On 11/28/2010 11:25 AM, Jon Stanley wrote: > So I have an interesting situation. I have an SCM (CVS, don't laugh) > that requires kerberized gserver authentication. How do I use Koji > with this? I don't mind embedding a password for a user that has > read-only access to the repo somewhere, but I really don't want to if > I can avoid it.
In all my setups the cvs server supports anonymous read-only access. At present, koji's scm url spec does not support an embedded password. I'm not sure if that's a practice we want to encourage. At present, kojid uses pserver for cvs:// scm urls. This is hard-coded currently. When kojid uses kerberos to authenticate to the hub, there is a kerberos cache in /var/tmp/kojid.ccache, /but/ it does not set KRB5CCNAME, or for that matter ever renew the ticket. Short version, if you can't allow anonymous read-only access then there are a lot of code changes between you and your goal. Making such changes sanely may be a bit of a challenge. > Also, with the interesting requirement of a Makefile with target srpm, > how do folks generate that for externally developed packages? Frankly, > most of the packages that we're going to build are rebuilds of RHEL > content with minor changes (sometimes a patch, sometimes just pathname > changes, etc), so generating an SRPM and feeding it directly to koji > is easier than maintaining some SCM layout that's foreign to us and a > lookaside cache. Note that the reason we want to use koji is build > reproducibility, but we'll be saving the SRPM's used in some location. A makefile is not required. You can change the 'make sources' command to something else in the allowed_scms config. Granted, this is a relatively recent change. -- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
