Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
On 11.11.2014 17:02, Matthew Miller wrote: On Tue, Nov 11, 2014 at 03:30:43PM +0100, Harald Hoyer wrote: - Docker update Note that Docker images are currently not building properly in Koji. At this point in the cycle, this seems fairly urgent. Who has ownership for this? http://koji.fedoraproject.org/koji/tasks?state=allview=treemethod=imageorder=-id This doesn't look good...and as Image Factory doesn't provide very good logs, I have no idea where the problem might be (I don't have rights to build an image to investigate anyway..) Dennis, do you know why those builds fail? Also, let me know if there are any news in communication with Docker about pushing our images or if there is anything I can do in this area Vašek -- Lead Infrastructure Engineer Developer Experience Brno, Czech Republic -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 12 Nov 2014 10:13:30 +0100 Václav Pavlín vpav...@redhat.com wrote: On 11.11.2014 17:02, Matthew Miller wrote: On Tue, Nov 11, 2014 at 03:30:43PM +0100, Harald Hoyer wrote: - Docker update Note that Docker images are currently not building properly in Koji. At this point in the cycle, this seems fairly urgent. Who has ownership for this? http://koji.fedoraproject.org/koji/tasks?state=allview=treemethod=imageorder=-id This doesn't look good...and as Image Factory doesn't provide very good logs, I have no idea where the problem might be (I don't have rights to build an image to investigate anyway..) Dennis, do you know why those builds fail? I looked at it today and it was due to rhel7 pykickstart not supporting - --nocore in the kickstart, i upgraded pykickstart to the latest f21 version so it should be okay now. Also, let me know if there are any news in communication with Docker about pushing our images or if there is anything I can do in this area Big issue here is that its all manual processes and tehy do not want us to update the images often, in the rawhide case we want to update daily. Dennis -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBAgAGBQJUY1nfAAoJEH7ltONmPFDR5PMQAMGl46a2VEu80UEU3wUxLuBy /Wd7hRyhDvkARNd85hwp1IhDGQBY8XBnE1rhDj3SLS/g2zgvsR83TZ1vNtfFlVM0 BkRq6WJ3iMjk0jcBCU75GZ5CHnz//BZluP8NIzaYDCuXKvJ2WxDIZYxr5uOyxrku 3s/YffU2mQX/Vp53PcjzCfnxfjsn+gTtPFFK84UM0ZAZnAQhOkHdlK+xJOdqvIKP v8Vs0iXuWXf6Vmi6P/Jxv8N0nfbs3Q2EOJNDIxTkVXlgxgTY2i76olZx3IgRCRxS CwTgHJqXB+AYMueha5OQYp3DxeICbbtaupz1RZLH3s+WyKY/u43i9+YlqV4ntUj8 uP45iJYWUAMitlgI4aPRqLLqbIvd12GbpHIEpHTywothyt9pOu+GAKxCT02c3I/6 RF/0wpEjPEb7gr3MtR5Iy/uyCSPdXbSesOy0YBrC6FhtyJbbCyUM5GhL6s5CLG+y IeLgzZs6AnBSvpdkSGNmdmRqKsbFB69PRiDgWV7G+pLHoe5JG+cbOAV7/G/wLYxy c/p4mhgH13dmaLWYJZeq97KQFRQsWYmkCIvnl9kiNoxIHcqgoyfHU70ixjD5Vm+b oWZVQb4esKihUa0vr2clGn+FwYeZMUTdPORIeHTEWH0bwEBzB1HF/a60dI/OxwwN GuLV5za4LHePXYFSWQQO =SZiU -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
On Wed, Nov 12, 2014 at 10:13:30AM +0100, Václav Pavlín wrote: This doesn't look good...and as Image Factory doesn't provide very good logs, I have no idea where the problem might be (I don't have rights to build an image to investigate anyway..) ImageFactory basically does the best it can with what it can currently get from Anaconda. Ian's making on making it record a video for the worst case. But here, it looks like the problem may be ksflatten (again!): $ ksflatten -vf20 -c fedora-docker-base.ks /dev/null Failed to parse kickstart file 'fedora-docker-base.ks' : The following problem occurred on line 19 of the kickstart file: The --nocore option was introduced in version F21, but you are using kickstart syntax version F20. Which means that this is failing if it's hitting a builder with f20 ksflatten, something I thought we just fixed for atomic. (also see https://bugzilla.redhat.com/show_bug.cgi?id=1162881) -- Matthew Miller mat...@fedoraproject.org Fedora Project Leader -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
On Wed, Nov 12, 2014 at 10:13:30AM +0100, Václav Pavlín wrote: Also, let me know if there are any news in communication with Docker about pushing our images or if there is anything I can do in this area On this part, Lokesh and Kushal and Dennis were looking at it. I think Dennis was making a fedora hosted gi repo so the official image doesn't need to travel through github? -- Matthew Miller mat...@fedoraproject.org Fedora Project Leader -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
On Wed, Nov 12, 2014 at 07:00:11AM -0600, Dennis Gilmore wrote: Big issue here is that its all manual processes and tehy do not want us to update the images often, in the rawhide case we want to update daily. Yeah. I think we shold avoid pushing rawhide to them for now. Possibly push it to a secondary docker repo like fedora-rawhide (repo means too many things, but in this case, it's a collection of docker images on https://hub.docker.com/), or else for F22 look at hosting our own. -- Matthew Miller mat...@fedoraproject.org Fedora Project Leader -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
