Re: Intent to retire containerd in EPEL 7 and co-maintainer request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jun 9, 2022 at 6:55 PM Stewart Smith via devel
<devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
>
> Maxwell G via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> writes:
> > Hi everyone,
> >
> > I have been de-facto maintaining containerd in Fedora as a member of the go-
> > sig for a little while now, as the previous maintainer no longer has time to
> > do. In addition to the Fedora branches, this package also exists on EPEL 7.
> > That branch has not been maintained for a while and has unpatched CVEs. I am
> > not interested in maintaining it myself, so unless someone steps up to
> > maintain it and fix the vulnerabilities, I will retire the package from EPEL 7
> > in a week from today, on June 15th.
>
> Specifically on this, I'd love to say that someone at Amazon could help
> here, especially considering we're not too distant from CentOS 7 for a
> bunch of Amazon Linux 2. Unfortunately I don't think we can given the
> likely packaging differences, the containerd version differences, and
> that we don't have infinite time and given a choice between EPEL7 work
> and jumping into modern Fedora packaging to enhance both Fedora and our
> Amazon Linux 2022 efforts, I'd pick the latter.

Backporting potent tools to RHEL 7 or CentOS 7 is often awkward. I've
run into it fullblast with Samba, and contmeporary releases of awscli
and ansible. The obsolete python is a problem, as is Amazon's decision
to use python 3.7 instead of python 3.6, making EPEL profounly
incompatible with it, and along with Red Hat's decision to package
python 3.6 as python3" and Amazon's decision to package python 3.7 as
python 3. Been there, done that, have the scar tissue. The default of
"python" as "python2.7" on CentOS 7 is now burdensome.

> > Additionally, I would appreciate co-maintainers to help with the Fedora
> > branches of containerd, its unbundled go dependencies, and moby-engine
> > (bundled go package). Long term, I'm not sure I'll have the time or the
> > interest to maintain these packages. Note that on EPEL 7, containerd bundles
> > its dependencies; moby-engine is not packaged there.
>
> This is 100% somewhere that Amazon Linux can step in and help with. We
> have a continued interest in the containerd ecosystem working in Fedora
> like distros (namely Amazon Linux), and the bundled/not-bundled split
> existing in some working bconds is certainly in our interest (we're
> likely to continue to bundle dependencies for the forseeable future).

I have repeatedly sent Amazon pointers to my tools for bundling awscli
for python 3, helped with an Amazon Linux 2 port of Samba a few years
ago, and *gave* them the tools to build a contemporary version of mock
on Amazon Linux 2. The silence was deafening. I'm afraid I was told
not to distract our sales engineer with these sorts of concerns, and
never actually got to the engineers who could or should to the actual
work. I found it disappointing.

> I'm going to go chat to some of the people internally who'd be doing the
> bulk of the work I'm just signing them up for, but would love to sync up
> on what our respective pain points are at some point soon.

If it's for server rather than local tools, you may simply wish to
discard RHEL 7 support of Fedora published tools. The dependency chain
can get quite painful. I was informed on the ansible bug list, for
example, that such packaging integration is not the developers' task.
It's the operating system distributor's problem. ansible.com was a
spinoff of Red Hat, and since Red Hat later purchased the company, it
seems much like calling the support line and getting steered back to
the same person you reached on your first, second, and third call.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux