17:01:06 <Son_Goku> #startmeeting FESCO (2023-12-14)
17:01:06 <zodbot> Meeting started Thu Dec 14 17:01:06 2023 UTC.
17:01:06 <zodbot> This meeting is logged and archived in a public location.
17:01:06 <zodbot> The chair is Son_Goku. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions.
17:01:06 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
17:01:06 <zodbot> The meeting name has been set to 'fesco_(2023-12-14)'
17:01:08 <zodbot> michel-slm: An error has occurred and has been logged. Please contact this bot's administrator for more information.
17:01:13 <michel-slm> wow zodbot
17:01:15 <Son_Goku> #meetingname fesco
17:01:15 <zodbot> The meeting name has been set to 'fesco'
17:01:15 <jonathanspw> .hi
17:01:16 <zodbot> jonathanspw: Something blew up, please try again
17:01:19 <zodbot> jonathanspw: An error has occurred and has been logged. Please contact this bot's administrator for more information.
17:01:21 <sgallagh> .hi
17:01:22 <zodbot> sgallagh: Something blew up, please try again
17:01:26 <zodbot> sgallagh: An error has occurred and has been logged. Please contact this bot's administrator for more information.
17:01:27 <Son_Goku> #chair nirik, decathorpe, zbyszek, sgallagh, mhroncok, dcantrell, mhayden, Conan_Kudo, Pharaoh_Atem, Son_Goku, King_InuYasha, Sir_Gallantmon, Eighth_Doctor, tstellar
17:01:27 <zodbot> Current chairs: Conan_Kudo Eighth_Doctor King_InuYasha Pharaoh_Atem Sir_Gallantmon Son_Goku dcantrell decathorpe mhayden mhroncok nirik sgallagh tstellar zbyszek
17:01:36 <dcantrell> everyone stop blowing stuff up
17:01:40 <michel-slm> so the meeting functions work but hello is dead
17:01:46 <jonathanspw> dcantrell: you try then :D
17:01:47 <mhayden> .hello2
17:01:48 <zodbot> mhayden: Something blew up, please try again
17:01:51 <Son_Goku> .hello ngompa
17:01:51 <zodbot> mhayden: An error has occurred and has been logged. Please contact this bot's administrator for more information.
17:01:54 <zodbot> Son_Goku: Something blew up, please try again
17:01:55 <dcantrell> .hello2
17:01:57 <zodbot> Son_Goku: An error has occurred and has been logged. Please contact this bot's administrator for more information.
17:01:59 <Son_Goku> well oof
17:02:01 <zodbot> dcantrell: Something blew up, please try again
17:02:04 <zodbot> dcantrell: An error has occurred and has been logged. Please contact this bot's administrator for more information.
17:02:08 <dcantrell> crap, I did it
17:02:14 <mhayden> .lol
17:02:18 <jonathanspw> dcantrell stop blowing stuff up
17:02:22 <dcantrell> we're getting the ACME treatment here like we're all coyotes
17:02:33 <Son_Goku> yup
17:02:58 <sgallagh> Meep meep
17:03:04 <Son_Goku> so uhh
17:03:16 <Son_Goku> nirik: any idea what's going on (assuming you're around)?
17:03:45 <Son_Goku> anyway, I guess we'll just go on with our lives
17:03:54 <Son_Goku> #topic init process
17:04:08 <nirik> it's just the plugin bug... I can reload it.
17:04:14 <tstellar> .hello tstellar
17:04:15 <zodbot> tstellar: Something blew up, please try again
17:04:17 <zodbot> tstellar: An error has occurred and has been logged. Please contact this bot's administrator for more information.
17:06:32 <sgallagh> Ah well. Everything is broken. Time for vacation.
17:06:45 <Son_Goku> .hello ngompa
17:06:46 <zodbot> Son_Goku: ngompa 'Neal Gompa' <ngompa13@gmail.com>
17:06:49 <Son_Goku> woot
17:06:52 <jonathanspw> .hi
17:06:53 <zodbot> jonathanspw: jonathanspw 'Jonathan Wright' <jonathan@almalinux.org>
17:06:58 <dcantrell> .hello2
17:06:59 <zodbot> dcantrell: dcantrell 'David Cantrell' <dcantrell@redhat.com>
17:07:02 <nirik> it's just that lookup... nothing else. ;)
17:07:11 <tstellar> .hello tstellar
17:07:12 <zodbot> tstellar: tstellar 'Tom Stellard' <tstellar@redhat.com>
17:07:25 <michel-slm> .hello salimma
17:07:26 <zodbot> michel-slm: salimma 'Michel Lind' <michel@michel-slm.name>
17:07:28 <mhayden> .hello2
17:07:32 <zodbot> mhayden: mhayden 'Major Hayden' <mhayden@redhat.com>
17:07:34 <sgallagh> .hi
17:07:35 <zodbot> sgallagh: sgallagh 'Stephen Gallagher' <sgallagh@redhat.com>
17:08:50 <Son_Goku> I think that's everyone so far, do we have enough for quorum?
17:08:52 <mhayden> nirik++
17:08:52 <zodbot> mhayden: Karma for kevin changed to 9 (for the release cycle f39):  https://badges.fedoraproject.org/tags/cookie/any
17:08:59 <Son_Goku> nirik++
17:09:00 <zodbot> Son_Goku: Karma for kevin changed to 10 (for the release cycle f39):  https://badges.fedoraproject.org/tags/cookie/any
17:09:21 <nirik> I guess I'm here...
17:09:35 <mhayden> 🪑
17:10:01 <Son_Goku> is 5 enough for quorum (if I don't count sort-of-here nirik)?
17:10:24 <sgallagh> Yes, five is quorum
17:10:35 <Son_Goku> then let's go into our first topic
17:10:40 <Son_Goku> #topic  #3101 Change: Remove OpenSSL Compat
17:10:53 <Son_Goku> .fesco 3101
17:10:54 <zodbot> Son_Goku: Issue #3101: Change: Remove OpenSSL Compat - fesco - Pagure.io - https://pagure.io/fesco/issue/3101
17:11:38 <nirik> looks like we could approve this and hope python3.6 will be moved (or use contengency if it's not?)
17:12:24 <Son_Goku> maybe we can just have them chop off the -devel package initially and then retire it once all consumers failing mass build are ported/retired?
17:12:49 <jonathanspw> Is non-FESCo feedback wanted/welcome?
17:12:53 <Son_Goku> absolutely
17:12:59 <Son_Goku> that's why these are open meetings
17:13:12 <jonathanspw> Maybe a dumb question, but if RH is going to keep maintaining it for EL8 anyway why remove it from Fedora when we can still get said patches and such?
17:13:22 <sgallagh> Sure, we don’t mind ignoring non-FESCo people either ;-)
17:13:28 <jonathanspw> sgallagh: touche :D
17:13:51 <tstellar> Is droping python 3.6 an option?
17:13:56 <Son_Goku> not yet
17:14:03 <decathorpe> .hi
17:14:05 <zodbot> decathorpe: decathorpe 'Fabio Valentini' <decathorpe@gmail.com>
17:14:05 <decathorpe> sorry for being late
17:14:13 <nirik> python folks want to keep it for tests/etc since it's staying in rhel
17:14:16 <sgallagh> It’s undesirable, but not impossible.
17:14:49 <Son_Goku> jonathanspw: this is a reasonable question
17:14:50 <michel-slm> have we asked the python folks how hard it would be to port py3.6 to openssl3?
17:14:53 <dcantrell> I don't think it's reasonable to remove it until python3.6 has a plan.  The bug is filed, sure, but I think voting on the removal should be done after python has done their work
17:15:59 <tstellar> The comment on the discussion makes it seem like porting to OpenSSL 3 will be difficult: https://discussion.fedoraproject.org/t/f40-change-proposal-removing-openssl-1-1-package-system-wide/92899/3
17:17:06 <Son_Goku> in that case, another option is to find someone who is willing to maintain the package in the interim until py3.6 is retired at rhel 8 eol
17:17:20 <sgallagh> @jonathanspw: Someone has to do the work. If the maintainer is looking to retire it from Fedora, that carries the implication that they lack the cycles to continue maintaining it
17:17:42 <tstellar> Yeah it seems like either the python team would need to maintain it or maybe even bundle it.
17:17:50 <decathorpe> backporting patches from RHEL 8 should be possible? openssl 1.1 continues to be maintained there IIUC
17:17:53 <Son_Goku> yes
17:18:11 <sgallagh> I’m a hard “no” on bundling OpenSSL anywhere, thankyouverymuch.
17:18:15 <jonathanspw> Simplest solution might be an email to devel to see who's willing to step up.
17:18:15 <Son_Goku> same
17:18:20 <michel-slm> just making openssl 1.1 track rhel sounds better than bundling, yeah
17:18:23 <jonathanspw> (to maintain backports)
17:18:32 <Son_Goku> please don't bundle crypto libraries 😨
17:18:46 <sgallagh> (Or write your own)
17:18:51 <Son_Goku> ehhhhhh
17:19:03 <Son_Goku> that one is more nuanced
17:19:10 <nirik> ha
17:19:28 <Son_Goku> anyway, I think jonathanspw's query and suggestion is reasonable
17:19:32 <nirik> we could just punt here and see how the porting looks later?
17:19:39 <Son_Goku> that's also an option
17:20:03 <Son_Goku> we can explicitly punt until mid january I guess?
17:20:04 <sgallagh> Or approve conditionally
17:20:18 <Son_Goku> sgallagh: any proposal for that?
17:21:05 <sgallagh> Proposal: Approved, contingent upon python3.6 being ported to OpenSSL 3.
17:21:18 <sgallagh> But maybe punting to Jan and seeing where we are then makes sense
17:21:20 <nirik> +1 here to that. (I'm also fine to wait)
17:21:29 <Son_Goku> +1 from me
17:21:43 <tstellar> I think it should be something like: "Approved, but OpenSSL compat will be orphaned not removed"
17:21:48 <dcantrell> -1, I'd rather look at things in January and see where it stands.  either openssl maintainer steps up or python3.6 has stuff in motion
17:22:13 <Son_Goku> hmm, let's see how I can blend this
17:22:27 <sgallagh> Sounds like we won’t be able to reach a decision today with the limited attendees. So let’s punt
17:22:32 <Son_Goku> yeah
17:22:44 <tstellar> I'm also fine just waiting, but I think the search for an OpenSSL compat maintainer should start now.
17:23:00 <tstellar> It seems unlikely to me that python will get ported, but you never know.
17:23:01 <sgallagh> I’ll check the couch cushions.
17:23:03 <dcantrell> I was going to email the current RHEL-8 maintainers
17:23:12 <dcantrell> of openssl11
17:23:32 <tstellar> Really, the people who want python3.6 to stay in Fedora should take responsibility for this.
17:23:45 <Son_Goku> Proposal: Punt until the first January FESCo meeting to review this again. FESCo would like to see if there is anyone who'd like to step up to help maintain the openssl1.1 package if it's still needed.
17:23:59 <sgallagh> +1
17:24:02 <dcantrell> +1
17:24:05 <tstellar> +1
17:24:21 <mhayden> +1
17:24:33 <nirik> +1, but I hope it can be retired. ;)
17:24:40 <Son_Goku> decathorpe, your vote?
17:24:53 <Son_Goku> and of course, +1 for my proposal
17:25:31 <decathorpe> +1
17:26:43 <Son_Goku> #agreed FESCo will punt reviewing this until the first January meeting. FESCo would like to see if there is anyone who'd like to step up to help maintain the openssl1.1 package if it's still needed. (+7, 0, -0)
17:27:04 <Son_Goku> next up...
17:27:12 <Son_Goku> #topic #3119 Numerous package git repos fail git-fsck, causing issues for mirroring, and need to be fixed
17:27:16 <Son_Goku> .fesco 3119
17:27:18 <zodbot> Son_Goku: Issue #3119: Numerous package git repos fail git-fsck, causing issues for mirroring, and need to be fixed - fesco - Pagure.io - https://pagure.io/fesco/issue/3119
17:28:19 <dcantrell> I did more research on this and I am uncomfortable with the idea of archiving git history rather than fixing the bad author and committer strings in the reflogs.  Through the magic of git-filter-repo this should be 100% possible.  I've done it in the past with git filter-branch
17:29:00 <nirik> I think probibly saving off the current repos and filtering is probibly best... because we want to have somewhere that has hashes that were used for builds in koji.
17:29:13 <dcantrell> yes
17:29:22 <Son_Goku> I don't think it was ever a question we wouldn't do that?
17:30:04 <dcantrell> maybe I misunderstood, but the previous discussion and comments were talking about tarring up .git and starting over rewriting all history, so getting new commit IDs
17:30:09 <dcantrell> at least that's how i read it
17:30:17 <Son_Goku> yeah we don't need to do that
17:30:26 <nirik> well, there were proposals to save the old repo into the new one in another branch. I am not sure if that keeps everything.. and would be confusing.
