Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cmd-fetch: include overrides when updating lockfile #1387

Merged
merged 1 commit into from
Apr 23, 2020

Conversation

jlebon
Copy link
Member

@jlebon jlebon commented Apr 22, 2020

I'm working on a lockfile updater[1], and I'd like it to just be able to
do cosa fetch --update-lockfile the same way a human would. This
normally would run rpm-ostree compose tree without passing any
lockfiles and blocking out the pool so that all packages come from the
base repo.

Sadly, that doesn't currently work for FCOS right now because we have an
override for crypto-policies from f32 so that we don't pull in Python.
And because we also have an exclude-packages for Python, without the
f32 crypto-policies, we can't get a depsolve from just the base f31
repos. (This is the same issue that killed bodhi-updates[2].)

As a short-term hack, just include the overrides for now. This dillutes
the meaning of a "base" lockfile of course, because it will now include
the packages from the overrides. I don't think this really matters for
now though (it does make the checking for whether overrides are still
needed harder, but I'd like to automate dropping overrides eventually
too).

Anyway, we can drop this hack once we move to f32, though I have some
ideas too on how to solve this more correctly.

[1] coreos/fedora-coreos-tracker#293
[2] coreos/fedora-coreos-config#335 (comment)

I'm working on a lockfile updater[1], and I'd like it to just be able to
do `cosa fetch --update-lockfile` the same way a human would. This
normally would run `rpm-ostree compose tree` without passing any
lockfiles and blocking out the pool so that all packages come from the
base repo.

Sadly, that doesn't currently work for FCOS right now because we have an
override for crypto-policies from f32 so that we don't pull in Python.
And because we also have an `exclude-packages` for Python, without the
f32 crypto-policies, we can't get a depsolve from just the base f31
repos. (This is the same issue that killed bodhi-updates[2].)

As a short-term hack, just include the overrides for now. This dillutes
the meaning of a "base" lockfile of course, because it will now include
the packages from the overrides. I don't think this really matters for
now though (it does make the checking for whether overrides are still
needed harder, but I'd like to automate dropping overrides eventually
too).

Anyway, we can drop this hack once we move to f32, though I have some
ideas too on how to solve this more correctly.

[1] coreos/fedora-coreos-tracker#293
[2] coreos/fedora-coreos-config#335 (comment)
@cgwalters
Copy link
Member

I'm having trouble following all the lockfile stuff honestly, and am still feeling it should probably be done via an explicitly maintained set of repos, but
/lgtm

Copy link
Member

@dustymabe dustymabe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@openshift-ci-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cgwalters, dustymabe, jlebon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [cgwalters,dustymabe,jlebon]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@dustymabe
Copy link
Member

I'm still happy with lockfiles.

@dustymabe
Copy link
Member

/retest

bump CI because github is being unreliable

@openshift-merge-robot openshift-merge-robot merged commit 3a853e1 into coreos:master Apr 23, 2020
@jlebon jlebon deleted the pr/fetch-overrides branch July 6, 2020 20:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants