-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
location for container inspection scripts #169
Comments
One other reason for merging these into koji-containerbuild is that eventually if kojiweb ever becomes pluggable, we could do things like "diff RPMs" in the kojiweb interface. |
Hi Ken, That would be very nice to have! +1 Cc @twaugh @MartinBasti @rcerven I am also wondering if we would be able to extend these in the future to find content based on cachito stored data. |
Hello, we discussed about this and the best solution seems to create a new repo within this namespace, called koji command should stay minimal, this builds on top of current koji api so we should have it in different tool to not make mess in koji CLI itself. There is also open question if we should:
|
There is a discussion on koji-devel about moving some of the koji-tools scripts into Here are the specific reasons I wanted to build this into koji-containerbuild (or some common library):
|
OK, if this is a way how koji devs wants to handle such toolings, we can reevaluate that decision. |
We agreed to go with the same approach as koji then. Are you willing to contribute patches to koji-c for this? |
Absolutely. We can close this ticket since it was just a discussion, and I'll send separate PRs for the tools I listed above. |
I have a couple of read-only tools for inspecting containers:
koji-search-containers
: This tool searches all OSBS container builds for a particular RPM build. The tool answers the question "which containers have this RPM"? It helps my product teams ensure that we're shipping the correct container image(s) alongside our RPMs.koji-diff-containers
: This tool looks up two OSBS container build NVRs in Koji, queries the RPMs within both containers, and prints the differences between the RPM lists. It helps my product teams ensure that the updates that we ship to users only contain the exact changes we intend.koji-container-signatures
: This tool inspects all the RPMs in a container build. It ensures that the RPM builds in the container are all signed by a particular GPG key (eg. Red Hat's gold-signing key). This helps us check that we are not shipping containers with unsigned or incorrectly-signed RPMs.I can keep these tools in https://pagure.io/koji-tools, but they all share quite a few methods, so I would need to refactor them to use a central library. (For example, I have a method
get_metadata()
that downloads the OSBSmetadata.json
, another one that parses it, etc).I'm wondering if it makes more sense to put these tools into the koji-containerbuild-cli plugin as additional sub-commands. What do you think?
The text was updated successfully, but these errors were encountered: