Koji 1.16.0 Release notes¶
Migrating from Koji 1.15¶
For details on migrating see Migrating to Koji 1.16
Security Fixes¶
CVE-2018-1002150 - distRepoMove missing access check
This release includes the fix for CVE-2018-1002150.
Client Changes¶
CLI commands to manage notifications
The change adds new cli sub-commands:
list-notifications
add-notification
remove-notification
edit-notification
Previously this functionality was only available through the web ui or by making direct api calls.
Add –old-chroot option to runroot command
This option causes the runroot handler to pass the same-named option
to the mock command. This complements the existing --new-chroot
option.
If neither --old-chroot or --new-chroot is given, then mock will
follow its default behavior. This default varies across mock versions.
For newer versions of mock, --new-chroot is the default (uses a
systemd nspawn container).
Fix runroot output on py3
The runroot command should now work under python3.
Honor runroot –quiet
The --quiet option was added to the runroot command in version 1.15,
but it only took effect when the --watch option was given. Now it is
honored in all cases.
Drop old ssl code
The old koji.ssl module has been removed, and the use_old_ssl option
has been removed from client code.
Because these files (which were originally from Plague) were the only parts of Koji that were licensed as GPLv2+, Koji is now simply licensed as LGPLv2.
Builder Changes¶
Configure install timeout for imagefactory
Previously the install timeout parameter for imagefactory was set
to a fixed value of 7200 by Koji. Now it can be controlled by
setting the oz_install_timeout option in kojid.conf.
A value of 0 will disable the timeout.
Record log timestamps
If the log_timestamps option is enabled in kojid.conf, then
the builder will record a separate timestamp file for each log file
in a build.
The filename for the timestamp file is generated by taking the name
of the log file and appending -ts.log. So build.log will have
timestamp data in build.log-ts.log.
The format of the timestamp log is plain text with each line showing a numeric timestamp and a line offset.
Builder option: chroot_tmpdir
The new chroot_tmpdir option controls which directory within buildroots
is used for various temporary data by the Koji builder daemon.
Previously this was hardcoded to /builddir/tmp, which created problems
with modern versions of mock.
The default value is /chroot_tmpdir.
Add internal_dev_setup option to runroot config
The internal_dev_setup config option for the runroot builder plugin
controls whether the mock option of the same name is set for runroot
tasks.
System Changes¶
Add option to configure DB port
The hub now accepts a DBPort option in hub.conf, which specifies
which port the hub should use when connecting to the database.
Split debuginfo for dist repos
Dist repos can now be generated with debuginfo files split into a separate
repo. The behavior is controlled by passing the --split-debuginfo option
to the dist-repo subcommand.
When this option is in effect, the main repo will be in the normal location.
The debuginfo repo will be in the debug subdirectory. So, you will
see a directory structure like:
Packages/
repodata/
debug/
debug/repodata
Regardless of the split, all the rpms are located in the top level
Packages directory.
Notifications in [un]tagBuildBypass
Previously the tagBuildBypass and untagBuildBypass calls did not trigger
notifications. Now they will do so by default. The call now accepts a
notify option (defaults to True) which controls the behavior.
Track history for host data
Koji now tracks changes to host data similarly to the way it tracks changes for other data. This includes
enabled state
arches
capacity
description & comment
channels
The list-history cli command now supports --host and --channel
options to select history entries for a host or channel.
The versioned host data is stored in the host_config and host_channels
tables.
Fix block-group functionality
The block-group command and its underlying api call now actually work.
Strict option for archive listing calls
The list_archives, get_archive_file(), and list_archive_files()
hub functions now accept a strict option, which defaults to False. When
the option is True, the call will raise an exception if there is no
match.
Search build by source
The listBuilds() api call now supports a source option. This is
treated as a glob pattern and matched against the source field of the build.
Option to ignore tags in kojira
Kojira now supports an ignore_tags option. This is treated as a
space-separated list of glob patterns. Tags that match are ignored
by kojira (it will not generate newRepo tasks for them).
Improve kojira throughput
Kojira should be much more responsive in triggering newRepo tasks.
Drop migrateImage call
The migrateImage call hub call has been removed.
This call was added in version 1.8 (April 2013) as a one-time tool for migrating images from the old model (no build entry) to the new model (image build type). It was only available if the EnableImageMigration option was set on the hub.