Dist-git for Copr

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,
we (the Copr team) would like to allow uploading of source RPM to Copr. It seems that best way is to utilize dist-git [1]. Then Copr will fetch sources and spec file from dist-git and build SRC.RPM the same as Koji does now. And hopefuly you will be able to use fedpkg to interact with Copr.
I see two options available: Copr will have its own dist-git instance or we will share dist-git together with Fedora. There are pros and cons for both and I would like to summarize it. 

1) Copr will have its own dist-git instance
Pros:
 * no possible conflicts with Fedora
* installation of dist-git is tracken in ansible playbook in infra.git, so it should be straightforward (although Pavol Babincak - current maintainer of dist-git - claimed he had hard times to reproduce the installation) 
Cons:
 * require additional machine (Fedora currently use 8GB RAM + 2 GB swap and 1 TB of disk)
* and additional maintance (although Pavol Babincak claims that there are no problems with running instance, he barely need to touch it) 

2) Copr will share dist-git with Fedora
Pros:
 * no maintenance of new machine
 * a lot of source are same and shared in look-aside cache (less data stored)
* technically easily possible. E.g. for package 'rpm' in Copr project msuchy/foo we can create branch 'msuchy/foo' of dist-git 'rpm'. There are separate ACLs for each branch, so owner of 'msuchy/foo' branch could not affect branch 'f20' and vice versa. 
Cons:
* dist-git use MD5 for checksum [2] therefore it can be practicaly possible to find collision with existing tar.gz and upload new version and Koji will use that file instead. * Koji currently build from given SHA of commit of dist git and does not check if it is in correct branch. Therefore it can be theoreticaly possible to submit to Koji build from Copr branch. Afaik you still have to have ACL for that given branch in Fedora, so only Fedora package maintainer can do that and he obviously have no reason for that, but still... technicaly possible. 
* Legal differences - users of Copr does not have to belong to CLA_DONE group. Can it make some problems? I do not know.
Pavol suggested us to have our own instance. But I know there are a lot of people from infra, legal and other team, who can add something insightful before we start working on this. 

[1] Although I heard one voice saying we should move from home brew code to more standardized git-annex
[2] move to SHA is work in progress https://fedorahosted.org/rel-eng/ticket/5846

--
Miroslav Suchy, RHCE, RHCDS
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux