Koji 1.27 release notes

Fixes: https://pagure.io/koji/issue/3127

docs/source/migrations/migrating_to_1.27.rst

@@ -0,0 +1,15 @@
+Migrating to Koji 1.27
+======================
+
+You should consider the following changes when migrating to 1.27:
+
+DB Updates
+----------
+
+This release doesn't include any schema change.
+
+Other changes
+-------------
+
+There are numerous other changes in 1.27 that should not have a direct impact on migration. For
+details see: :doc:`../release_notes/release_notes_1.27`

docs/source/migrations/migrations.rst

@@ -5,6 +5,7 @@ Migrations
 .. toctree::
     :maxdepth: 1
 
+    migrating_to_1.27
     migrating_to_1.26
     migrating_to_1.25
     migrating_to_1.24

docs/source/release_notes/release_notes.rst

@@ -5,6 +5,7 @@ Release Notes
 .. toctree::
     :maxdepth: 1
 
+    release_notes_1.27
     release_notes_1.26.1
     release_notes_1.26
     release_notes_1.25.1

docs/source/release_notes/release_notes_1.27.rst

@@ -0,0 +1,299 @@
+Koji 1.27.0 Release notes
+=========================
+
+All changes can be found in `the roadmap <https://pagure.io/koji/roadmap/1.27/>`_.
+Most important changes are listed here.
+
+
+Migrating from Koji 1.26/1.26.1
+-------------------------------
+
+For details on migrating see :doc:`../migrations/migrating_to_1.27`
+
+
+Security Fixes
+--------------
+
+None
+
+
+Client Changes
+--------------
+**set-task-priority permission error fix**
+
+| PR: https://pagure.io/koji/pull-request/2999
+
+CLI confusingly reported "closed task" even in case when user was "just" missing
+the admin permission.
+
+**Honour --force-auth for anonymous commands**
+
+| PR: https://pagure.io/koji/pull-request/3010
+
+This option was not respected in some cases.
+
+**Propagate error in write-signed-copies**
+
+| PR: https://pagure.io/koji/pull-request/3020
+| PR: https://pagure.io/koji/pull-request/3093
+| PR: https://pagure.io/koji/pull-request/3107
+
+Due to speedup changes some errors could have been hidden. Now we're catching
+them all and displaying properly in write-signed-copies command.
+
+**Be tolerant of stops/jumps kwargs in list-tag-inheritance**
+
+| PR: https://pagure.io/koji/pull-request/3055
+
+Older client can emit errors when used against a newer hub as it could use
+already deprecated options. We're now more tolerant to these.
+
+**Dist-repo with write-signed-rpm option**
+
+| PR: https://pagure.io/koji/pull-request/3058
+
+New option for dist-repo --write-signed-rpms. As there could be
+garbage-collected signed copies, dist-repo can fail and these rpms must be
+manually reconstructed. This new option will allow user with `sign` permission
+to prepare required rpms to be ready for the ``distRepo`` task.
+
+**call --json default option set up to str**
+
+| PR: https://pagure.io/koji/pull-request/3066
+
+
+Bugfix for converting some datetime values to proper json when using ``call``
+command.
+
+**Add option for UTC time in list-history**
+
+| PR: https://pagure.io/koji/pull-request/3090
+
+``list-history`` now accepts ``--utc`` option which will display dates in UTC
+instead of local timezone.
+
+API Changes
+-----------
+**listBuilds/list-builds filtering via CG**
+
+| PR: https://pagure.io/koji/pull-request/3009
+| PR: https://pagure.io/koji/pull-request/3111
+
+API call ``listBuilds`` (and its CLI counterpart) now accepts ``cgID``
+(``--cg``) option which adds another filter based on content generator type.
+
+**Deprecate taskReport**
+
+| PR: https://pagure.io/koji/pull-request/3036
+
+This call will be removed in the future.
+
+**queryRPMSigs accepts RPM ID, NVRA and dict**
+
