http://buildsys.fedoraproject.org/buildgroups/7 ?

[Jeff Sheltren]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Jun 28, 2007, at 8:55 AM, Jesse Keating wrote:

> On Thursday 28 June 2007 08:44:09 Till Maas wrote:
>> What should go wrong when someone with the gpg key signs the rpms?  
>> And the
>> rpms are really trivial, so it is easy to verify them once. And  
>> afaik they
>> are not updated very often, so it is not much work.
>
> The answer isn't to sign these rpms which don't exist anywhere else  
> in the
> distribution.  The answer is to add a "buildsys-build" group or  
> other such
> named group to the comps file and define what packages should be in  
> there
> that way, and have mock just do a 'groupinstall buildsys-build',  
> which would
> pull from the shipped repos.  This does away with the need of a  
> 'buildgroups'
> repo all together, relies upon the shipped / signed rpms, and  
> existing method
> of defining groups.
>

This is how mock used to work (albeit using yumgruops.xml instead of  
comps.xml), and it was decided (on fedora-buildsys-list, IIRC) that  
it would be better to use an RPM to define the base buildroot packages.

Personally, I feel that having an external 'buildgroups' repo lends  
itself well to those of us that may wish to modify the packages which  
get installed by mock by default.  If Fedora does change how mock  
reads in this information, I would hope that it remains configureable  
in some way -- for example, if there is a 'groups' repo listed in a  
mock config, then use that instead of what's defined in comps.

- -Jeff
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFGg7uyKe7MLJjUbNMRAlanAKCM1T2DH7Oqq0iVZ8m7FxLVet1YLACbBfl2
5Jpaj5f3WfizV3rlWE97770=
=nttK
-----END PGP SIGNATURE-----