On Wed, Jul 31, 2019 at 10:22:36AM -0400, Stephen John Smoogen wrote: > On Wed, 31 Jul 2019 at 10:16, Richard W.M. Jones <rjo...@redhat.com> wrote: > > > On Tue, Jul 30, 2019 at 11:11:34AM -0700, Kevin Fenzi wrote: > > > In this case it's koji. > > > > > > For every package in the mass rebuild (f31-pending tag) robosign asks > > > koji "hey, is foobar-1.0.1-1.fc31 signed' ? koji checks... "yes, it is". > > > robosign: "great, then I ask you to write out the signed rpms now" > > > koji: "ok, writing them out to disk again" > > > > > > it's mostly this last step thats slow. I am not sure if koji is just > > > seeing if they were written out and returning, or actually re-writing > > > them out. It seems like it might be the latter, which makes me suspect > > > koji could optimize this somewhat. > > > > It's still taking a long time today to get builds through Koji and > > into Rawhide. Is there a reason we need to sign builds in Rawhide? > > > > > 1. Because everyone's rawhide.repo says they are signed > 2. Everytime we get unsigned packages people start freaking out that some > nation state is trying to take over their computer. > 3. Because nation states do that and those packages will become F32/F33 at > some point.
Actually my question was wrong. Is there any reason we need to sign builds while they are internal to Koji (ie. proving BuildRequires for subsequent builds)? They could still be signed when they go out to Rawhide. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 100 libraries supported. http://fedoraproject.org/wiki/MinGW _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