+| PR: https://pagure.io/koji/pull-request/3064
+
+To be aligned with other calls, ``queryRPMSigs`` now accepts all rpm ID
+specifications (integer ID, NVRA string or NVRA dict)
+
+**Deprecate koji.listFaults**
+
+| PR: https://pagure.io/koji/pull-request/3082
+
+Another candidate for removal
+
+**Deprecated force option in groupReqListRemove call**
+
+| PR: https://pagure.io/koji/pull-request/3089
+
+And another one
+
+**getBuildType: ensure id exists in buildinfo dict**
+
+| PR: https://pagure.io/koji/pull-request/3092
+
+More robust handling of input (NVR dict is sufficient now)
+
+**Add strict option to listTagged, listTaggedRPMS, listTaggedArchives**
+
+| PR: https://pagure.io/koji/pull-request/3095
+
+For better differentiation between empty results for correct inputs and wrong
+inputs (non-existing tag, etc.) ``strict`` option was added to these calls.
+
+Builder Changes
+---------------
+**Import guestfs before dnf**
+
+| PR: https://pagure.io/koji/pull-request/2993
+
+Linking conflicts between json-parsing libraries used by guestfs and dnf led us
+to include a small hack. Now it should be again possible to build docker images
+via ``oz``.
+
+**Better error messages for Task.lock()**
+
+| PR: https://pagure.io/koji/pull-request/3007
+
+Improved error logging related to multiple builders competing in task
+allocation.
+
+**Restart kojid and kojira services automatically**
+
+| PR: https://pagure.io/koji/pull-request/3040
+
+``systemd`` services were updated to automatically restart on failure with one
+minute delay.
+
+**Retry get_next_release to avoid race condition**
+
+| PR: https://pagure.io/koji/pull-request/3103
+
+In rare cases there was still race condition with starting image/maven builds
+with same auto-incremented release. This should fix this behaviour completely.
+
+System Changes
+--------------
+**Honour taginfo option in policy_get_build_tags**
+
+| PR: https://pagure.io/koji/pull-request/2989
+
+Deleted buildtags can break some policies. As these are more frequent these days
+(via sidetag usage patterns) we have also hit this problem. It should be fixed
+now.
+
+**Fix scripts for koji pkg and drop utils from py2**
+
+| PR: https://pagure.io/koji/pull-request/3002
+
+Packaging fixes for regression. ``koji-utils`` are py3-only.
+
+**Create symlink before import**
+
+| PR: https://pagure.io/koji/pull-request/3004
+
+Windows builds were not properly handling importing builds back to hub if volume
+policy put the build to non-default volume.
+
+**Speedup untagged_builds query**
+
+| PR: https://pagure.io/koji/pull-request/3005
+
+``untagged_builds`` call is used by garbage collection and it is now about 100%
+faster. It doesn't matter that much to GC itself as it needn't to be
+particularly fast but other queries/users are not blocked by this query lock.
+
+**Support packages that are head-signed**
+
+| PR: https://pagure.io/koji/pull-request/3012
+
+DSA and RSA header signatures (RPMv4 scheme) support.
+
+**Tasks respect disabled channels**
+
+| PR: https://pagure.io/koji/pull-request/3030
+| PR: https://pagure.io/koji/pull-request/3124
+
+In last release option to "disable" channel was introduced. Anyway, tasks were
+happily requesting those channels and were never executed as no builder picked
+them. Now they fail immediately if the channel is disabled/non-existent in the
+moment of task creation.
+
+**Check spec_url for wrapperRPM task source policy test**
+
+| PR: https://pagure.io/koji/pull-request/3047
+
+``wrapperRPM`` tasks now properly propagate data for ``source`` policy test.
+
+**Allow user on git://, git+http://, git+https://, and git+rsync:// scheme**
