2024-05-01 16:30:05 <@gurssing:matrix.org> !startmeeting fedora_coreos_meeting
2024-05-01 16:30:07 <@gurssing:matrix.org> !topic roll call
2024-05-01 16:30:08 <@meetbot:fedora.im> Meeting started at 2024-05-01 16:30:05 UTC
2024-05-01 16:30:08 <@meetbot:fedora.im> The Meeting name is 'fedora_coreos_meeting'
2024-05-01 16:31:26 <@aaradhak:matrix.org> !hi aaradhak
2024-05-01 16:31:28 <@zodbot:fedora.im> Aashish Radhakrishnan (aaradhak)
2024-05-01 16:31:40 <@gurssing:matrix.org> !hi gursewak
2024-05-01 16:31:42 <@zodbot:fedora.im> Gursewak Singh (gursewak)
2024-05-01 16:31:56 <@dustymabe:matrix.org> !hi
2024-05-01 16:32:04 <@zodbot:fedora.im> Dusty Mabe (dustymabe) - he / him / his
2024-05-01 16:32:13 <@marmijo:fedora.im> !hi
2024-05-01 16:32:16 <@zodbot:fedora.im> Michael Armijo (marmijo)
2024-05-01 16:32:22 <@hricky:fedora.im> !hi
2024-05-01 16:32:25 <@zodbot:fedora.im> Hristo Marinov (hricky) - he / him / his
2024-05-01 16:33:42 <@gurssing:matrix.org>  !topic Action items from last meeting
2024-05-01 16:33:59 <@jlebon:fedora.im> !hi
2024-05-01 16:34:01 <@zodbot:fedora.im> None (jlebon)
2024-05-01 16:34:34 <@gurssing:matrix.org> !topic Action items from last meeting
2024-05-01 16:36:30 <@gurssing:matrix.org> No action item from last meeting.
2024-05-01 16:36:48 <@gurssing:matrix.org> !topic Consider dropping moby-engine from the base image
2024-05-01 16:37:01 <@gurssing:matrix.org> !link https://github.com/coreos/fedora-coreos-tracker/issues/1723
2024-05-01 16:38:17 <@dustymabe:matrix.org> This one is fun :) 
2024-05-01 16:40:14 <@dustymabe:matrix.org> when we started building Fedora CoreOS one of the things we wanted to do was keep Container Linux users happy. Users who wanted to coninue to use `docker` could do so without issue. We've held to that principle for a long time. 
2024-05-01 16:40:49 <@dustymabe:matrix.org> I would like to continue to ship it because I know there are good number of people who do use it
2024-05-01 16:41:46 <@dustymabe:matrix.org> From the ticket:

I think the `moby-engine` packages have these two problems:

1. There's a lack of activity from current maintainers. For example, there were CVEs fixed in upstream `24.0.7` (6 months old), but the CoreOS package is still on `24.0.5` (9 months old).
2. Users don't have control over version, which is made more noticeable by the lack of maintenance. Major version updates (like `20.10.x` to `24.0.x` in F39) happen intermittently and unpredictably; on regular Fedora you have a grace period to stay on current Fedora until EOL, but you can't on CoreOS.
2024-05-01 16:42:04 <@dustymabe:matrix.org> I'm much more concerned with `1.` than I am with `2.`
2024-05-01 16:42:44 <@jlebon:fedora.im> looks like dustymabe tagged it in. do you want to introduce it?
2024-05-01 16:43:01 <@dustymabe:matrix.org> Jonathan Lebon: are my messages not coming through?
2024-05-01 16:43:45 <@gurssing:matrix.org> dustymabe:  they are coming through(at least for me)
2024-05-01 16:44:07 <@jlebon:fedora.im> oh weird, no it all came at once
2024-05-01 16:44:10 <@marmijo:fedora.im> they were delayed I think, but I see them now
2024-05-01 16:44:37 <@dustymabe:matrix.org> `#networking`
2024-05-01 16:45:16 <@dustymabe:matrix.org> So ideally the package maintenance of `moby-engine` would just right itself and become more maintained
2024-05-01 16:45:17 <@jlebon:fedora.im> yeah, package maintenance has been an issue for a while now
2024-05-01 16:46:14 <@dustymabe:matrix.org> there are a few things I think we can do here
2024-05-01 16:46:35 <@jlebon:fedora.im> can we get in touch with the maintainers to provide more context on the situation?
2024-05-01 16:47:07 <@dustymabe:matrix.org> 1. reach out to see if the maintenance issue can be improved. I think there was a thread somewhere not long ago about abandoning the "must have every go dep packaged" and just vendoring for certain hard to package go projects. 
