You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As described in #6, having URL for each package would bloat the format. We should cover
mirrored content
the same RPMs hosted on multiple relative repo locations
different RPMs with the same NEVRA
Mock often builds against mirrored content (e.g. in Fedora Copr). We should avoid repeating the existing dnf5 and dnf issue, where incorrect repo URL and relative location is improperly paired. Some form of repository revision checking is necessary to prevent this.
Lemme propose the following "pseudo-code" (format), the final structure is not important, please just consider providing the same info eventually:
repositories:
- fedora:
# mirrored content
- http://ftp.sh.cvut.cz/fedora/linux/development/41/Everything/x86_64/os/
- rsync://ftp.fi.muni.cz/pub/linux/fedora/linux/development/41/Everything/x86_64/os/
- rsync://mirror.karneval.cz/fedora/linux/development/41/Everything/x86_64/os/
- keep them all, or provide some limit of your choice (or configurable), butmake sure that - at the time of answering - all are on the same revision
- foo:
# some packages are duplicated here
- https://example.com/some/packages/duplicated/here/
- copr-repo:
# repo that provides the same NEVRA, with a different checksum
- https://copr.example.com/some/packages/duplicated/here/packages:
- name: copr-cliversion: 1.112release: 3.fc41arch: noarchchecksum: abcd1234locations:
# Package is rovided by official Fedora repo, the `repo_id` matches one of# the `repositories` above.
- repo_id: fedoralocation: Packages/c/copr-cli-1.112-3.fc41.noarch.rpm# But package is also provided (by mistake?) by `foo`, on a different# relative location though!
- repo_id: foolocation: copr-cli-1.112-3.fc41.noarch.rpm# I'm really pedantic here - the same package nevra with a different checksum!
- name: copr-cliversion: 1.112release: 3.fc41arch: noarchchecksum: efgh5677locations:
repo_id: copr-repolocation: noarch/copr-cli-1.112-3.fc41.noarch.rpm# multi-arch
- name: libfooarch: x86_64
- name: libfooarch: i386
The "pedantic" note might not be needed eventually, considering that DNF is going to provide only lock files for "realistic installations" because one package can only ever be installed once per architecture (no matter the version, release, or
even checksum). If we ever wanted to provide lock files for "hypothetical" installations, we should count on that (in Copr we often see NEVRA duplication, and Koji has a new feature "Drafted builds" that suffers from the same problem). That's why I think we should keep packages as array, btw, not a dict with name.arch keys.
The text was updated successfully, but these errors were encountered:
As described in #6, having URL for each package would bloat the format. We should cover
Mock often builds against mirrored content (e.g. in Fedora Copr). We should avoid repeating the existing dnf5 and dnf issue, where incorrect
repo URLandrelative locationis improperly paired. Some form of repository revision checking is necessary to prevent this.Lemme propose the following "pseudo-code" (format), the final structure is not important, please just consider providing the same info eventually:
The "pedantic" note might not be needed eventually, considering that DNF is going to provide only lock files for "realistic installations" because one package can only ever be installed once per architecture (no matter the version, release, or
even checksum). If we ever wanted to provide lock files for "hypothetical" installations, we should count on that (in Copr we often see NEVRA duplication, and Koji has a new feature "Drafted builds" that suffers from the same problem). That's why I think we should keep
packagesas array, btw, not a dict withname.archkeys.The text was updated successfully, but these errors were encountered: