16:31:05 #startmeeting fedora_coreos_meeting 16:31:05 Meeting started Wed Feb 1 16:31:05 2023 UTC. 16:31:05 This meeting is logged and archived in a public location. 16:31:05 The chair is dustymabe. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions. 16:31:05 Useful Commands: #action #agreed #halp #info #idea #link #topic. 16:31:05 The meeting name has been set to 'fedora_coreos_meeting' 16:31:10 #topic roll call 16:31:12 .hi 16:31:13 dustymabe: dustymabe 'Dusty Mabe' 16:31:22 aaradhak anthr76 davdunc dustymabe gursewak jaimelm jbrooks jcajka jdoss jlebon jmarrero lorbus miabbott nasirhm ravanelli saqali skunkerk walters 16:31:25 FCOS community meeting in #fedora-meeting-1 16:31:27 If you don't want to be pinged remove your name from this file: https://github.com/coreos/fedora-coreos-tracker/blob/main/meeting-people.txt 16:31:37 .hi 16:31:38 aaradhak[m]: Sorry, but user 'aaradhak [m]' does not exist 16:32:20 .hi 16:32:21 aaradhak: aaradhak 'Aashish Radhakrishnan' 16:33:02 .hello2 16:33:03 jlebon: jlebon 'None' 16:33:18 .hi 16:33:20 jmarrero: jmarrero 'Joseph Marrero' 16:33:31 .hi marmijo@redhat.com 16:33:32 marmijo[m]: Sorry, but user 'marmijo [m]' does not exist 16:33:42 #chair aaradhak jlebon jmarrero marmijo[m] 16:33:42 Current chairs: aaradhak dustymabe jlebon jmarrero marmijo[m] 16:34:14 .hello spresti 16:34:15 spresti[m]: spresti 'Steven Presti' 16:34:29 #chair spresti[m] 16:34:29 Current chairs: aaradhak dustymabe jlebon jmarrero marmijo[m] spresti[m] 16:34:58 will wait a few more minutes and then get started 16:36:06 #topic Action items from last meeting 16:36:20 We had two action items from last meeting: https://meetbot-raw.fedoraproject.org/teams/fedora_coreos_meeting/fedora_coreos_meeting.2023-01-25-16.31.txt 16:36:31 * jmarrero to discuss option 2. (oportunistically pruning older deployments if low on space) with his team and get back to us 16:36:33 * dustymabe to verify that booting a compressed kernel on ppc64le works 16:37:29 I'm going to re-action mine - i had good intentions but the data loss in the ostree repo over the weekend took up some of my cycles 16:37:37 #action dustymabe to verify that booting a compressed kernel on ppc64le works 16:37:41 For my action item, I had a quick chat with Colin about it. Added comment: https://github.com/coreos/fedora-coreos-tracker/issues/1247#issuecomment-1412327065 16:38:43 .hello jasonbrooks 16:38:44 thanks jmarrero 16:38:45 jbrooks: jasonbrooks 'Jason Brooks' 16:38:49 #chair jbrooks 16:38:49 Current chairs: aaradhak dustymabe jbrooks jlebon jmarrero marmijo[m] spresti[m] 16:39:40 ok moving on 16:40:09 we have the audit ticket (https://github.com/coreos/fedora-coreos-tracker/issues/1362) but I think travier wants to be here for that so we can push it to next week 16:40:37 let's go over some recent change proposals for Fedora 38 16:40:55 #topic tracker: Fedora 38 changes considerations 16:41:00 #link https://github.com/coreos/fedora-coreos-tracker/issues/1357 16:41:28 there are new items for us to consider 16:41:41 and also a few comments from timothee so we'll go over those too 16:41:57 subtopic 116. Golang 1.20 16:42:55 i think for go bumps, we just need to make sure we have CI added in upstream go projects 16:43:40 jlebon: like before we switch them to the next major Fedora version? 16:43:57 our rebase tracker has steps for making sure the subprojects get updated 16:44:37 but you mean like CI that can test against multiple go versions at once? 16:44:48 dustymabe: yeah, the latter 16:45:25 just so there are no surprises when the bump happens in the buildroot 16:45:34 got ya - how do we make sure that happens? or will it happen naturally for each project? 16:46:15 there are a few that should happen naturally for 16:46:29 i.e. coreos-installer gets built in `rawhide` today and 1.20 will land there first? 16:46:31 dustymabe: maybe let's chat with bgilbert and see if he wants an issue to track it for some of the projects 16:46:47 and we test rawhide, so should be covered 16:46:58 jlebon: SGTM 16:47:24 #action jlebon/dustymabe to ask bgilbert if we should create some process for testing newer versions of golang early for our various projects that use it 16:48:07 #info for golang 1.20 we don't foresee any problems, but we should pro-actively test before hand to make sure there are no surprises 16:48:20 look good ^^? 16:48:54 subtopic 117. GNU Make version 4.4 16:49:36 LGTM 16:50:02 lgtm too 16:50:04 safe to skip, i think 16:50:28 there are some backwards incompatible changes: https://fedoraproject.org/wiki/Changes/MAKE44#Upgrade/compatibility_impact 16:51:02 wow, surprising for a minor bump 16:51:02 #info we think this should be a transparent update for us 16:51:43 subtopic 119. Add _FORTIFY_SOURCE=3 to distribution build flags 16:52:21 #info this should be transparent to us. If any problems arise it should happen at rpm build time. 16:52:29 ^^ check me on accuracy there 16:52:36 agreed 16:52:42 +1 16:52:54 subtopic 120. Perl: Replace versioned MODULE_COMPAT_ requires by RPM dependency generator 16:53:10 #info we don't ship perl 16:53:20 subtopic 121. Add -fno-omit-frame-pointer and -mno-omit-leaf-frame-pointer to default compilation flags 16:54:19 should be transparent 16:54:36 #info should be transparent to us, no changes for us to make 16:54:42 subtopic 122. Noto Fonts For More Languages 16:55:29 do we even ship multi-language support? 16:55:49 i guess that depends on the rpm and like for example what error messages it generates? 16:56:08 (in a CLI context) 16:56:36 we don't even ship fonts, so i think we can skip that 16:56:48 #info we don't ship fonts, this won't apply to us 16:56:53 subtopic 123. Shorter Shutdown Timer 16:57:50 i think this may impact us if we're not setting a more generous timeout today than needed 16:57:55 for any service we ship 16:58:24 ideally if that happens, it's a CI failure and we fix it by either fixing code or adding a longer timeout 16:58:57 the only thing that comes to mind right now is the ostree-finalize-staged.service, but that one already has an explicit timeout 16:59:08 hmm. I definitely think this is more geared towards people with laptops 16:59:45 travier: added a comment in https://github.com/coreos/fedora-coreos-tracker/issues/1357#issuecomment-1406409322 17:01:24 so I guess we get to decide how we want to handle things now 17:01:43 maybe we agree here to open a new issue to later discuss what our path forward here is 17:01:48 ahh nice. the proposal doesn't make it clear the variant-specific aspect 17:02:08 so yeah, we have to decide if to override the new default to keep the old behaviour or not 17:02:11 SGTM 17:02:55 SGTM 17:03:06 #action dustymabe create a new ticket for us to decide how we want to handle the shutdown timeout change 17:03:30 #info we will need to consider the shutdown timeout change and if we want to accept it or add our own configuration override. 17:03:37 subtopic 124. GNU Toolchain Update (gcc 13.0, binutils 2.39, glibc 2.37, gdb 12.1) 17:04:51 any thoughts on this one? 17:05:47 "The compiler, the static linker and the the library are backwards compatible with the previous version of Fedora." 17:06:13 should be transparent 17:06:27 Non from my side; how has this tool chain upgrade gone in the past? 17:06:41 #info this change should be picked up by us transparently; no active changes for us to make 17:07:05 spresti[m]: usually rpms get built with the new buildchain and then we pick those up 17:07:20 the only question is if there are changes we think we need to make to the rpms that we own for these changes 17:07:31 usually it manifests itself as a build failure that we then have to look into 17:07:37 subtopic 125. Rpmautospec by Default 17:07:52 +1 ty 17:08:26 "This change is targeted at Fedora 38, but it will actually apply to all releases. The goal is to update the Packaging Guidelines and other prominent documentation and tools now, and other docs and tools possibly at a later time. Changing packages is out of scope. " 17:08:42 so basically update