yum ignores values it does not understand and dnf by default installs weak
dependecies, after talking to the FPC we should disable weka deps and
anything needed should be pulled in explicitly
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
Supermin needs access to the pristine RPMs from which the buildroot
is installed, in order to grab the /etc (configuration) files into
the libguestfs appliance (the binaries etc are not baked into the
appliance for obvious security/maintainability reasons).
For years we got these from the yum cache, but problem: dnf defaults
to keepcache=0 and so doesn't save these RPMs.
Therefore enable keepcache like yum.
From https://fedorahosted.org/rel-eng/ticket/6274
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
In python 2.7.9, a context option was added to httplib.HTTPSConnection and
changed its behavior to performs certificate and hostname checks by default.
While this is definitely an improvement, we were relying on the old behavior.
This change restores that (until we can switch to proper verification).
The client CA is only needed to for authentication on the server side,
not for authentication on the client side. Therefore remove it from all
client login code.
Kerberos authentication will fail if the server principal uses a CNAME. Resolving
the hostname in the server URL to the canonical hostname associated with the IP
address allows authentication to succeed.
Commit 4de27c52de made Koji to not retry
on SSL errors.
However, it turns out that some SSL errors are transient, and Koji
should still retry for them.
This commit changes that, so that we are more specific about which SSL
errors should be fatal: expired or revoked certificates.
https://bugzilla.redhat.com/show_bug.cgi?id=1207178
With the current code, trying to SSL-login with a bad certificate will
just make it look like the client code is hanging.
That's because it tries and tries again, silently, until it reaches it's
maximum retry limit.
But in the case of an SSL error, such as an expired client cert, there's
really no point in retrying.
Citing from reindent docs:
Change Python (.py) files to use 4-space indents and no hard tab
characters. Also trim excess spaces and tabs from ends of lines, and
remove empty lines at the end of files. Also ensure the last line
ends with a newline.
Citing from PEP 8:
Use 4 spaces per indentation level.
Python 2 code indented with a mixture of tabs and spaces should be
converted to using spaces exclusively.
Don't write string literals that rely on significant trailing
whitespace. Such trailing whitespace is visually indistinguishable
and some editors (or more recently, reindent.py) will trim them.
Also PyLint recommends not to have trailing whitespace on any line.
The mergeScratch() method allows importing rpms built by a scratch build into an existing build, if that build
did not produce rpms matching the arch of the scratch build. This is useful for bootstrapping a new arch into
existing builds, and avoiding a mass-rebuild to add arch support.
The new "koji chainmaven" command allows Maven builds to be run in depdencency order,
without needing to wait for repo regens. A config file specifies the parameters and
dependencies for each build in the sequence. Each build is launched as soon as all
dependent builds are complete, and is able to reference the output of all of its
dependencies. If the build source URL and parameters match the latest build of the
same package in the destination tag, the build will not be re-run.
ppc64 little endinan is incompatiable with all other ppc64 arches
it is only compatiable with noarch, its a new basearch in yum and
separated in rpm. this patch makes sure we treat it seperate in koji
