From e36525012fd57ffa73ead8c0b7c4a5529f3af0d1 Mon Sep 17 00:00:00 2001 From: Fabian Arrotin Date: May 25 2023 11:42:47 +0000 Subject: Adding note about cbs-signing mqtt topic to follow queue stats Signed-off-by: Fabian Arrotin --- diff --git a/docs/delivery.md b/docs/delivery.md index e41ac16..17b4d1a 100644 --- a/docs/delivery.md +++ b/docs/delivery.md @@ -9,6 +9,26 @@ Here is a quick overview of the Delivery process , from storing sources in git, In the following sections we'll focus on rpm packages and repositories but worth knowing that spins artifacts will be signed themselves, but the SHA256SUM files will be, allowing to verify images integrity +## Following signing/push process status + +When you'll tag/untag pkgs/builds to specific tags (see below) it will be triggering a sign+push process outside of cbs/koji. +While (for obvious reasons) that signing infrastructure isn't publicly reachable, it still uses mqtt notifications to send status about queued jobs and the one[s] being processed or finished, (including number of other jobs in the signing queue) + +It's a public (read-only) topic on MQTT broker , using your existing x509 TLS cert that you use to interact with cbs. +There are multiple ways to subscribe to a mqtt topic, but if you just need something lightweight, you can just install the simple `mosquitto` rpm package (available on Fedora and/or EPEL repositories) and then proceed like this : + +``` +mosquitto_sub --cafile ~/.centos-server-ca.cert --cert ~/.centos.cert --key ~/.centos.cert -h mqtt.git.centos.org -p 8883 -t cbs-signing/# -v +``` + +This will stay connected to the topic and print received messages sent to mqtt cbs-signing topic. +Example : + +``` +cbs-signing {"time": "20230525-11:33:01", "tag": "kmods9s-packages-main-release", "status": "processing", "jobs_in_queue": "40"} +cbs-signing {"time": "20230525-11:38:29", "tag": "kmods9s-packages-main-testing", "status": "processed", "jobs_in_queue": "40"} + +``` ## Promoting to testing