the guidance/docs, but not existing packages for now 17:08:59 nice 17:09:30 if you actively develop a package maybe consider trying out one or both of `%autorelease`/`%autochangelog`] 17:09:41 I tried out `%autochangelog` recently and it was nice 17:10:14 #info nothing for FCOS to do specifically but the maintainers of the packages we own may choose to update 17:10:21 i should look at that for rpm-ostree. we store the spec file upstream and then do a "merge" with the changelogs in dist-git, so i think this would be a good fit 17:10:51 subtopic 126. Unfiltered Flathub 17:11:02 #info we don't ship flatpak; no change for us 17:11:29 subtopic 220. libpinyin 2.8 17:12:35 #info we don't ship libpinyin 17:12:41 subtopic 221. Fedora Sway Spin 17:12:57 #info this is another variant of Fedora 17:13:02 subtopic 222. Upgrade ImageMagick to version 7 17:13:07 #info we don't ship imagemagick 17:13:10 subtopic 223. Fedora Budgie Spin 17:13:13 #info this is another variant of Fedora 17:13:22 subtopic 224. Use mdadm for BIOS RAID Support in Anaconda 17:13:53 " 17:13:56 Use mdadm instead of dmraid to support BIOS RAID (Firmware RAID or Fake RAID) during the Fedora installation process. 17:13:58 " 17:14:35 interesting.. I feel like I need to learn about BIOS/Firmware/Fake RAID 17:14:58 anybody familiar? 17:15:35 i think our grub config is "raid" aware already 17:16:07 https://github.com/coreos/coreos-assembler/blob/9fa3aaf93e44a53a4f5b27f15316a73e632b1abf/src/grub.cfg#L3 17:16:28 reading more into it - looks like a hardware feature (i.e. not software RAID)? 17:17:09 probably worth having bgilbert look at it and see if there's something our RAID setup should learn from too 17:17:20 #info This change is specific to anaconda. 17:17:25 still ^^ 17:17:31 assuming we don't use dmraid anywhere 17:18:09 subtopic 225. Pyramid 2.0 17:18:32 #info we don't ship python-pyramid 17:18:48 subtopic 226. Xfce-4.18 17:18:55 #info this is another variant of Fedora 17:18:55 i think all of the remaining ones can be "#info we don't ship this package" 17:19:02 cool 17:19:31 i noticed you skipped over 118, was that on purpose? 17:20:11 subtopic 227. FPC repackaging 17:20:14 #info we don't ship this package 17:20:16 subtopic 228. TeXLive2022 17:20:18 #info we don't ship this package 17:20:20 subtopic 229. Noto CJK Variable Fonts 17:20:22 #info we don't ship this package 17:20:24 subtopic 230. IPP-USB as a weak dependency of CUPS and sane-airscan 17:20:26 #info we don't ship this package 17:20:28 jlebon: nope :) - I just missed it 17:20:37 subtopic 118. Restore stricter SSH hostkeys permissions 17:21:13 we've already dealt with some fallout from this in rawhide 17:21:35 https://github.com/coreos/fedora-coreos-tracker/issues/1391 17:21:45 https://github.com/coreos/fedora-coreos-tracker/issues/1394 17:22:24 #info we need to make some changes to allow suid ssh-keygen and also migrate existing permissions on host keys for upgrading systems 17:22:36 anything else? 17:23:26 i commented https://src.fedoraproject.org/rpms/openssh/pull-request/39#comment-129094 which i think would alleviate some of the pressure 17:24:30 jlebon: yeah, probably a conversation worth having 17:24:47 but how would we notify people to update? 17:25:35 we (FCOS) could use CLHM 17:25:57 or ssh themselves could put in a sleep on startup (sleep 5m and then let people in) 17:26:00 we still need the service to migrate, but at least if something goes wrong, users will still be able to ssh into the system 17:26:06 they would possibly notice and then rectify the issue 17:26:21 right, but the problem is, when do you hard cutoff? 17:26:38 i.e. what's the difference between doing a hard cutoff now or later 17:26:50 there must be some extra step to take to notify the user they need to make a change 17:27:24 of course this migration script only handles ssh keys of a known name in a known location 17:27:26 yeah, we can discuss that in the issue with the maintainers maybe. need to make sure my understanding of the situation is right first 17:27:40 i wonder if the name/location is configurable (in sshd config) 17:28:12 maybe instead of carrying the patch as is, SSH still warns but doesn't hard error 17:28:18 I like the idea of a long sleep if the system is found to be in the state where the known host keys are non-compliant 17:28:55 jlebon: do you mind carrying some of our feedback upstream? 