Jonathan Lebon
Jonathan Lebon
In RHCOS, we're often in a state where we don't care about regenerating all the disk images and instead just want the containers. We could do this by manually adding...
Right now, if `build-arch` fails, one can *mostly* rerun it with the same parameters. There is one gotcha: if the failure happens at any point after the `Archive` step, the...
E.g. to freenode/#fedora-coreos. Otherwise, it's too easy to miss when status goes red.
Right now, we're trusting the builder's host keys on first use. Since there's no persistence between runs, we trust on first use on each run. We should instead be verifying...
On non-s390x, we rely on the `--volume=secex-data:/data.secex:ro` switch we pass to podman in `cosa remote-session create` to just create an empty volume. This logic though is subject to races if...
Idea from @jschintag. It's unlikely the cosa image we used in the x86_64 image has already been GC'ed, so we should be able to pass the actual sha256 `:main` resolved...
It's not just used to build Fedora CoreOS now. Having it be just "pipeline" would be cool, but makes the checkout name out of context less obvious.
Capturing some discussions with @dustymabe. Currently, the `build` and `build-arch` jobs are very similar. Where they differ is that the `build` job has extra logic for handling OSTree archiving, `build-arch`...
``` 14:08:37 < jlebon> dustymabe: was casually looking at this https://github.com/coreos/fedora-coreos-config/commit/6740a0d07e4ac7ee4f2455a05d5b059b635391ef 14:08:55 < jlebon> i wish there was a stronger binding to ensure they hit the same rpm-md snapshot 14:09:16...
Ask for temporary creds upfront and expose those instead: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html See discussions in https://github.com/coreos/fedora-coreos-pipeline/pull/59#discussion_r289143621.