[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: http://buildsys.fedoraproject.org/buildgroups/7 ?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Jun 28, 2007, at 8:55 AM, Jesse Keating wrote:

On Thursday 28 June 2007 08:44:09 Till Maas wrote:
What should go wrong when someone with the gpg key signs the rpms? And the rpms are really trivial, so it is easy to verify them once. And afaik they
are not updated very often, so it is not much work.

The answer isn't to sign these rpms which don't exist anywhere else in the distribution. The answer is to add a "buildsys-build" group or other such named group to the comps file and define what packages should be in there that way, and have mock just do a 'groupinstall buildsys-build', which would pull from the shipped repos. This does away with the need of a 'buildgroups' repo all together, relies upon the shipped / signed rpms, and existing method
of defining groups.


This is how mock used to work (albeit using yumgruops.xml instead of comps.xml), and it was decided (on fedora-buildsys-list, IIRC) that it would be better to use an RPM to define the base buildroot packages.

Personally, I feel that having an external 'buildgroups' repo lends itself well to those of us that may wish to modify the packages which get installed by mock by default. If Fedora does change how mock reads in this information, I would hope that it remains configureable in some way -- for example, if there is a 'groups' repo listed in a mock config, then use that instead of what's defined in comps.

- -Jeff
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFGg7uyKe7MLJjUbNMRAlanAKCM1T2DH7Oqq0iVZ8m7FxLVet1YLACbBfl2
5Jpaj5f3WfizV3rlWE97770=
=nttK
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]