17:29:16 dustymabe: ack 17:29:29 #topic open floor 17:29:42 ok - sorry that wasn't a very fun meeting 17:29:52 but productive! 17:30:00 anyone with any topics for open floor ? 17:30:40 #info the splash page revamp has had some further edits/suggestions: https://discussion.fedoraproject.org/t/44632/18 17:30:44 WDYT? 17:32:46 looks neat. i'm still getting used to the 3d look personally :) 17:32:49 forgot to action this before 17:33:25 #action jlebon to take our concerns about host key permission migration script failure to sshd package maintainer 17:33:35 I like the latest iteration 17:34:00 * dustymabe will close out the meeting soon unless new discussion commences 17:34:23 hi there :) FYI there is an update the download page that you can see here: https://fedora.gitlab.io/websites-apps/fedora-websites/fedora-websites-3.0/coreos/download/ 17:34:32 on* 17:35:14 not everything from last feedbacks has been implemented yet 17:35:19 darknao: thanks! 17:35:21 but we're working on it 17:35:29 darknao: thanks 17:35:42 also make sure to try both light/dark theme if you can 17:35:56 darknao: one thing that is important to us that isn't necessarily conveyed well enough 17:36:12 was this bit of feedback: `- Stream metadata querying at page load time` 17:36:27 this is already implemented 17:36:28 darknao: the white on gray of the fedora logo is a bit hard to read 17:36:29 Sorry for delay. dustymabe: yeah I like it a lot more then in the past. jlebon yeah meee to on the 3d. Though I think it looks good. 17:36:33 darknao: oh, nice 17:36:36 the metadata are currently loaded client side 17:36:41 darknao: awesome 17:36:57 that change has real releng consequences :) 17:37:06 the white logo is a known issue, we need to change that :) 17:37:11 +1 17:37:24 I have one question regarding the GCP thing 17:37:31 darknao: go for it 17:37:56 you were talking about the gcp family right, like "fedora-coreos-stable"? 17:38:20 does that need to be shown upfront, or can it be inside a tooltip for instance? 17:38:35 yes, the gcp image family 17:38:53 what is a tooltip? is it hover text? 17:39:27 I'm trying to make that part as generic as possible in case you decide to add more cloud provider here in the future, we don't really want to rework the website everytime :) 17:40:16 darknao: I understand. 17:40:18 yes a hover text, or maybe just write it the same way as the image type on the other download 17:40:51 hover text might not be the best because the user may want to copy/paste the text 17:41:02 could we just expand that one bar if someone clicks on it 17:41:06 so at the same place as the 'vmdk.xz' for instance, but with the image familly 17:42:02 ok so add something like 'show details' that expand and show all the required info on a second line? 17:42:06 in the same place as the vmdk.xz - might not be enough room there 17:42:20 right now the details say: "The current latest image in the fedora-coreos-stable image family is fedora-coreos-37-20230110-3-1-gcp-x86-64" 17:42:37 we could probably cut that down a bit 17:43:04 but I think it gets crowded if you try to put it in the same place as the `vmdk.xz` 17:43:28 how about an expandable text box and a tooltip? 17:43:53 darknao: grab me in #fedora-coreos later and we can hash it out some more? 17:44:05 * dustymabe needs to close out this meeting and go pick kid up from school 17:44:07 we can add a second button next to the launch one, that expand the box with 1 or 2 additionals lines 17:44:12 sure :) 17:44:18 darknao++ 17:44:18 dustymabe: Karma for darknao changed to 7 (for the current release cycle): https://badges.fedoraproject.org/tags/cookie/any 17:44:23 #endmeeting