Rocky Linux is currently using the Fedora build tools like Koji and MBS to build the sources. These are great tools that have served us very well, but didn't align with our goals of having a cloud native build system. With the soon-to-be released Peridot, the entire ecosystem of Linux Distribution building tools will be incorporated into a microservice infrastructure and extended to create forks, extended builds, and provide better transparency and trust into the operating system supply chain.
Speakers:
- Zane Hamilton, Vice President Sales Engineering, CIQ
- Neil Hanlon, Infrastructure Lead, CIQ
Note: This transcript was created using speech recognition software. While it has been reviewed by human transcribers, it may contain errors.
Transcript:
Zane Hamilton:
How does the build system we have offer additional trust to the resulting packages that come out which make up Rocky Linux?
Neil Hanlon:
Sure. Just to clarify, Rocky is currently using the Fedora build tools: Koji, Module Build Service, those sorts of artifacts, to build the sources for CentOS 8. And those tools are awesome. They take a lot of time to wrap your head around, but once you get them up and running, they work great. What we found when we were learning about these tools is that they didn't integrate great into the toolchains that we wanted to use and wanted to try and integrate into our stacks in a more cloud-native way.
What resulted from all of this was essentially a build system that we are calling Peridot. One of the things that we're really just trying to do with the entire build system, including with Peridot, is provide better transparency and more transparency into everything that goes on – from the sources that we're ingesting upstream from git.centos.org to the artifacts that we publish down at dl.rockylinux.org.