+
+| PR: https://pagure.io/koji/pull-request/3067
+
+We've not propagated username (or token) to builder. As this data are already
+visible in task it doesn't make sense to conceal them on the builder. There are
+legitimate cases when token is used, so we are now propagating it without
+restriction.
+
+**Logging warning messages about deleteBuild or deletedRPMSig**
+
+| PR: https://pagure.io/koji/pull-request/3076
+
+Last release introduced ``deleteRPMSig`` API call. It is the second call which
+irrecoverably destroys build data so it should be better logged. We're now
+capturing more data in the logs (especially the user).
+
+**Remove translation stub functions**
+
+| PR: https://pagure.io/koji/pull-request/3077
+
+We've never used the i18n ``_`` call and we don't plan to introduce any
+translation. So, we've decided to remove these stubs to make code a bit more
+readable and consistent.
+
+**Add specfile log to wrapperRPM**
+
+| PR: https://pagure.io/koji/pull-request/3078
+
+As specfile in ``wrapperRPM`` is modified from template it is nice to store this
+file in similar way to modified kickstarts in oz tasks.
+
+Web
+---
+**Allow kojiweb to proxy users obtained via different mechanisms**
+
+| PR: https://pagure.io/koji/pull-request/3008
+
+New ``proxyauthtype`` option is introduced to ``gssapi_login`` and ``ssl_login``
+methods. It allows user1 (typically web interface) to proxy another user2 (via
+standard ``proxyuser`` option) with different authentication mechanism than
+user1. E.g. user is authenticated to webui by gssapi, while webui itself
+authenticates via SSL certificate.
+
+Utilities
+---------
+
+Kojira
+......
+**Don't throw exception when auth fails**
+
+| PR: https://pagure.io/koji/pull-request/3099
+
+More proper exit when authentication fails to not trigger abrt.
+
+**Implement ignore_other_volumes option**
+
+| PR: https://pagure.io/koji/pull-request/3126
+
+Option to forbid kojira to delete repos on non-default volumes.
+
+
+Documentation
+-------------
+**Some documentation updates**
+| PR: https://pagure.io/koji/pull-request/2994
+| PR: https://pagure.io/koji/pull-request/2995
+| PR: https://pagure.io/koji/pull-request/2996
+| PR: https://pagure.io/koji/pull-request/2997
+| PR: https://pagure.io/koji/pull-request/3000
+| PR: https://pagure.io/koji/pull-request/3013
+| PR: https://pagure.io/koji/pull-request/3023
+| PR: https://pagure.io/koji/pull-request/3029
+| PR: https://pagure.io/koji/pull-request/3038
+| PR: https://pagure.io/koji/pull-request/3051
+| PR: https://pagure.io/koji/pull-request/3062
+| PR: https://pagure.io/koji/pull-request/3070
+| PR: https://pagure.io/koji/pull-request/3085
+| PR: https://pagure.io/koji/pull-request/3086
+| PR: https://pagure.io/koji/pull-request/3096
+| PR: https://pagure.io/koji/pull-request/3102
+| PR: https://pagure.io/koji/pull-request/3021
+| PR: https://pagure.io/koji/pull-request/3026
+
+**New tests**
+| PR: https://pagure.io/koji/pull-request/3027
+| PR: https://pagure.io/koji/pull-request/3037
+| PR: https://pagure.io/koji/pull-request/3056
+| PR: https://pagure.io/koji/pull-request/3075
+
+**Basic security checks with bandit**
+
+| PR: https://pagure.io/koji/pull-request/3043

koji.spec

@@ -83,7 +83,7 @@
 %define release %{baserelease}
 %endif
 Name: koji
-Version: 1.26.1
+Version: 1.27.0
 Release: %{release}%{?dist}
 License: LGPLv2 and GPLv2+
 # the included arch lib from yum's rpmUtils is GPLv2+

koji/_version.py

@@ -1,2 +1,2 @@
-__version_info__ = (1, 26, 1)
+__version_info__ = (1, 27, 0)
 __version__ = '.'.join([str(x) for x in __version_info__])