2024-05-01 16:48:27 <@dustymabe:matrix.org> 2. if the security issues don't get resolved soon we could force people to take some action in order to run docker containers. i.e. `systemctl unmask docker.service` along with a FAQ entry about the issues. (Only for new installs, not upgrades)
2024-05-01 16:49:04 <@dustymabe:matrix.org> then only after some long time would I consider removing `moby-engine`. it would be super disruptive to our users IMO
2024-05-01 16:50:40 <@hricky:fedora.im> Is this the thread? https://lists.fedoraproject.org/archives/list/golang@lists.fedoraproject.org/thread/K5P6P2MGEE3SCPF4SZFWOIUGHQHJ6GGG/
2024-05-01 16:50:55 <@dustymabe:matrix.org> Hristo Marinov: I think so
2024-05-01 16:51:07 <@dustymabe:matrix.org> FTR we can email `<package>-maintainers@fedoraproject.org`
2024-05-01 16:52:24 <@jlebon:fedora.im> we should probably also document how to install upstream docker 
2024-05-01 16:52:52 <@dustymabe:matrix.org> looks like some progress on updating in https://src.fedoraproject.org/rpms/moby-engine/pull-request/21
2024-05-01 16:54:08 <@dustymabe:matrix.org> but then they are breaking out the docker cli into a separate package? https://bugzilla.redhat.com/show_bug.cgi?id=2274561
2024-05-01 16:55:32 <@dustymabe:matrix.org> thoughts on next steps?
2024-05-01 16:55:53 <@gurssing:matrix.org> proposed: Reach out to `moby-engine` maintainers and see if the maintenance can be improved. And if the security issues don't get resolved soon we could ask people to take some action in order to run docker containers.
2024-05-01 16:56:58 <@dustymabe:matrix.org> gursewak: we probably also want to mention something about documenting how to install upstream docker
2024-05-01 16:57:26 <@dustymabe:matrix.org> fifofonix: Hristo Marinov do either of you use docker CE versus just the docker that is in FCOS?
2024-05-01 16:59:07 <@jlebon:fedora.im> overall seems sane to me. there's not a lot we can do here unless we also step up and help maintain the package, though that's not a trivial task
2024-05-01 17:00:02 <@gurssing:matrix.org> proposed: Reach out to moby-engine maintainers and see if the maintenance can be improved. And if the security issues don't get resolved soon we could ask people to take some action in order to run docker containers. Additionally, ensure documentation detailing the installation process for upstream Docker is provided.
2024-05-01 17:00:20 <@mikelolasagasti:matrix.org> the problem is that maintaining moby-engine unvendored as Fedora documentation says it should be done has been a challenge due to lack of maintainer time.
2024-05-01 17:00:41 <@dustymabe:matrix.org> mikelolasagasti: yep. very aware
2024-05-01 17:00:44 <@hricky:fedora.im> When I have an explicit need for Docker (learning and testing), I just use it in an Ubuntu VM on a Fedora host.
2024-05-01 17:00:52 <@mikelolasagasti:matrix.org> In the PR linked it can be seen gotmax is trying to move to a vendored build…
2024-05-01 17:01:42 <@mikelolasagasti:matrix.org> but that has it’s own issues, as vendoring causes dependant packages to fail and would break half of go-sig
2024-05-01 17:01:57 <@dustymabe:matrix.org> yep. hoping that improves the maintainer's experience/burden
2024-05-01 17:02:37 <@dustymabe:matrix.org> mikelolasagasti: so are you saying the vendoring should be blocked?
2024-05-01 17:02:46 <@mikelolasagasti:matrix.org> no
2024-05-01 17:02:59 <@mikelolasagasti:matrix.org> but just by vendoring everything ls not solved
2024-05-01 17:04:19 <@dustymabe:matrix.org> yeah, tough problem for sure
2024-05-01 17:04:38 <@mikelolasagasti:matrix.org> vendored packages don't create -devel packages and half of go packages have transient dependencies in moby
2024-05-01 17:04:40 <@dustymabe:matrix.org> what does everyone think about the Proposed?
2024-05-01 17:05:16 <@gotmax:matrix.org> I am just waiting on reviews to get the package updated
2024-05-01 17:05:25 <@gotmax:matrix.org> Help with that would be very welcome
2024-05-01 17:05:36 <@gotmax:matrix.org> And I'd be happy to accept co-maintainers
2024-05-01 17:05:40 <@dustymabe:matrix.org> gotmax23: help with package reviews or PR reviews?
2024-05-01 17:05:45 <@jlebon:fedora.im> gotmax23++
2024-05-01 17:05:47 <@gotmax:matrix.org> New package reviews
2024-05-01 17:05:48 <@zodbot:fedora.im> jlebon gave a cookie to gotmax23. They now have 31 cookies, 1 of which were obtained in the Fedora 40 release cycle
2024-05-01 17:06:05 <@hricky:fedora.im> I don't think maintaining packages is an easy task, at least for me at this point, but I can probably learn and want to be involved, especially for packages that are related to FCOS and OSTree systems in general.
2024-05-01 17:06:42 <@dustymabe:matrix.org> gotmax23: question on the `docker-cli` package

1. didn't we rename `docker` -> `moby-engine` because of legal issues - so we probably can't use the docker name in a package now?
2. what are we really splitting out here?
