This should have changed at branching, but didn't. ;(
We also need to add in a entry for eln tagged builds to be signed and
put back/kept in the eln tag. This will allow robosignatory to resign
everything with the f38 keys. It can be removed after this.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We want to keep the old mock bind mount for non rawhide branches, but
rawhide is using nspawn, so we want to add a directive there to pass
'--bind' to it to correctly mount the pesign socket directory so kernels
can be signed for secure boot.
See https://github.com/rpm-software-management/mock/issues/140
Moving forward this could be fixed in mock, in which case we remove the
nspawn args. Or it could be fixed by pesign moving the socket directory,
in which case we remove nspawn args and adjust the old mock bind mount
to the new location. For now, this works around the current crop of
issues.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The Flask-Login package currently available in F36 has issue with werkzeug
package. This commit will use newer version of Flask-Login from PyPI to
work around the issue.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
With the sphinx 4.4.0 already installed in the container we need to specify
exact version of sphinx we want to install by pip.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
The current version of sphinx available in Fedora 36 doesn't work with the new
version of Anitya. Let's use the newest from pip.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
All tests are now passing (yay), so we don't need the temp
policy and we can include F37 in the upgrade policy.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Move it to here instead of having systemd-devel fake require
systemd-pam.
This should help with flatpak runtime packaging so that we can avoid
having to ship systemd-pam in the flatpak container.
It really needs to be called exactly 60-block-scheduler.rules
as it's overriding a file of the same name in `/usr`.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
This applies only within Fedora infra for now, as we're not sure
whether worker hosts on different hardware hit this bug. It's
intended to work around:
https://bugzilla.redhat.com/show_bug.cgi?id=2009585
a bug which results in the infra worker hosts hanging after a
short time when running kernels newer than 5.11.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
aarch64 builders have signifficantly lower capacity that other arches.
They are usually loaded with tasks, while ppc64le and x86_64 ones are
mostly free. This slows down Koschei as it does not submit scratch
builds until load on aarch64 drops below 75 %.
The following table illustrates capacity of Koji builders in default
channel as of August 17, 2022:
┌─────────┬──────────┬──────────┐
│ arch │ builders │ capacity │
├─────────┼──────────┼──────────┤
│ x86_64 │ 46 │ 152 │
│ armhfp │ 28 │ 56 │
│ aarch64 │ 34 │ 68 │
│ ppc64 │ 37 │ 148 │
│ ppc64le │ 37 │ 148 │
│ s390x │ 27 │ 67 │
└─────────┴──────────┴──────────┘
UnappliedChange database table can run out of IDs under normal
operation. Once this happens, there is backend outage that requires
manual admin intervention.
See: https://github.com/fedora-infra/koschei/issues/234
