Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
New AlmaLinux Build System - Achieving Transparency & Future Roadmap

AlmaLinux OS Foundation believes that making it easy for community members to build packages and images is a fundamental part of growing and ensuring a healthy enterprise Linux ecosystem. AlmaLinux is fully open source and supported by a growing list of members helping to improve each version. To that end, we started work long ago to make sure that our build system is also transparent and open for use by any organization that is interested in building a better Linux distribution.

They announced the first fruits of their efforts, ALBS, The AlmaLinux Build System. The read-only access to our build system is available at: https://build.almalinux.org/

It has been quite some time since they released the source for the AlmaLinux Build System by releasing it under GPLv3 license: https://github.com/AlmaLinux/build-system. However, code will only take you so far.

Since then, it has been bootstrapped, deployed, used to build AlmaLinux OS 8.6 as well as AlmaLinux OS 9.0 for all four platforms: x86_64, Arm aarch64, PowerPC ppc64le & s390x. This system is also used to generate & publish errata and sign packages.

They are adding the next stage of transparency for the build processes by releasing anonymous, read-only access to our build system. This allows anyone to see what packages are being built right now, when a particular package was built, when a package build fails, and all the logs associated with the build process for each and every package.

Build system is available at build.almalinux.org. The User Guide for the new version of the build system can be found on the github site: https://github.com/AlmaLinux/build-system/wiki/AlmaLinux-Build-System-User-Guide

In addition to this initial read-only access, we've begun building updates delivering fully functional OVAL files for use by OpenSCAP as well as any other security software. The OVAL files have all the errata information, as well as mitigation recommendations and support for modules too.

Information on OVAL Streams and files can be accessed in the wiki at https://wiki.almalinux.org/documentation/oval-streams.html.

Future Roadmap

By the end of July, they plan to:

  • Introduce a robust RBAC system to enable and grant access to maintainers and contributors from different organizations to build packages
  • Add SBOM support for builds by integrating with CodeNotary ensuring package provenance and constitution is well documents and transparent

In the future, they are looking into:

  • Implement Organization/SIG namespaces within the build system
  • Add COPR support
  • Automate VM & container image building & publishing

The AlmaLinux OS Foundation wants to make it easy for people to build packages and images for the "Enterprise Linux" ecosystem for any organization that is interested in doing so.

If you would like to participate - join us at on the AlmaLinux Community Chat at https://chat.almalinux.org, the AlmaLinux Community on Reddit or catch us on Twitter.

Published Tuesday, June 21, 2022 10:35 AM by David Marshall
Filed under:
Get This Featured White Paper: Data Deduplication for Backup Q&A
You may also be interested in this white paper: The Rise of Shadow Encryption: Combatting the Next Generation of Ransomware
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<June 2022>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789