17:30:31 <Son_Goku> the original releng ticket was just rewriting the history and storing the original refs elsewhere
17:30:33 <sgallagh> Not starting over, but rewriting history on the affected branches.
17:30:39 <sgallagh> Which is all of them, really
17:31:15 <nirik> such a fuss over a single < (I think it is)
17:31:34 <sgallagh> And a space!
17:31:49 <dcantrell> sgallagh: git terminology is dense, when you say rewriting history do you mean preserving IDs and fixing data or generating new IDs along with correct data?
17:32:06 <nirik> in order to change the repo you change the commit hashes.
17:32:16 <sgallagh> You literally cannot preserve IDs and fix data
17:32:26 <sgallagh> The IDs are derived from that data
17:32:38 <Son_Goku> there is no such thing as metadata in git's model
17:32:43 <Son_Goku> it's all primary data
17:33:09 <dcantrell> ok, so some years ago I corrected both an email address and a committers name and the ID remained the same.  what did I do then?
17:33:10 <sgallagh> There might be some fields that wouldn’t alter the ID, but this isn’t one of them
17:33:31 <sgallagh> dcantrell: LSD? Because that definitely didn’t happen ;-)
17:33:45 <Son_Goku> unless you got reeeeally lucky and got a collision
17:33:49 <tstellar> Will Florian's suggestion to move them to a different branch in the same repo work, or will git fsck still fail in that case? https://pagure.io/fesco/issue/3119#comment-887427
17:33:52 <dcantrell> no collision
17:34:00 <dcantrell> this was a stack of filter-branch stuff
17:34:07 <michel-slm> just fixing it in the latest commit is not enough right? any wrong commit in the history would fail fsck
17:34:11 <Son_Goku> yes
17:34:21 <Son_Goku> any referenced blob will cause it to fail
17:34:24 <dcantrell> maybe it generated a new ID and new to step to the new one for the corrected data, I have no idea
17:34:54 <sgallagh> There are some tricks to change the reference of a commit ID to point to a different commit
17:34:56 <Son_Goku> tstellar: the key is whether `git push --mirror` includes those blobs
17:35:06 <sgallagh> But the original broken commit would have to remain in the history.
17:35:32 <Son_Goku> if `git push --mirror` doesn't include the broken commits, then it's fine
17:35:38 <sgallagh> Which would then not fix the issue before us.
17:36:23 * nirik is fine punting this to the new year too, but might be just me. ;)
17:36:38 <Son_Goku> yeah, we can push this off and then have more people look at it
17:36:50 <sgallagh> It’s not urgent since I sidestepped the problem for CentOS Stream 10
17:37:02 <dcantrell> ok, let's discuss in Jan
17:37:24 <Son_Goku> Proposal: Punt until the first January FESCo meeting to review this again.
17:37:31 <dcantrell> +1
17:37:34 <Son_Goku> +1
17:37:45 <mhayden> +1
17:37:49 <sgallagh> +1
17:37:53 <tstellar> +1
17:38:04 <nirik> +1
17:38:15 <Son_Goku> decathorpe: vote?
17:39:05 <michel-slm> apologies if this has been asked but... is there a way to ensure repos that are not currently affected won't develop this problem?
17:39:25 <michel-slm> e.g. make pagure run git-fsck and reject push, but with an allowlist for the known-broken repos
17:40:03 <Son_Goku> it's possible to do that server side, similarly to how we have a hook to block pushes when non-uploaded sources are included
17:40:25 <Son_Goku> oh wait, that hook is client side, but it _could_ be server side
17:40:43 <michel-slm> is it worth making it an action item, while we punt the cleanup strategy until January?
17:41:14 <Son_Goku> we cannot deploy it until after these repos are fixed though
17:41:26 <Son_Goku> otherwise pushes will start failing
17:41:34 <michel-slm> Son_Goku: I suggested allowlisting the known broken repos :)
17:41:44 <Son_Goku> okay fair :)
17:42:03 <michel-slm> basically a mitigation to stop the bleed, and we can remove the allowlist once the repos are cleaned up
17:42:09 <nirik> I would think it would be possible to do a hook, but not sure how much work it would be
17:42:47 <michel-slm> we'll need to enforce this at some point anyway right?
17:43:24 <Son_Goku> Proposal: Punt until the first January FESCo meeting to review this again. FESCo would like some kind of server-side hook in pagure to prevent further damage regardless.
