> We've also packaged all the components; at this point the image does not use > pip or git to build the image.
Excellent milestone on the path to SF productization! I wonder though where are package reviews happening? Legal requirements we got, is to have a public package review for at least licensing and crypto check. With the standard packaging tooling (fedora-review) still requiring Bugzilla ticket that means having Package Review BZ open. In RDO we have per-release trackers e.g. Ocata https://bugzilla.redhat.com/show_bug.cgi?id=RDO-OCATA Since SF is not using Bugzilla, we could host those formal reviews in RDO/PackageReview component, linked under a separate tracker. Other option is to make fedora-review work with Gerrit and run automated part as a check job on package imports. Cheers, Alan _______________________________________________ Softwarefactory-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/softwarefactory-dev
