Hi josh, > 1) RPMs built in koji > 2) sign_unsigned.py is run against various koji tags. Either > dist-f1x-candidates or dist-f1x-updates-testing, or whichever > need to be signed. NOTE: rawhide is not signed > 3) mash is run against the tag after the RPMs have all been signed. > 4) Bodhi does some symlink switching after all the mashes > have completed successfully and the new repos are pushed to > the mirrors. >
This is more for my understanding, because I think I am already out of my comfort zone for managing my little amount of packages with Koji. Koji really helps me a lot w.r.t having a handfull of custom packages, it allows me to focus on the package and not the mess of yum/rpm dependency. But, how do you get from step 2 to step 3? I went ahead and read Jesse's e-mail (great explanation, btw) and is this where the sigul system comes into play? Because working from my knowledge of Koji, it would appear to me that A) the output of step 2 would be signed RPMs on a filesystem B) how do you get the signed RPMs on disk (the filesystem) back into Koji? I think this is the process I have come across in previous posts from Jesse/Mike. I don't understand what sigul is could be the issue... C) does step 3 mean that you have taken twice as much space on disk because know you have two versions (one signed and one unsigned) of the same NVR build? D) if I go to Fedora's Koji, I don't see two NVR RPMs per package. I think I am missing something here w.r.t getting signed RPMs back into Koji. Thanks for outline Josh, -Allen -- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