17:43:45 <nirik> I'm not sure we would.
17:44:00 <Son_Goku> no?
17:44:07 <nirik> I guess for rhel11...
17:44:35 <Son_Goku> well and I would also like remote pull requests to not be broken
17:44:55 <Son_Goku> that feature depends on people being able to push repos to arbitrary git servers
17:45:41 <nirik> are there other forges that don't allow fsck.skipList (like gitlab)?
17:45:57 <Son_Goku> all of them
17:46:32 <Son_Goku> the only reason pagure doesn't have the fsck thing is that we use libgit2 instead of git for most repository processing and handling
17:47:20 <nirik> ok. I would think it would make sense to have a skipList setting, but whatever
17:47:31 <Son_Goku> I agree, but it doesn't exist
17:47:42 <Son_Goku> needless to say when pagure gets fsck stuff wired up, we're going to have that exposed
17:48:28 <Son_Goku> anyway, I need to go soon, so can we vote on this?
17:48:31 <dcantrell> (afk for a bit...)
17:48:35 <nirik> well, it 100% exists in git-fsck... just no one allows you to use it on mirroring I guess?
17:49:06 <Son_Goku> no one allows configuring it as far as I can tell at all
17:49:18 <Son_Goku> not github/ghe, not gitlab, etc.
17:49:54 <Son_Goku> same for the gogs family as far as I can tell
17:49:59 <decathorpe> oops, sorry, got distracted
17:50:06 <decathorpe> +1 to punt if you still need my vote
17:50:30 <Son_Goku> anyway, we can go with the original punt-only proposal
17:50:38 <Son_Goku> I really need to go so I'll just proc that
17:50:58 <Son_Goku> #agreed Punt until the first January FESCo meeting to review this again. (+7, 0, -0)
17:51:20 <Son_Goku> so now we're done with that...
17:51:21 <Son_Goku> #topic Next week's chair
17:51:49 <sgallagh> I think we agreed last week to skip the next two and I’d run the first of the new year.
17:51:54 <Son_Goku> oh right
17:52:15 <Son_Goku> #action sgallagh will run the first FESCo meeting of the new year
17:52:28 <Son_Goku> #info FESCo meetings are canceled for the remainder of the year
17:52:39 <Son_Goku> #topic Open Floor
17:52:46 <Son_Goku> anything anyone wants to say now?
17:52:53 <Son_Goku> or I can end it all...
17:52:55 <tstellar> Is everything on track with the elections?
17:53:14 <Son_Goku> seems to be
17:53:29 <Son_Goku> amoloney seems to have gotten things in order now
17:53:41 <sgallagh> I hope everyone on FESCo has voted?
17:53:58 <jonathanspw> I voted :)
17:54:24 <mhayden> I saw Ubuntu enabled frame pointers for profiling -- this makes me feel a bit better about our decision 👏
17:54:41 <Son_Goku> I'm... peeved that Fedora didn't get any credit there.
17:54:51 <mhayden> eh, i'm just glad to get confirmation
17:54:57 <mhayden> that was a tough decision making process
17:55:04 <sgallagh> Ubuntu claiming credit for Fedora’s moves is kind of their entire history.
17:55:08 <Son_Goku> well, they gave us credit for the x86_64-v3 evaluation
17:55:29 <michel-slm> but not for oomd :)
17:55:31 * mhayden claims credit for sgallagh's moves all the time
17:55:43 <Son_Goku> sgallagh: yeah, it still bites though
17:55:50 * sgallagh is still bitter that Ubuntu claimed credit for SSSD fifteen years ago.
17:56:03 <Son_Goku> wait seriously?
17:56:05 <Son_Goku> ffs
17:56:18 <Son_Goku> they claimed credit for sssd?!
17:56:28 <sgallagh> Yep
17:56:32 <Son_Goku> ugh
17:56:32 <mhayden> well i hope that all of you have awesome holidays and get some time to relax with people you care about over the next couple of weeks! ♥️
17:56:41 <Son_Goku> same to everyone else
17:56:46 <jonathanspw> See you all next year!
17:56:46 <Son_Goku> and now time to end it all :)
17:56:49 <sgallagh> And to you!
17:56:54 <mhayden> 2024 is a leap year!
17:57:00 <Son_Goku> Happy Holidays and watch that step!
17:57:02 <Son_Goku> #endmeeting