Set up Copr repository for production `osh-worker` RPMs

[siteshwar]

We deploy RPMs in devel Copr repository in the staging environment. This issue tracks setting up a Copr repository for osh-worker RPMs that should be deployed in the production.

[siteshwar]

@praiskup We have devel RPMs in Fedora Copr. How can we move an existing RPM to a production repository?

[praiskup]

You can use the "forking" feature (it copy-pastes and re-signs the RPMs, even into an existing project).

But I'd again suggest you to use the official Fedora Infra repos:

https://kojipkgs.fedoraproject.org/repos-dist/f39-infra-stg/ https://kojipkgs.fedoraproject.org/repos-dist/f39-infra/ https://kojipkgs.fedoraproject.org/repos-dist/f38-infra-stg/ ....

[siteshwar]

@praiskup OpenScanHub is not officially a Fedora service yet. So I do not think I would be allowed to use that. I might just stick to fork to a "production" repository.

@kdudka Any comments on it?

[praiskup]

So I do not think I would be allowed to use that.

This used to be the other way around before actually :) in Fedora Infra, we were only allowed to install software from Infra repos.

[kdudka]

@siteshwar I have no experience with maintaining Fedora services. So I will refrain from commenting on this.

[siteshwar]

So I do not think I would be allowed to use that.

This used to be the other way around before actually :) in Fedora Infra, we were only allowed to install software from Infra repos.

@nirik I would appreciate any comments on this.

[nirik]

Yes, in the past the policy was all production things were built in koji. That somewhat predates openshift however, as we now have apps that install from git repos, build elsewhere, etc.

So, I think for this service that you are maintaining, a copr repo would be ok.

koji infra tags is likely a lot of overhead for you right now, especially if you have a number of deps.

[siteshwar]

As per my understanding, this is how the process should look like:

1. Fork (or refork) from devel repository to staging repository.
2. Run some basic tests on the staging environment.
3. Fork (or refork) from staging to production repository before production deployment.

We can not use devel repository from Copr, as it gets updated on each commit to the main branch in upstream. And their could be a disparity between the tests run in the second step, and when we refork in step 3. staging has to be manually updated to avoid any confusion.

[siteshwar]

In the future, we should automated the second step, and have a production-ready repository. However, move to production repository should be done manually.

[siteshwar]

I am closing this issue as I would follow up on the documentation in https://github.com/openscanhub/fedora-infra/issues/26.