Plugins

Following plugins are available in default koji installation.

Runroot

Plugin for running any command in buildroot.

Save Failed Tree Plugin

In some cases developers want to investigate exact environment in which their build failed. Reconstructing this environment via mock needn’t end with exactly same structure (due to builder settings, etc.). In such case this plugin can be used to retrieve tarball with complete mock tree.

Additional feature is that some paths from buildroot can be left out from tarball. Feature can be configured via /etc/kojid/plugins/save_failed_tree.conf file. Currently only field filters.paths is used and it consists of globs (standard python’s fnmatch is used) separated by whitespaces.

[filters]
paths = /etc/*.keytab /tmp/secret_data

Warning

For security reasons, currently all /tmp/krb5cc* and /etc/*.keytab files are removed from tarball. If we found some other dangerous pieces, they can be added to this blacklist.

Special task method is created for achieving this which is called SaveFailedTree. This task can be created via CLI: koji save-failed-tree <taskID>. Additional options are:

--full

directs koji to create tarball with complete tree.

--nowait

exit immediately after creating task

--quiet

don’t print any information to output

After task finishes, one can find the tarball on relevant task web page (URL will be printed to stdout until --quiet is used.

Plugin allow to save trees only for tasks defined in config /etc/koji-hub/plugins/save_failed_tree.conf. Option allowed_methods contains list of comma-delimited names of tasks. Default configuration contains line: allowed_methods = buildArch. Anybody is allowed to create this type of task (and download tarball).

Warning

Don’t forget that this type of task can generate huge amount of data, so use it wisely.

TODO

• Separate volume/directory on hub
• garbage collector + policy for retaining generated tarballs