Koji 1.16.0 Release notes

Migrating from Koji 1.15

For details on migrating see Migrating to Koji 1.16

Security Fixes

CVE-2018-1002150 - distRepoMove missing access check

This release includes the fix for CVE-2018-1002150.

Client Changes

CLI commands to manage notifications

The change adds new cli sub-commands:

  • list-notifications

  • add-notification

  • remove-notification

  • edit-notification

Previously this functionality was only available through the web ui or by making direct api calls.

Add –old-chroot option to runroot command

This option causes the runroot handler to pass the same-named option to the mock command. This complements the existing --new-chroot option.

If neither --old-chroot or --new-chroot is given, then mock will follow its default behavior. This default varies across mock versions. For newer versions of mock, --new-chroot is the default (uses a systemd nspawn container).

Fix runroot output on py3

The runroot command should now work under python3.

Honor runroot –quiet

The --quiet option was added to the runroot command in version 1.15, but it only took effect when the --watch option was given. Now it is honored in all cases.

Drop old ssl code

The old koji.ssl module has been removed, and the use_old_ssl option has been removed from client code.

Because these files (which were originally from Plague) were the only parts of Koji that were licensed as GPLv2+, Koji is now simply licensed as LGPLv2.

Builder Changes

Configure install timeout for imagefactory

Previously the install timeout parameter for imagefactory was set to a fixed value of 7200 by Koji. Now it can be controlled by setting the oz_install_timeout option in kojid.conf.

A value of 0 will disable the timeout.

Record log timestamps

If the log_timestamps option is enabled in kojid.conf, then the builder will record a separate timestamp file for each log file in a build.

The filename for the timestamp file is generated by taking the name of the log file and appending -ts.log. So build.log will have timestamp data in build.log-ts.log.

The format of the timestamp log is plain text with each line showing a numeric timestamp and a line offset.

Builder option: chroot_tmpdir

The new chroot_tmpdir option controls which directory within buildroots is used for various temporary data by the Koji builder daemon. Previously this was hardcoded to /builddir/tmp, which created problems with modern versions of mock.

The default value is /chroot_tmpdir.

Add internal_dev_setup option to runroot config

The internal_dev_setup config option for the runroot builder plugin controls whether the mock option of the same name is set for runroot tasks.

System Changes

Add option to configure DB port

The hub now accepts a DBPort option in hub.conf, which specifies which port the hub should use when connecting to the database.

Split debuginfo for dist repos

Dist repos can now be generated with debuginfo files split into a separate repo. The behavior is controlled by passing the --split-debuginfo option to the dist-repo subcommand.

When this option is in effect, the main repo will be in the normal location. The debuginfo repo will be in the debug subdirectory. So, you will see a directory structure like:

Packages/
repodata/
debug/
debug/repodata

Regardless of the split, all the rpms are located in the top level Packages directory.

Notifications in [un]tagBuildBypass

Previously the tagBuildBypass and untagBuildBypass calls did not trigger notifications. Now they will do so by default. The call now accepts a notify option (defaults to True) which controls the behavior.

Track history for host data

Koji now tracks changes to host data similarly to the way it tracks changes for other data. This includes

  • enabled state

  • arches

  • capacity

  • description & comment

  • channels

The list-history cli command now supports --host and --channel options to select history entries for a host or channel.

The versioned host data is stored in the host_config and host_channels tables.

Fix block-group functionality

The block-group command and its underlying api call now actually work.

Strict option for archive listing calls

The list_archives, get_archive_file(), and list_archive_files() hub functions now accept a strict option, which defaults to False. When the option is True, the call will raise an exception if there is no match.

Search build by source

The listBuilds() api call now supports a source option. This is treated as a glob pattern and matched against the source field of the build.

Option to ignore tags in kojira

Kojira now supports an ignore_tags option. This is treated as a space-separated list of glob patterns. Tags that match are ignored by kojira (it will not generate newRepo tasks for them).

Improve kojira throughput

Kojira should be much more responsive in triggering newRepo tasks.

Drop migrateImage call

The migrateImage call hub call has been removed.

This call was added in version 1.8 (April 2013) as a one-time tool for migrating images from the old model (no build entry) to the new model (image build type). It was only available if the EnableImageMigration option was set on the hub.