-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/04/2013 03:52 PM, Matt_Domsch@xxxxxxxx wrote: > FESCo would have to change their rules prohibiting shipping > non-official repo files in the main repository. Assuming that > political battle is successful… We (FESCo) seemed to be fairly agreed on that point (wrt COPR) if we can solve the technical issues that Kevin brought up in this thread. > > I think signing must be done by the copr creator (personally). > > As each copr repo is independently timed and created, I’d be OK > with a frequently scheduled rsync that pulls all coprs and drops > them into the master mirrors, for downstreams to pick up at will. > Probably in the pub/alt tree please. That will minimize the # of > mirrors that are looking for them too. > We don't want to do ALL COPRs. There will definitely be a hierarchy. At the FESCo meeting, we had the general sense that we would only want to allow a limited set that FESCo has approved be available in the main repo. > I think the purgatory problem is one for each copr to decide. Some > may be bleeding edge, some may be backports of good stuff that > changes infrequently. > > I’d say _/no/_ to the meta-repo, for exactly the above reasons, and > so 2 coprs may conflict and/or compete. That’s their right. > Exactly; hence the need for a FESCo approval to elevate one repo to "acceptable to have a repo-providing RPM in the main Fedora repositories". > -- Matt Domsch Distinguished Engineer, Director Dell | Software > Group > > > > -----Original Message----- From: > infrastructure-bounces@xxxxxxxxxxxxxxxxxxxxxxx > [mailto:infrastructure-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf > Of Kevin Fenzi > > Sent: Wednesday, December 04, 2013 2:20 PM To: > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Subject: Some questions > around coprs > > So, at todays fesco meeting there was some discussion about coprs. > http://meetbot.fedoraproject.org/meetbot/fedora-meeting/2013-12-04/fesco.2013-12-04-17.59.log.html#l-52 > > > > In particular some folks want to be able to ship copr repo files in > the main Fedora repository. This would allow users to easily > install software from there without having to discover how to > enable it. > > However, copr packages are not signed or mirrored currently. > > So, this brings up thoughts around if we can somehow sign them, and > how we could mirror them, or even if we want to go down this road > at all. > > (as it seems like not a use case copr's was designed for anyhow). > > So: > > 1. Do we even want to persue this? > > 2. If so, do we have any ideas how signing copr packages could > work? > > 3. Mirroring doesn't seem like it would be that hard, just rsync > off the repos and push them out in our regular mirroring system. > Could be a fair bit of churn tho, and there's no set schedule, so > we would have to decide on frequency, etc. > > 4. If coprs moves to being inside koji, could we at that point have > a better time with these needs? > > 5. Perhaps we could propose some kind if pergatory type setup > between coprs (experemental, just builds, may set your house on > fire, may update incompatibly every day) and fedora repository > packages (with all the updates guidelines, reviews, etc). > > Thoughts? comments? > > Possibly related to this: I wonder if copr could grow a 'meta > repo' that has all the repodata of all existing coprs. Then you > could just enable one thing and be able to install any coprs? > > kevin > > > > _______________________________________________ infrastructure > mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/infrastructure > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlKgdUYACgkQeiVVYja6o6PQsACfdcxttqo0tFG07TYDjUNP4YCv 5w0An1KlbvjEZLxSWU5H0pG6Go97EgZz =26mQ -----END PGP SIGNATURE----- _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
