Fix variable usage on branching SOP

Signed-off-by: Diego Herrera <dherrera@redhat.com>
2024-12-03 18:59:10 -03:00 · 2024-12-03 18:59:10 -03:00 · 9c01f10369
commit 9c01f10369
parent 5141624ed5
1 changed files with 17 additions and 17 deletions
--- a/modules/release_guide/pages/sop_mass_branching.adoc
+++ b/modules/release_guide/pages/sop_mass_branching.adoc
@ -14,27 +14,27 @@ You will find below the list of steps to follow to branch a new Fedora release.

 When we branch off of rawhide, the branched release packages are already signed by
 the F\{release} key, but we need to resign everything in rawhide for the new F+1 key.
-ie, When we branch f39 off rawhide, all it's packages are already signed by the f39
-key, but we need to resign everything with the f40 key for rawhide.
+ie, When we branch f{rawhide} off rawhide, all it's packages are already signed by the f{rawhide}
+key, but we need to resign everything with the f{rawhide_next} key for rawhide.

 * Add a new config for the new key to robosignatory. Something like:

 ```
            [[consumer_config.koji_instances.primary.tags]]
-            from = "f39"
-            to = "f39"
-            key = "{{ (env == 'production')|ternary('fedora-40', 'testkey') }}"
+            from = "f{rawhide}"
+            to = "f{rawhide}"
+            key = "{{ (env == 'production')|ternary('fedora-{rawhide_next}', 'testkey') }}"
            keyid = "{{ (env == 'production')|ternary('a15B79cc', 'd300e724') }}"
            {% if env == "production" %}
-            file_signing_key = "fedora-40-ima"
+            file_signing_key = "fedora-{rawhide_next}-ima"
            {% endif %}
 ```
-This allows robosignatory to sign packages in the f39 tag with the f40 key.
+This allows robosignatory to sign packages in the f{rawhide} tag with the f{rawhide_next} key.
 * git clone https://pagure.io/releng
 * confirm the new key fingerprint is in scripts/sigulsign_unsigned.py
 * run sigulsign_unsigned.py to gather list of packages to sign:
 ```
-./sigulsign_unsigned.py --just-list --tag f39 fedora-40 | grep src | sed -e 's|.src||' > unsigned-packages
+./sigulsign_unsigned.py --just-list --tag f{rawhide} fedora-{rawhide_next} | grep src | sed -e 's|.src||' > unsigned-packages
 ```
 You should get a list of all the source packages by name.
 * copy unsigned-packages list to autosign01
@ -47,11 +47,11 @@ keyctl add user "sigul:autosign" "${passphrase}" @s
 for i in `cat unsigned-packages`
 do
  echo $i;
-  robosignatory sign-tag primary $i f39;
+  robosignatory sign-tag primary $i f{rawhide};
  sleep 1;
 done
 ```
-This will iterate over all packages and sign them with the new f40 key.
+This will iterate over all packages and sign them with the new f{rawhide_next} key.
 Once complete, re-run the ./sigulsign_unsigned.py command to confirm all are signed.
 On branching day, remove the robosignatory config for this resigning.

@ -358,7 +358,7 @@ Source57:       RPM-GPG-KEY-fedora-{rawhide_next}-primary
 +
 [source,subs="attributes"]
 ----
-fedora-{rawhide+1}-primary: x86_64 armhfp aarch64 ppc64le s390x
+fedora-{rawhide_next}-primary: x86_64 armhfp aarch64 ppc64le s390x
 ----

 . Increment `%global rawhide_release`:
@ -647,7 +647,7 @@ https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/koschei/#_branching_a_
 In order to enable builds for Container Base Images via the
 https://docs.pagure.org/releng/layered_image_build_service.html[Fedora
 Layered Image Build System] we will need to import a new image for
-Rawhide as well as for the new `fedora:rawhide` and `fedora:${RAWHIDE}`
+Rawhide as well as for the new `fedora:rawhide` and `fedora:$\{RAWHIDE}`
 tags.

 Check for the latest successful Rawhide Base Image composed image
@ -661,7 +661,7 @@ On `compose-x86-01.phx2` run:
 $ BASEIMAGE_URL="https://kojipkgs.fedoraproject.org//packages/Fedora-Docker-Base/Rawhide/20170310.n.0/images/Fedora-Docker-Base-Rawhide-20170310.n.0.x86_64.tar.xz"

 # Update this to whatever version number Rawhide now points to
-$ RAWHIDE="27"
+$ RAWHIDE="{rawhide}"

 # Load the latest, find it's image name
 $ sudo docker load < <(curl -s "$\{BASEIMAGE_URL}")
@ -670,15 +670,15 @@ fedora-docker-base-rawhide-20170310.n.0.x86_64      latest      ffd832a990ca

 # Tag everything
 $ sudo docker tag fedora-docker-base-rawhide-20170310.n.0.x86_64 candidate-registry.fedoraproject.org/fedora:rawhide
-$ sudo docker tag fedora-docker-base-rawhide-20170310.n.0.x86_64 candidate-registry.fedoraproject.org/fedora:${RAWHIDE}
+$ sudo docker tag fedora-docker-base-rawhide-20170310.n.0.x86_64 candidate-registry.fedoraproject.org/fedora:$\{RAWHIDE}
 $ sudo docker tag fedora-docker-base-rawhide-20170310.n.0.x86_64 registry.fedoraproject.org/fedora:rawhide
-$ sudo docker tag fedora-docker-base-rawhide-20170310.n.0.x86_64 registry.fedoraproject.org/fedora:${RAWHIDE}
+$ sudo docker tag fedora-docker-base-rawhide-20170310.n.0.x86_64 registry.fedoraproject.org/fedora:$\{RAWHIDE}

 # Push the images
 $ sudo docker push candidate-registry.fedoraproject.org/fedora:rawhide
-$ sudo docker push candidate-registry.fedoraproject.org/fedora:${RAWHIDE}
+$ sudo docker push candidate-registry.fedoraproject.org/fedora:$\{RAWHIDE}
 $ sudo docker push registry.fedoraproject.org/fedora:rawhide
-$ sudo docker push registry.fedoraproject.org/fedora:${RAWHIDE}
+$ sudo docker push registry.fedoraproject.org/fedora:$\{RAWHIDE}

 # Clean up after ourselves
 $ sudo docker rmi fedora-docker-base-rawhide-20170310.n.0.x86_64