's rpmutils.Nvr
* Add support for cloning a project and swapping target project builds on top
* Side NVR repos are now faster to create
* Module builds now support side NVRs
* Side NVRs now support multiple builds of a certain version
* ListBuilds now properly supports filters
* yumrepofsupdater now runs on a better node pool
* Upgrade srpmproc to v0.4.3
* kubernetes.jsonnet now supports node pool placements
* Modulemds are now copied properly to avoid accidental pointer overrides that propagated back to unrelated Mds
* rpmimport now properly imports SRPMs and doesn't fail randomly
* Yumrepofs now properly adds module defaults in non-all repos
* Yumrepofs now properly swaps older module artifacts
* Yumrepofs now properly replaces non-project artifacts after a clone swap
* Added additional logging to yumrepofs
There was a bug in module mode where debuginfo+src would not get replaced correctly. That is now fixed. Additional changes to module artifact detection is also made after the build merge solution was implemented. Previously src.rpms could be collapsed because of multiple src.rpms in one build, leading to non-devel artifacts being placed in devel. That is also fixed with this.
Current behavior sets active package version in repo for all projects even though yumrepofs is only updating for a specific project. This fixes it by only setting active package version in repo for that specific version in that specific project.
Previously there was an outer query to further filter using CVEs and keyword, but that broke the pagination. All filtering is now moved to the inner layer and the outer layer has been removed. Also add search by advisory name.
Earlier srpmproc versions have a bug with VRE matching. The regex used to match the NVR was actually formed to match NVRA. This is generally not harmful, but NVRs that has an extra dot something in Release can throw off this regex into thinking that the dist is actually the arch.
When polling RH Errata, Apollo sets the last sync date to the first advisory we process (advisories are synced in descending order). If a failure happens while processing newer advisories, the sync is already set and the system skips over advisories it has NOT yet processed.
This PR sets the mirror state in a parent transaction, then commits that transaction if no failures occur. Skipping advisories when an error occurs is also reworked, where the first failure fails the workflow. The workflow will retry on its normal schedule.
Previously Keykeeper had a faulty verify check, where `rpm --checksig` didn't actually work because the RPM key was never imported. This would normally be caught but the TaskSignature creation was done after every signature without a transaction. That led to the activity succeeding next launch with either a faulty signed RPM or a correctly signed RPM.
We caught all instances of this by verifying signature of all artifacts during compose, but it was an annoying problem that we would run into occasionally. This should fix that.
Neil Hanlon
Mustafa Gezen
resf-prow[bot]
Ted Adams