On 12.11.2014 16:25, Matthew Miller wrote: On Wed, Nov 12, 2014 at 07:00:11AM -0600, Dennis Gilmore wrote: Big issue here is that its all manual processes and tehy do not want us to update the images often, in the rawhide case we want to update daily. Yeah. I think we shold avoid pushing rawhide to them for now. Possibly push it to a secondary docker repo like fedora-rawhide (repo means too many things, but in this case, it's a collection of docker images on https://hub.docker.com/), or else for F22 look at hosting our own. That sounds good to me - let's update fedora:rawhide (https://registry.hub.docker.com/_/fedora/) base image for example weekly and create f.e. fedora/rawhide image which could be pushed there easily daily and mention this from fedora repo. Would that work for you? Vašek -- Lead Infrastructure Engineer Developer Experience Brno, Czech Republic -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 12 Nov 2014 09:17:31 -0500 Matthew Miller mat...@fedoraproject.org wrote: On Wed, Nov 12, 2014 at 10:13:30AM +0100, Václav Pavlín wrote: This doesn't look good...and as Image Factory doesn't provide very good logs, I have no idea where the problem might be (I don't have rights to build an image to investigate anyway..) ImageFactory basically does the best it can with what it can currently get from Anaconda. Ian's making on making it record a video for the worst case. But here, it looks like the problem may be ksflatten (again!): $ ksflatten -vf20 -c fedora-docker-base.ks /dev/null http://koji.fedoraproject.org/koji/taskinfo?taskID=8109378 after updating pykickstart on the compose box, which runs rhel7 to a build from f21 we had a successful docker base image built last night. Failed to parse kickstart file 'fedora-docker-base.ks' : The following problem occurred on line 19 of the kickstart file: The --nocore option was introduced in version F21, but you are using kickstart syntax version F20. Which means that this is failing if it's hitting a builder with f20 ksflatten, something I thought we just fixed for atomic. (also see https://bugzilla.redhat.com/show_bug.cgi?id=1162881) The best fix is really to make sure that all these different steps happen in chroots of the target os so that we always have a suitable version for the os we are working with Dennis -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBAgAGBQJUZBcKAAoJEH7ltONmPFDRG4UP/2SberobkPa51Tb/TwWRG7JN bsfsIgddkku8Yd3LY058z9E+3uuygfXPXzmDZKyy0/NR2opGmriAbXqCnhzHMsKh 47UiQFQihLlFfftNbkKAbvxFO8nNF7Qn6WVmdALmy5z30BE0eMWAflgZcYUP196x /sGwY2iw3D87pkQgzGy0jkiwFvUOCAn3ApYHGd/EhcbuPJp1IBy0tf8GHqk91Tw1 /f96M2XgrLbyEnYWi5T8qmB8ptT4s+Y0gnm54yRFgi7xTnBP8j6IC0kogdYvneW+ pOKBwOqxo9hJjp8aPxl44oY8Fr73tOvtiNyr0EIOQapHU12r6roSqc/wa8Zsli2Q J2WxVc+G1lWEHRMSa8zPiWpvzaKo8Fac5ztRjKz4FKSluHh3IssCP4sc+0VFjRgO uaA4p+BsIckijLInNyNZTNT2m2SwLeVOF3H+pYQ7+aqm2nST+vqYsPR2ER1MHV2M vKYmuaI2ceuEEMo6v/lNvUD/dqVOSblRipIjoAsAMvOP9PfdMMUxncHC46wd5g0D ZxH3TJlzNgwdFc4AuCKBA7Fch+3Tb+bTc440i6gKmyfGUZ7Z3dMp81/I8hMG5bhZ Gt2jf0Gw7EqV/2z1fs5VdTJULjs/lgn43BYwSk3urpPkExpcUtQGMnI4XhPjG8Ok 68fzNDhWWNI9usVmBQAz =Q5N3 -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
Agenda: - Status buildrequires cleanup work (davids nils!) - Update on factory-reset work - Docker update - Open Floor Last meeting logs: http://meetbot.fedoraproject.org/fedora-meeting/2014-10-31/fedora_base_design_working_group.2014-10-31-15.02.log.html -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
- Original Message - Agenda: - Status buildrequires cleanup work (davids nils!) - Update on factory-reset work - Docker update - Open Floor One more topic - generic network install images, there was a question raised, if Base WG would like to take care of it. I'll provide more details in the meeting. Jaroslav Last meeting logs: http://meetbot.fedoraproject.org/fedora-meeting/2014-10-31/fedora_base_design_working_group.2014-10-31-15.02.log.html -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
I also have one more topic... Software written in Go is linked statically and we are not able to figure out which version of Go was used during build. Means that despite we have latest Go with all CVE fixed in Fedora, we still have these CVEs in some packages built from old Go releases. I've heard someone to mention we could use Bundles tag in RPM header to track this. I am not sure if I understood it correctly as I hasn't been able to find anything about it... With this said I am CCing Florian once again to help us out:) Regards, Vašek On 11.11.2014 15:47, Jaroslav Reznik wrote: - Original Message - Agenda: - Status buildrequires cleanup work (davids nils!) - Update on factory-reset work - Docker update - Open Floor One more topic - generic network install images, there was a question raised, if Base WG would like to take care of it. I'll provide more details in the meeting. Jaroslav Last meeting logs: http://meetbot.fedoraproject.org/fedora-meeting/2014-10-31/fedora_base_design_working_group.2014-10-31-15.02.log.html -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- Lead Infrastructure Engineer Developer Experience Brno, Czech Republic -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
