diff --git a/docs/buildsys/koji-cbs-sigs.md b/docs/buildsys/koji-cbs-sigs.md index c1cc9fe..b7e5ae9 100644 --- a/docs/buildsys/koji-cbs-sigs.md +++ b/docs/buildsys/koji-cbs-sigs.md @@ -160,3 +160,61 @@ Last step is to then play the [stylo](https://github.com/centos/ansible-role-sty ## Koji tags creation + +CBS uses a specific naming convention for the koji tags that will be created. +It's important that we follow that specific convention because the signing/pushing automated process parses the tags to know which gpg SIG key to use, and where to push content that will appear on the mirror network. + +Tag structure: + + * SIG name + * CentOS Linux/Stream release (abbreviated) + * SIG project + * SIG project release + * tag level that can be either `candidate` , `testing` or `release` + +What's the influence of the `tag level` mentioned above ? + * candidate : ignored by signing service, build stays in koji, used to validate build itself or just internal unit-test happening through ci.centos.org for SIGs doing their tests in that environment + * testing : processed by signing service but packages aren't signed, and just land on https://buildlogs.centos.org CDN, so just to have publicly available pkgs that can be promoted to `release` by SIG later + * release : processed by signing service : packages are gpg signed with SIG key, and content appear on the mirror CDN and can be consummed by all + +To create tags, we have in place a tool that is maintained through ansible-role-kojihub and distributed on the kojihub node itself. +That means that to be able to use it, you need to have local shell access and kick the following commands as the `koji` user , *or* eventually have admin rights and kick the tool from outside + +```bash +/opt/cbs-tools/scripts/create_sig.sh +usage: /opt/cbs-tools/scripts/create_sig.sh -d -s -t + +This script generate new build target in koji for SIGS. + +OPTIONS: + -a ARCHES : Force arches e.g : "x86_64","aarch64 i686", etc... + -b : Enable non public bootstrap repo (SCLO SIG only) + -c COLLECTION : Enable collection in the buildroot e.g : mariadb100 + -d DISTRIBUTION : 5 6 7 8 8s + -p SIG PROJECT NAME : cloud6-, sclo-, etc... + -r SIG PROJECT RELEASE NAME : cloud6-openstack- + -s SIG NAME : cloud + -t DISTTAGS : el7 el7.centos el8_0 el8s + -x : delete old -build tag and then recreate. +``` + +Let's use the Kmods SIG again as an example : + +``` +/opt/cbs-tools/scripts/create_sig.sh -a "x86_64" -s kmods -d 8s -p packages -r main -t el8 +* Checking distribution el8s configuration... + -> Checking kmods config... +Creating user : kmods +Using default options for kmods/packages +Creating tag : kmods8s-packages-main-candidate +Creating tag : kmods8s-packages-main-testing +Creating tag : kmods8s-packages-main-release + -> creating kmods8s-packages-main-el8 +Added external repo centos8s-cr to tag kmods8s-packages-main-el8-build (priority 5) +Added external repo centos8s-extras to tag kmods8s-packages-main-el8-build (priority 10) +Added external repo centos8s-powertools to tag kmods8s-packages-main-el8-build (priority 15) +Added external repo centos8s-appstream to tag kmods8s-packages-main-el8-build (priority 20) +Added external repo centos8s-baseos to tag kmods8s-packages-main-el8-build (priority 25) + +``` +