Koji 1.29.0 Release notes¶
All changes can be found in the roadmap. Most important changes are listed here.
Migrating from Koji 1.28/1.28.1¶
For details on migrating see Migrating to Koji 1.29
Security Fixes¶
None
Client Changes¶
Retry gssapi_login if it makes sense
Only place in CLI where we did not retried when server was inaccessible was rewriteen to retry in some cases when there is an expecetation that it could work.
Fix more users in userinfo
Userinfo regressions - it now correctly list information for all users specified on command line.
Allow untag-build for blocked packages
When package is blocked in the tag but there was already some build for that package, CLI refused to untag it. It is now fixed.
API Changes¶
Remove taskReport API call
Add strict option to getRPMHeaders
Similarly to other stricts it will raise an error if rpm doesn’t exist. Empty
dictionary was returned instead which was indistunguishable with missing
requested key in existing RPM. This behaviour is still available with
strict=False
.
Add extra of builds to listTagged call result
Pattern of listTagged
followed by multicall of getBuild
is used often,
so we decided to put missing info (extra
field) directly into listTagged
so only one call is required now.
Add as_string option to showOpts for raw string or dict output
Usable for koji administration - additional format for getting current
configuration in machine-readable format. as_string=True
reflects old
behaviour.
Builder Changes¶
Check ccache size before trying to use it
Machine restart could cause failing authentication for the builder as ccache file is not properly deleted.
call git rev-parse before chowning source directory
Newer git (2.35.2) fixed long-standing git security issue but we needed to adapt our code as a result.
System Changes¶
Remove koji.listFaults
This method was not used anywhere in koji code and could complicate future exception redesign, so we’ve removed it.
Add log file for match_rpm warnings in cg_import
CG import was writing errors to hub logs when rpm were not found in koji. As it could be a problem in some workflows, we’ve added more visibility by uploading separate log to the imported build which lists these errors.
Return 400 codes when client fails to send a full request
Changing to errcode instead of exception will allow client to retry it. So, another type of network problems can be handled more transparently.
Weak dep on httpd.service for kojid/ra - koji
In case more services are running on same node (e.g. hub + kojira) this change
will trigger kojid
/kojira
after hub is running resulting in no initial
errors due to inaccessible hub.
Log content-length when we get an error reading request
Additional logging information for unstable networks.
Hub, plugins and tools inputs validation
Internal changes improving security via better input handling.
Add admin check when priority has negative value in wrapperRPM
It was a bug present in the code, where wrapperRPM
s could have been set to
negative priority even by their owners. Negative priorities are reserved just
for admins.
Permit forcing releasever/arch within mock per tag
Mock’s forcearch
and relver
options are now accesible via tag extras.
Web¶
Add free task for admin
In addition to cancelling task, admin now has also “free” button available.
Add blocked option to packages page
New filter to see blocked packages in webui.
Display load/capacity at hosts page
It is sometimes useful to see these values there.
Plugins¶
Adding Driver Update Disk building support
Previously Driver Update Disks were done by custom scripts or by ddiskit. Now it can be done in koji, so it benefits from auditability, etc.
koji-sidetag-cleanup: delete inactive tags
New cleanup option allow to delete sidetags which are no longer active (no new builds are tagged there).
Add tag2distrepo plugin to hub
Plugin will trigger distrepo
tasks for configured tags when a new build
arrives.
Fix age to max_age in protonmsg
Incoherent naming in documentation and code is now unified.
Documentation¶
Clarify rpm imports
Better description for kiwi channel requirements
Winbuild documentation updates
Document “list-signed” requires filesystem access