2024-05-01 17:07:33 <@gotmax:matrix.org> The docker daemon and docker cli are separate upstream projects. I am splitting them up into two packages to make the situation less complicated.
2024-05-01 17:08:02 <@gotmax:matrix.org> s/situation/packging
2024-05-01 17:08:07 <@gotmax:matrix.org> The plan is to keep the engine/daemon package (github.com/moby/moby) but keep the docker cli stuff with the docker- prefix
2024-05-01 17:08:14 <@gotmax:matrix.org> We already have docker-compose in the distribution
2024-05-01 17:09:05 <@gotmax:matrix.org> I think at one point there was discussion about renaming the `docker` cli command to `moby`, but that never happened
2024-05-01 17:09:26 <@gotmax:matrix.org> The plan is to keep the engine/daemon package (github.com/moby/moby) as moby-engine but keep the docker cli stuff with the docker- prefix
2024-05-01 17:10:09 <@dustymabe:matrix.org> ok sounds good to me - though maybe on the legal front we should shoot off an email to the legal list (just so we don't have to do a bunch of work later to rename)

not sure if `docker-compose` slipped in without legal review or not
2024-05-01 17:10:36 <@dustymabe:matrix.org> ok so that sounds good. I didn't realize they were different upstream projects
2024-05-01 17:10:51 <@gotmax:matrix.org> Yeah
2024-05-01 17:12:03 <@dustymabe:matrix.org> !info the docker* package maintainers could use help with package reviews: https://bugzilla.redhat.com/show_bug.cgi?id=2274561 https://bugzilla.redhat.com/show_bug.cgi?id=2274654 https://bugzilla.redhat.com/show_bug.cgi?id=2274656
2024-05-01 17:12:36 <@gotmax:matrix.org> I'll pop out now, but let me know if you have other questions :)
2024-05-01 17:12:40 <@dustymabe:matrix.org> ok so we've now been in contact with the package maintainers :) 
2024-05-01 17:12:50 <@dustymabe:matrix.org> should we update the proposed? 
2024-05-01 17:13:35 <@gotmax:matrix.org> The new model should make maintenance and updates a lot simpler, so hopefully we shouldn't have issues like this in the future
2024-05-01 17:16:08 <@gurssing:matrix.org> Should I add proposal to work on the documentation since the initial two things are addressed.
2024-05-01 17:16:11 <@jlebon:fedora.im> i'd say let's just no-op for now on the FCOS side (or help with reviews if we can) until the changes are pushed through
2024-05-01 17:16:46 <@jlebon:fedora.im> yeah, documenting how to install upstream still seems useful
2024-05-01 17:16:50 <@dustymabe:matrix.org> agree
2024-05-01 17:16:58 <@jlebon:fedora.im> i swear i thought this was suggested before and filed, but i can't find anything
2024-05-01 17:17:07 <@dustymabe:matrix.org> it's still useful from the "I need to use a different version" perspective - for whatever reason
2024-05-01 17:17:26 <@gurssing:matrix.org> proposed: Add documentation on how to install upstream docker.
2024-05-01 17:17:33 <@dustymabe:matrix.org> Jonathan Lebon: would this be in the FAQ or a separate page?
2024-05-01 17:18:17 <@dustymabe:matrix.org> 👍️ to the proposed
2024-05-01 17:18:28 <@aaradhak:matrix.org> +1
2024-05-01 17:19:02 <@hricky:fedora.im> +1
2024-05-01 17:20:05 <@jlebon:fedora.im> filed https://github.com/coreos/fedora-coreos-docs/issues/639
2024-05-01 17:20:09 <@gurssing:matrix.org> !agreed : Add documentation on how to install upstream docker.
2024-05-01 17:20:47 <@jlebon:fedora.im> dustymabe: not sure, depends how much instructions we need to give?
2024-05-01 17:22:41 <@gurssing:matrix.org> Anything additional to be added before I move to open floor?
2024-05-01 17:22:53 <@jlebon:fedora.im> the main differences from the upstream docs are basically s/dnf install/rpm-ostree install/ and adding the repo file
2024-05-01 17:23:05 <@jlebon:fedora.im> the main differences from the upstream docs should be s/dnf install/rpm-ostree install/ and adding the repo file
2024-05-01 17:24:47 <@dustymabe:matrix.org> and also the "override remove" part
2024-05-01 17:26:02 <@dustymabe:matrix.org> none from my side
2024-05-01 17:26:14 <@gurssing:matrix.org> !topic Open Floor
2024-05-01 17:27:31 <@dustymabe:matrix.org> !info we met this week and made progress on a design for https://github.com/coreos/fedora-coreos-tracker/issues/99
2024-05-01 17:27:56 <@dustymabe:matrix.org> do we have anyone working on https://github.com/coreos/fedora-coreos-tracker/issues/1722 ?
2024-05-01 17:29:36 <@dustymabe:matrix.org> that's all from me
2024-05-01 17:30:27 <@gurssing:matrix.org> Out of time, will close the meeting:)
2024-05-01 17:30:42 <@gurssing:matrix.org> !endmeeting