Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[backport v0.58] [skip-ci] packit rpm backports #1999

Merged
merged 4 commits into from
May 17, 2024
Merged

[backport v0.58] [skip-ci] packit rpm backports #1999

merged 4 commits into from
May 17, 2024

Conversation

lsm5
Copy link
Member

@lsm5 lsm5 commented May 16, 2024

Backporting rpm and packit changes from main to v0.58

@Luap99 @edsantiago @TomSweeneyRedHat @ktdreyer @rhatdan @mheon PTAL

lsm5 and others added 4 commits May 16, 2024 13:23
@lsm5 @edsantiago
Packit: New workflow for downstream Fedora and CentOS Stream 10
57bdf3e 
This commit enables:
- upstream copr build jobs on PRs
- rpm builds on podman-next copr after every commit to main
- Fedora and CentOS Stream 10 downstream update jobs on every upstream
  release
- Fetch RPM-GPG-KEY-redhat-release from https://access.redhat.com/security/data/fd431d51.txt
- Config file patching during rpm build is managed via `rpm/update.sh`,
  modified from the original script at
  https://gitlab.com/redhat/centos-stream/rpms/containers-common/-/blob/c9s/update.sh
  and modified to include Fedora and RHEL-10

Co-authored-by: Ed Santiago <[email protected]>
Signed-off-by: Lokesh Mandvekar <[email protected]>
(cherry picked from commit 5c5b112)
Signed-off-by: Lokesh Mandvekar <[email protected]>
@lsm5
[skip-ci] Packit: fix copr name
79ee22a 
The copr name got mistakenly changed during a replace-all in containers#1960.

Signed-off-by: Lokesh Mandvekar <[email protected]>
(cherry picked from commit 1a2d001)
Signed-off-by: Lokesh Mandvekar <[email protected]>
@lsm5
[skip-ci] RPM: redhat registry config files should be config(noreplace)
0aaf146 
This will allow users to edit these configs and have those changes
persist.

Will be needed if users experience issues with using the `lookaside`
setting instead of the current `sigstore` setting that these files ship
with.
Ref: containers#1983

Signed-off-by: Lokesh Mandvekar <[email protected]>
(cherry picked from commit e6aa2f6)
Signed-off-by: Lokesh Mandvekar <[email protected]>
@ktdreyer @lsm5
use new "lookaside" setting for RH registries
fe744c3 
The old "sigstore" setting was confusing to users now that "Sigstore" is
an independent open-source project. Use the newer "lookaside" setting
as described in containers/image#1606

Signed-off-by: Ken Dreyer <[email protected]>
(cherry picked from commit 2331a28)
Signed-off-by: Lokesh Mandvekar <[email protected]>
@packit-as-a-service Packit-as-a-Service
Copy link

Ephemeral COPR build failed. @containers/packit-build please check.

@lsm5
Copy link
Member Author

lsm5 commented May 16, 2024

ignore ELN failure. ELN copr fix hasn't landed yet apparently.

@rhatdan
Copy link
Member

rhatdan commented May 16, 2024

/approve
/lgtm

@openshift-ci openshift-ci bot added the lgtm label May 16, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented May 16, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lsm5, rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@lsm5
Copy link
Member Author

lsm5 commented May 16, 2024

@TomSweeneyRedHat @mheon will you be cutting a new c/common v0.58 for the upcoming vendor dance? Just that it'd be good to verify the packit workflow for Fedora containers-common.

@mheon
Copy link
Member

mheon commented May 16, 2024

Probably a new 0.59 off main

@Luap99
Copy link
Member

Luap99 commented May 17, 2024

Yes we need a new 0.59 of main so I don't think this is required.

@lsm5
Copy link
Member Author

lsm5 commented May 17, 2024

Yes we need a new 0.59 of main so I don't think this is required.

great, thanks. Closing this.

@lsm5 lsm5 closed this May 17, 2024
@TomSweeneyRedHat
Copy link
Member

@lsm5 well we need to cut a new v0.58 for the backporting of CVE-2024-3726, want to reconsider?

@lsm5 lsm5 reopened this May 17, 2024
@lsm5
Copy link
Member Author

lsm5 commented May 17, 2024

@lsm5 well we need to cut a new v0.58 for the backporting of CVE-2024-3726, want to reconsider?

@TomSweeneyRedHat looks like the previous slash-lgtm didn't work earlier, or just too unbearably long. Would you mind manually merging this once the rpm tests are done?

@rhatdan rhatdan merged commit 1a6d9ae into containers:v0.58 May 17, 2024
9 of 10 checks passed
@lsm5 lsm5 deleted the v0.58-packit-rpm-backports branch May 17, 2024 19:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@rhatdan rhatdan

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@lsm5 @rhatdan @mheon @Luap99 @TomSweeneyRedHat @ktdreyer