sig_core
/
meta
8
0
Issues 14 Pull Requests Projects 5 Releases Wiki Activity

[SIG] Request for SIG Release Package: Security #12

New Issue
Closed
opened 2023-09-09 19:16:57 +00:00 by solardiz · 4 comments
solardiz commented 2023-09-09 19:16:57 +00:00
Copy Link

Introduction

Hello, I am Solar Designer (solardiz on Mattermost, active on ~Security since August 2023) and I am requesting a release package for the Special Interest Group "Security".

Details

SIG existed before formal process, so there is no release package yet.

The Peridot projects are:
r8 - https://peridot.build.resf.org/41baa8a8-7dbe-46fe-9f0b-4e2420372bbc/
r9 - https://peridot.build.resf.org/041a90b2-51f5-44a4-8be8-b2905c1ad95b/

Checklist

Addressing other questions from the guide:

How many repositories - By default a "common" repository is assigned.

1 - just "common" for now.

Do you plan on having multiple versions of some software? (example: ceph, glusterfs)

Have no such plans currently.

Do you plan on having a separate modularity repository?

What does this mean? I guess not.

What major releases? (eg, are you only building for 9?)

8 and 9.

Other comments you feel will be necessary for Release Engineering to be aware of

The repos are already tested and working, including with GPG keys.

## Introduction Hello, I am Solar Designer (solardiz on Mattermost, active on ~Security since August 2023) and I am requesting a release package for the Special Interest Group "Security". ## Details SIG existed before formal process, so there is no release package yet. The Peridot projects are: r8 - https://peridot.build.resf.org/41baa8a8-7dbe-46fe-9f0b-4e2420372bbc/ r9 - https://peridot.build.resf.org/041a90b2-51f5-44a4-8be8-b2905c1ad95b/ ## Checklist - [X] I have read the [Special Interest Group Guide](https://wiki.rockylinux.org/special_interest_groups/sig_guide/) Addressing other questions from the guide: > How many repositories - By default a "common" repository is assigned. 1 - just "common" for now. > Do you plan on having multiple versions of some software? (example: ceph, glusterfs) Have no such plans currently. > Do you plan on having a separate modularity repository? What does this mean? I guess not. > What major releases? (eg, are you only building for 9?) 8 and 9. > Other comments you feel will be necessary for Release Engineering to be aware of The repos are already tested and working, including with GPG keys.
solardiz added the
SIG_Request
 label 2023-09-09 19:16:57 +00:00
solardiz commented 2023-09-09 20:41:47 +00:00
Author
Copy Link

8:

# cat /etc/yum.repos.d/rocky-security.repo
[rocky-security]
name=Rocky Linux 8 - SIG/Security
baseurl=https://yumrepofs.build.resf.org/v1/projects/41baa8a8-7dbe-46fe-9f0b-4e2420372bbc/repo/security-common/$basearch/
priority=98
gpgcheck=1
enabled=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-8-Security
# curl -O https://yumrepofs.build.resf.org/v1/projects/41baa8a8-7dbe-46fe-9f0b-4e2420372bbc/repo/all/x86_64/RPM-GPG-KEY
# mv RPM-GPG-KEY /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-8-Security

9:

# cat /etc/yum.repos.d/rocky-security.repo
[rocky-security]
name=Rocky Linux 9 - SIG/Security
baseurl=https://yumrepofs.build.resf.org/v1/projects/041a90b2-51f5-44a4-8be8-b2905c1ad95b/repo/security-common/$basearch/
priority=98
gpgcheck=1
enabled=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9-Security
# curl -O https://yumrepofs.build.resf.org/v1/projects/041a90b2-51f5-44a4-8be8-b2905c1ad95b/repo/all/x86_64/RPM-GPG-KEY
# mv RPM-GPG-KEY /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9-Security
8: ``` # cat /etc/yum.repos.d/rocky-security.repo [rocky-security] name=Rocky Linux 8 - SIG/Security baseurl=https://yumrepofs.build.resf.org/v1/projects/41baa8a8-7dbe-46fe-9f0b-4e2420372bbc/repo/security-common/$basearch/ priority=98 gpgcheck=1 enabled=1 metadata_expire=6h gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-8-Security # curl -O https://yumrepofs.build.resf.org/v1/projects/41baa8a8-7dbe-46fe-9f0b-4e2420372bbc/repo/all/x86_64/RPM-GPG-KEY # mv RPM-GPG-KEY /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-8-Security ``` 9: ``` # cat /etc/yum.repos.d/rocky-security.repo [rocky-security] name=Rocky Linux 9 - SIG/Security baseurl=https://yumrepofs.build.resf.org/v1/projects/041a90b2-51f5-44a4-8be8-b2905c1ad95b/repo/security-common/$basearch/ priority=98 gpgcheck=1 enabled=1 metadata_expire=6h gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9-Security # curl -O https://yumrepofs.build.resf.org/v1/projects/041a90b2-51f5-44a4-8be8-b2905c1ad95b/repo/all/x86_64/RPM-GPG-KEY # mv RPM-GPG-KEY /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9-Security ```
label commented 2023-09-09 20:42:08 +00:00
Owner
Copy Link

https://git.rockylinux.org/staging/src/rocky-release-security - release package. key was added three days ago. this will be built and released when SIG is ready to release packages and builds.

https://git.rockylinux.org/staging/src/rocky-release-security - release package. key was added three days ago. this will be built and released when SIG is ready to release packages and builds.
label closed this issue 2023-09-09 20:42:09 +00:00
solardiz commented 2023-09-09 20:50:30 +00:00
Author
Copy Link

Thank you, @label! Reviewing https://git.rockylinux.org/staging/src/rocky-release-security I see the repo config is missing priority=98 (in both branches), which I think is needed for our RHEL override packages. The base repo is apparently at priority 99.

this will be built and released when SIG is ready to release packages and builds.

Is it not ready yet? If so, what else should happen first?

Thank you, @label! Reviewing https://git.rockylinux.org/staging/src/rocky-release-security I see the repo config is missing `priority=98` (in both branches), which I think is needed for our RHEL override packages. The base repo is apparently at priority 99. > this will be built and released when SIG is ready to release packages and builds. Is it not ready yet? If so, what else should happen first?
solardiz commented 2023-09-09 20:55:30 +00:00
Author
Copy Link

I see the repo config is missing priority=98 (in both branches), which I think is needed for our RHEL override packages.

Looks like I was wrong. I've just retested with priority=98 removed and it still works. I guess that was unneeded - it predates a fix we made to package naming (the el9_2 thing). So the package should be fine as-is.

> I see the repo config is missing `priority=98` (in both branches), which I think is needed for our RHEL override packages. Looks like I was wrong. I've just retested with `priority=98` removed and it still works. I guess that was unneeded - it predates a fix we made to package naming (the `el9_2` thing). So the package should be fine as-is.
Sign in to join this conversation.
main
Branches Tags
Clear current reference
main
Clear current reference
Labels
Clear labels   
Discussion

   
FTBFS

   
Meeting

   
OS_Development

   
Research

   
SIG_Proposal

   
SIG_Request
No Label
Discussion
FTBFS
Meeting
OS_Development
Research
SIG_Proposal
SIG_Request
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sig_core/meta#12
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?