On Thu, Feb 11, 2021 at 10:19:25AM +0100, Pavel Raiskup wrote: > On Wednesday, February 10, 2021 2:49:00 PM CET Pavel Raiskup wrote: > > On Wednesday, February 10, 2021 12:29:51 AM CET Kevin Fenzi wrote: > > > On Tue, Feb 09, 2021 at 06:19:41PM -0500, Mohan Boddu wrote: > > > > On Mon, Feb 8, 2021 at 7:18 PM Petr Menšík <pemensik@xxxxxxxxxx> wrote: > > > > > > > > > > Hi, > > > > > > > > > > I were unable to find time in the schedule, at which the new F35 GPG key > > > > > would be activated to sign new builds. > > > > > > > > It will be done a week before mass branching, but we are thinking of > > > > doing it a bit earlier to give more time. > > > > > > I think we should make the f36 key right now and add it to fedora-repos > > > and push it out to all branches. Then, when we get to f35 branching, we > > > make the f37 key (ie, we stay 6 months ahead). > > > > > > This way everyone has the new key already and there's no scrambling. > > > > > > (or this week, doesn't have to be today, just soon) > > > > Yes please! Something along those lines was proposed before, because it > > significantly eases mock maintenance during the branching period. E.g. > > now, at the time of F34 branching we already have released > > mock-core-configs (check updates-testing) with new F35 configuration and > > everything should be working. > > > > Sure, temporarily, the fedora-34-x86_64 chroot builds against 34 repos > > (still equivalent to rawhide), fedora-35-x86_64 config is symlink to > > rawhide, and builds against rawhide (still f34). So the only thing users > > will observe that 'fedora-rawhide-*' and 'fedora-35-*' are temporarily > > producing RPMs with fc34 %dist tag and this will automatically change once > > the mirrors are updated. > > > > It works now because the gpg keys have been generated a bit in advance for > > a few last fedora releases (in copr team we try to notify administrators > > to do that), but having it 6 months in advance will be better (less rush). > > I think we should dump this to the branching policy/howto documents so we > > don't have to manually track that. Finally, if we could document there > > that updated distribution-gpg-keys and mock-core-configs packages should > > be released, it would be an awesome help ... > > And we forgot to bump one configuration option in mock-core-configs, which > eventually broke the fluent branching process in mock. The related mock failure > looks like this: > > >> [SKIPPED] zlib-1.2.11-24.fc34.x86_64.rpm: Already downloaded > >> warning: /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1613034650.541875/root/var/cache/dnf/fedora-2d95c80a1fa0a67d/packages/fedora-gpg-keys-35-0.1.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 9867c58f: NOKEY > >> fedora 1.6 MB/s | 1.6 kB 00:00 > >> GPG key at file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-34-primary (0x45719A39) is already installed > >> fedora 1.6 MB/s | 1.6 kB 00:00 > >> GPG key at file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-34-primary (0x45719A39) is already installed > > > I've just wrapped a new mock-core-configs release which has the fix, and updated > the builds in bodhi updates. Hmm, I still see a failure: warning: /var/lib/mock/fedora-rawhide-x86_64-bootstrap/root/var/cache/dnf/fedora-2d95c80a1fa0a67d/packages/fedora-gpg-keys-35-0.1.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 9867c58f: NOKEY fedora 1.6 MB/s | 1.6 kB 00:00 GPG key at file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-34-primary (0x45719A39) is already installed fedora 1.6 MB/s | 1.6 kB 00:00 GPG key at file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-34-primary (0x45719A39) is already installed fedora 1.6 MB/s | 1.6 kB 00:00 GPG key at file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-33-primary (0x9570FF31) is already installed The GPG keys listed for the "fedora" repository are already installed but they are not correct for this package. Check that the correct key URLs are configured for this repository.. Failing package is: fedora-gpg-keys-35-0.1.noarch $ rpm -q mock-core-configs mock-core-configs-34-1.fc33.noarch Zbyszek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