Dne 11.11.2014 v 16:17 Václav Pavlín napsal(a): I also have one more topic... Software written in Go is linked statically and we are not able to figure out which version of Go was used during build. Means that despite we have latest Go with all CVE fixed in Fedora, we still have these CVEs in some packages built from old Go releases. I've heard someone to mention we could use Bundles tag in RPM header to track this. You mean bundled virtual provide, e.g. Provides: bundled(go) = 1.0.0 etc. See https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries#Requirement_if_you_bundle for more information. Vít I am not sure if I understood it correctly as I hasn't been able to find anything about it... With this said I am CCing Florian once again to help us out:) Regards, Vašek On 11.11.2014 15:47, Jaroslav Reznik wrote: - Original Message - Agenda: - Status buildrequires cleanup work (davids nils!) - Update on factory-reset work - Docker update - Open Floor One more topic - generic network install images, there was a question raised, if Base WG would like to take care of it. I'll provide more details in the meeting. Jaroslav Last meeting logs: http://meetbot.fedoraproject.org/fedora-meeting/2014-10-31/fedora_base_design_working_group.2014-10-31-15.02.log.html -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
On 11.11.2014 16:26, Vít Ondruch wrote: Dne 11.11.2014 v 16:17 Václav Pavlín napsal(a): I also have one more topic... Software written in Go is linked statically and we are not able to figure out which version of Go was used during build. Means that despite we have latest Go with all CVE fixed in Fedora, we still have these CVEs in some packages built from old Go releases. I've heard someone to mention we could use Bundles tag in RPM header to track this. You mean bundled virtual provide, e.g. Provides: bundled(go) = 1.0.0 etc. See https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries#Requirement_if_you_bundle for more information. Thanks! That's probably it, although I think we need to set this automatically during the build to make it useful. Vašek Vít I am not sure if I understood it correctly as I hasn't been able to find anything about it... With this said I am CCing Florian once again to help us out:) Regards, Vašek On 11.11.2014 15:47, Jaroslav Reznik wrote: - Original Message - Agenda: - Status buildrequires cleanup work (davids nils!) - Update on factory-reset work - Docker update - Open Floor One more topic - generic network install images, there was a question raised, if Base WG would like to take care of it. I'll provide more details in the meeting. Jaroslav Last meeting logs: http://meetbot.fedoraproject.org/fedora-meeting/2014-10-31/fedora_base_design_working_group.2014-10-31-15.02.log.html -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- Lead Infrastructure Engineer Developer Experience Brno, Czech Republic -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
Dne 11.11.2014 v 16:30 Václav Pavlín napsal(a): On 11.11.2014 16:26, Vít Ondruch wrote: Dne 11.11.2014 v 16:17 Václav Pavlín napsal(a): I also have one more topic... Software written in Go is linked statically and we are not able to figure out which version of Go was used during build. Means that despite we have latest Go with all CVE fixed in Fedora, we still have these CVEs in some packages built from old Go releases. I've heard someone to mention we could use Bundles tag in RPM header to track this. You mean bundled virtual provide, e.g. Provides: bundled(go) = 1.0.0 etc. See https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries#Requirement_if_you_bundle for more information. Thanks! That's probably it, although I think we need to set this automatically during the build to make it useful. Vašek Yes, you should write generator for it. Vít -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: [Base] Base Design WG agenda meeting 14 November 2014 15:00 UTC on #fedora-meeting
On Tue, Nov 11, 2014 at 03:30:43PM +0100, Harald Hoyer wrote: - Docker update Note that Docker images are currently not building properly in Koji. At this point in the cycle, this seems fairly urgent. Who has ownership for this? http://koji.fedoraproject.org/koji/tasks?state=allview=treemethod=imageorder=-id -- Matthew Miller mat...@fedoraproject.org Fedora Project Leader -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct