This talk will discuss the Fedora CI project and use the rpminspect tool as an example. It will be about 25% on Fedora CI and 75% on rpminspect, but that's not a hard and fast rule. rpminspect is a new tool being developed to help ensure packaging policy and build reliability. I call rpminspect a "build deviation analysis tool". It checks for policy compliance as well as things like ABI differences. Did new symbols appear in shared libraries? Did any disappear? Do we have all of the hardened options enabled for the build? Are there any unapproved setuid executables? And so on. rpminspect can check a single build or compare one build to another. Developers can run it locally or it can run via Fedora CI and report results that way.
https://github.com/dcantrell/rpminspectPackage maintainers and developers are the main audience. Anyone interested in helping improve the way we keep Fedora reliable and stable. rpminspect is open for contributions and part of the talk will involve explaining how to contribute.
