|
| 1 | +--- |
| 2 | +title: CentOS Stream - sync2git |
| 3 | +layout: post |
| 4 | +category: posts |
| 5 | +--- |
| 6 | + |
| 7 | +TLDR: This blog post summarizes `sync2git` service that is used to push internal Red Hat packages and modules into CentOS git repositories. I will skip talking about modules for simplicity. |
| 8 | + |
| 9 | +## What is sync2git ? |
| 10 | + |
| 11 | +It's a service that's part of [CentOS Stream][centos-stream-url] project. In simple words, it does 2 things: |
| 12 | + |
| 13 | +1. Pull internal package and module builds from brew. Brew is internal Red Hat instance of |
| 14 | + [koji][koji-fedora]. |
| 15 | +2. Push them to [CentOS git][git-centos-org] repositories. |
| 16 | + |
| 17 | +## How does it work ? |
| 18 | + |
| 19 | +It heaviliy depends on [alt-src][alt-src-github] tool which is maintained by Red Hat release engineering team. `sync2git` works in several steps: |
| 20 | + |
| 21 | +1. Pull list of internal package builds that are tagged with certain tag. For example, `rhel-8.2.0-candidate` is the internal tag for builds that are set to be released for `rhel-8.2.0`. |
| 22 | +2. Check if there are any embargoed CVE fixes pending for any of the listed builds. If yes, remove them from list. We want to avoid publishing any packages to git.centos.org that contain CVE fixes that are not released yet. So, package builds that contain unpublished CVE fixes may take longer than other packages to be available for CentOS Stream. There is an internal hosted web service to check for such packages. |
| 23 | +3. Download source rpm for the listed packages. |
| 24 | +4. Use `alt-src` to push the source rpm to git.centos.org. `alt-src` basically explodes the source rpm and pushes the sources to `c8s` branch in git.centos.org. For example, latest changes for systemd can be seen [here][systemd-c8s]. |
| 25 | + |
| 26 | +## Where can I find the details ? |
| 27 | + |
| 28 | +A line of code is worth a thousand words. Some of the details I shared in previous section may change over time. For details and latest updates you can see code for this service [here][sync2git-github]. |
| 29 | + |
| 30 | +## Credits |
| 31 | + |
| 32 | +Thanks to [Brian Stinson][brian-github], [James Antill][james-github] and rest of CentOS Stream team for helping me with implementation of this service. Also, thanks to Red Hat release engineering team for their guidance with `alt-src`. |
| 33 | + |
| 34 | +Comments on [Hacker News][hacker-news] and [reddit][reddit]. |
| 35 | + |
| 36 | +[centos-stream-url]: https://www.centos.org/centos-stream/ |
| 37 | +[koji-fedora]: https://koji.fedoraproject.org/ |
| 38 | +[sync2git-github]: https://github.com/CentOS/sync2git |
| 39 | +[alt-src-github]: https://github.com/release-engineering/alt-src |
| 40 | +[git-centos-org]: https://git.centos.org/ |
| 41 | +[systemd-c8s]: https://git.centos.org/rpms/systemd/commits/c8s |
| 42 | +[brian-github]: https://github.com/bstinsonmhk |
| 43 | +[james-github]: https://github.com/james-antill |
| 44 | +[hacker-news]: https://news.ycombinator.com/item?id=24848678 |
| 45 | +[reddit]: https://www.reddit.com/r/CentOS/comments/jfevrw/centos_stream_sync2git/ |
0 commit comments