Koji 1.17.0 Release notes¶
CVE-2018-1002161 - SQL injection in multiple remote calls
This release includes the fix for CVE-2018-1002161
Volume id option for livemedia and livecd tasks
spin-livemedia commands now accept a
argument to specify the volume id for the media. If unspecified, the
volume id is chosen via the same heuristic as before.
Volume ids must be 32 characters or less.
Build order preserved by clone-tag
This is an improvement to the
clone-tag command. Previously, when the
command was used without the
--latest-only option, it could get the
ordering of builds wrong in the destination tag. Now, the order will
match the source tag.
Configurable authentication timeout
Previously, the network timeout during authentication was hard coded to
60 seconds. It is now configurable via the
Additional information from list-channels command
list-channels command now shows three separate host counts for
the number of enabled hosts in the channel
the number of ready hosts in the channel
the number of disabled hosts in the channel
The free-task command requires at least one task-id
Previously this command was a no-op when given no arguments. Now it will return an error.
Drop encode_int function
This is a follow up to the large integer support that we added in version 1.14
See also: Koji 1.14 Release Notes
encode_int function is no longer used
and has been dropped from the library.
Because we no longer call
encode_int, the hub will now always use i8 tags
when returning large integers, rather than returning them as strings in some
Use custom Kerberos context with krb_login
Clients can now pass in their own Kerberos context to
ctx parameter. This is intended for multi-threaded clients.
Custom keyboard interrupt handling in watch_tasks
ki_handler option for the
allows other cli tools to set their own handler for keyboard interrupts.
If specified, the value should be callable and will be called when a
keyboard interrupt is encountered.
If unspecified, the original behavior is retained.
_unique_path() -> unique_path
_unique_path function is deprecated. It has been replaced
Web UI Changes¶
Additional info on builders in channelinfo page
The channelinfo page now shows enabled/ready status for each host and a count for each.
Builder task_avail_delay check
This delay works around a deficiency in task scheduling. The default
delay is 300 seconds and can be adjusted with the
option to kojid. However, it is unlikely that admins will need to
adjust this setting.
Despite the name, this does not introduce any new delay compared to the old behavior. The setting controls how long a host will wait before taking a task in a given channel-arch “bin” when that host has an available capacity lower than the median for that bin. Previously, such hosts could wait forever.
Python 3 Support
Support for Python 3 has been extended to all components of Koji. Including:
No more messagebus plugin
The messagebus plugin has been dropped. The protonmsg plugin is still available.
Simple mode for mergerepos
External repos now have a
merge_mode option. Valid values are
koji (the old way) or
simple (a new alternative). This
option can be set with the
--mode option to the
When an external repo is merged with simple mode, a number of the complex filters that Koji normally applies are skipped. This mode still honors the block list from Koji and ignores duplicate NVRAs, but otherwise it simply merges the repo in.
Multiple merge modes cannot be combined in a single tag. If a tag has two external repos with different modes, then the repo will fail to generate.
Avoid “unknown task” errors in Kojira
This is a bug fix for a minor race condition in Kojira that could cause errors in the log and redundant repo regens.
Full filename display for kojifiles directory indexes
This is simply a change to the default httpd configuration for serving
/mnt/koji. It adds
IndexOptions so that long filenames
are fully displayed.
Broader support for target/source/scratch tests in channel policy
It is now possible to write channel policy rules based on
build target, source, and scratch options for task types other
Longer Build Target names
Build target names can now be up to 256 characters, the same length restriction as for tag names.