Postings by Michal Novotny

copr-frontend: fix for webhook secrets leakage


there have been security problem fixed in copr-frontend today. Basically by
forking, you could get to webhook secrets of an original project being
forked. Also the integration page where you can insert pagure api token was
actually available under certain URL if you knew how this URL should be
structured. Both of these problems are now fixed.

Fedora Copr can now flag commits and pull requests from src.fp.o


in addition to auto-rebuilding feature from Fedora DistGit (, we have added possibility to flag commits and pull
requests after an auto-rebuild. This works not only with Fedora DistGit but
with any pagure instance (e.g. also
<a href="" title=""></a> or just The setup
for your Copr project is just a few simple steps. See the documentation

<a href="" title=""></a>

or you can just also follow instructions present in Settings->Integrations
in your Copr project.

experiencing dnf Error: Failed to synchronize cache for repo 'fedora' or ''updates'


I am occasionally experiencing the following error in my day-to-day dnf use:

Failed to synchronize cache for repo 'fedora'


Failed to synchronize cache for repo 'updates'

I've had that happened even in local mock builds.

Do you also experience this error upon dnf operations like `dnf install` or
`dnf refresh` or in local mock builds?

Thank you

copr nomenclature


lots of times, I see name "copr", "Copr", or "COPR" used somewhere but it's
almost never used correctly for the given context.

Review Swap


I would like to do rename of rpkg-client (
<a href="" title=""></a>) to rpkg-util and also I
would like to go the package again through a review process because the
spec might deserve some care:
<a href="" title=""></a>

Can I possibly swap reviews with somebody?

f28-ppc64le chroots finally working in COPR


the fedora-28-ppc64le chroot was no working up until now due to lack of
compose. This was resolved however in issue.
<a href="" title=""></a>


COPR src.fp.o auto-rebuilds


you can now very easily setup auto-rebuilds for your src.fp.o package:

1) make a SCM package in COPR with Clone URL pointing to the src.fp.o fork
(please, use the https:// cloning option)
2) make sure "Webhook Rebuild" checkbox is checked when you are creating
the package
3) Go to settings for your package at src.fp.o and almost at the bottom in
Hooks->Fedmsg section, check "Activate" checkbox and then click on "Update"

If your package is a main package (not a fork), then you can omit step 3.
See <a href="" title=""></a> for more info.
COPR team

Planned Outage: COPR BACKEND upgrade - 2018-01-16 09:00 UTC

Planned Outage: COPR BACKEND upgrade - 2018-01-16 09:00 UTC

There will be an outage starting at 2018-01-16 09:00 UTC, which will last
approximately 0.5 hours.

To convert UTC to your local time, take a look at
<a href="" title=""></a> or run: date -d
'2018-01-16 09:00 UTC'

Reason for outage:

Upgrade of copr-backend machine to f27

Affected Services:

copr-backend - <a href="" title=""></a>

Ticket Link:

<a href="" title=""></a>

Contact Information:

Please join #fedora-admin or

is there logstash alternative in Fedora?


I am looking for an alternative for Java logstash application (not in
Fedora) that can parse logs (e.g. httpd access.log) and collect stats about
number of occurrences for a given search pattern (basically it can e.g.
group by IP and give number of lines for each IP and then post it to some
url address). Is there anything like this currently? I am about to
implement it but wanted to make sure I won't be doing something which
already exists.

Thank you

COPR: usage of http:// in python client


we have found out that <a href="" title=""></a> was used as default
API endpoint if no copr_url was specified for CoprClient initialization.
This is now fixed in the latest version of python-copr (python-copr-1.84)
and we recommend updating to that version. Also we have decided to revoke
user API tokens for which there have been accesses through the http
interface recently. You can find the list of the affected users in the
attachment and we apologize for this. Please, use
<a href="" title=""></a> to retrieve new tokens.

long waiting times for COPR jobs


lately, COPR pending job queues are holding jobs for pretty long time (even
hours). This is a buggy behaviour and we will be doing our best to fix this
issue in the following days.

Thank your for your patience
COPR team

modularity: (my) expectations vs. reality

I would like to publicly note that I had completely different idea about
this project first time I have encountered it at the last Flock.

My idea was that the project will target runtime rather than build-time and
will try to provide a set of packages that would be able to
e.g. spawn and run an httpd stack almost at one command.

So that we will basically have e.g.

COPR strategy


we will have soon a planning meeting that should determine a more long-term
strategy and bring us to a team agreement on what COPR currently is and
what it should be in half a year or so.

I would like to kindly ask for some input here on the devel list to find
out what the actual expectations of COPR are and if there are any ideas
about what could COPR bring to the game.


New copr-frontend release


I am sending these release notes also to fedora-devel list (and not just
copr-devel list as usually) because they contain information
about upcoming Fedora branching and what features COPR provides to move the
set of packages from your rawhide chroots into the newly branched ones.

We have just released copr-frontend-1.118.

mock's dual bootstrapping enabled by default for existing copr projects


while working on another thing, I noticed that when use_bootstrap_container
project option was introduced (Wed Jun 14 this year), it was introduced as
enabled for existing COPR projects at that time. That was not exactly
intended as this feature is experimental.

Enabling this option makes mock setup two chroots during build:

- "bootstrap" one with the latest dnf, rpm (and other build tools) for the
given build chroot (e.g.

Review swap


I have implemented a set of macros specific for module development. I would
be happy to review your package if you can review mine:
<a href="" title=""></a>


COPR rawhide repo links

Dear rawhide users,

if you have enabled a COPR repo in the last three months (since the
beginning of December last year till yesterday), then it points to
fedora-$releasever-$basearch. You can reenable it by using `dnf copr enable
<project>` to get .repo file pointing to actual fedora-rawhide chroot in
the given project.

Sorry for this

COPR auto-rebuilds on pagure commits


I'd like to announce that we now support package auto-rebuilding on a new
commit(s) into a Pagure repository. Apart from having your package repo
hosted in Pagure, you just need to enable firing of fedmsg notifications
for new commits by clicking a single checkbox in 'Hooks' section...well,
then you also need to save this setting and have auto-rebuilding enabled
for the copr package but that really is it, I promise :).


Package Reviews Statistics


as a new Fedora Infrastructure apprentice, I am currently working on this
first infrastructure ticket
<a href="" title=""></a>.

Basically, I updated an old script that collects stats on packages reviews
present on Bugzilla. I wonder if this information could actually be useful
(or at least interesting) to some people and if weekly automated updates
(as described in the ticket) are worth the effort :).

To find this out, I ran the script manually to show you what kind of
information it provides.