stable: new release on 2024-04-09 (39.20240322.3.1)

[dustymabe]

First, verify that you meet all the prerequisites

Edit the issue title to include today's date. Once the pipeline spits out the new version ID, you can append it to the title e.g. (31.20191117.3.0).

Pre-release

Promote testing changes to stable

• Add the ok-to-promote label to the issue
• Review the promotion PR against the stable branch on https://github.com/coreos/fedora-coreos-config
• Once CI has passed, merge it

Manual alternative

Sometimes you need to run the process manually like if you need to add an extra commit to change something in manifest.yaml. The steps for this are:

• git fetch upstream
• git checkout stable
• git reset --hard upstream/stable
• /path/to/fedora-coreos-releng-automation/scripts/promote-config.sh testing
• Open PR against the stable branch on https://github.com/coreos/fedora-coreos-config

Build

• Start a build job (select stable, leave all other defaults). This will automatically run multi-arch builds.
• Post links to the jobs as a comment to this issue
  • x86_64
  • aarch64 (multi-arch build job)
  • ppc64le (multi-arch build job)
  • s390x (multi-arch build job)
• Wait for the jobs to finish and succeed
  • x86_64
  • aarch64
  • ppc64le
  • s390x

Sanity-check the build

Using the the build browser for the stable stream:

• Verify that the parent commit and version match the previous stable release (in the future, we'll want to integrate this check in the release job)
  • x86_64
  • aarch64
  • ppc64le
  • s390x
• Check kola extended upgrade runs to make sure they didn't fail
  • x86_64
  • aarch64
  • ppc64le
  • s390x
• Check kola AWS runs to make sure they didn't fail
  • x86_64
  • aarch64
• Check kola OpenStack runs to make sure they didn't fail
  • x86_64
  • aarch64
• Check kola Azure run to make sure it didn't fail
  • x86_64
• Check kola GCP runs to make sure they didn't fail
  • x86_64
  • aarch64

⚠️ Release ⚠️

IMPORTANT: this is the point of no return here. Once the OSTree commit is
imported into the unified repo, any machine that manually runs rpm-ostree upgrade will have the new update.

Run the release job

• Run the release job, filling in for parameters stable and the new version ID
• Post a link to the job as a comment to this issue
• Wait for job to finish

At this point, Cincinnati will see the new release on its next refresh and create a corresponding node in the graph without edges pointing to it yet.

Refresh metadata (stream and updates)

• Wait for all releases that will be released simultaneously to reach this step in the process
• Go to the rollout workflow, click "Run workflow", and fill out the form

Rollout general guidelines

Risk	Day of the week	Rollout Start Time	Time allocation
risky	Tuesday	2PM UTC	72H
common	Tuesday	2PM UTC	48H
rapid	Tuesday	2PM UTC	24H

When setting a rollout start time ask "when would be the best time to react to
any errors or regressions from updates?". Commonly we select 2PM UTC so that the
rollout's start at 10am EST(±1 for daylight savings), but these can be fluid and
adjust after talking with the fedora-coreos IRC. Note, this is impacted by the
day of the week and holidays.

The later in the week the release gets held up due to unforeseen issues the more
likely the rollout time allocation will need to shrink or the release will need
to be deferred.

Manual alternative

• Make sure your fedora-coreos-stream-generator binary is up-to-date.

From a checkout of this repo:

• Update stream metadata, by running:

fedora-coreos-stream-generator -releases=https://fcos-builds.s3.amazonaws.com/prod/streams/stable/releases.json  -output-file=streams/stable.json -pretty-print

• Add a rollout. For example, for a 48-hour rollout starting at 10 AM ET the same day, run:

./rollout.py add stable <version> "10 am ET today" 48

• Commit the changes and open a PR against the repo

• Verify that the expected OS versions appear in the PR on https://github.com/coreos/fedora-coreos-streams
• Post a link to the resulting PR as a comment to this issue
• Review and approve the PR, then wait for someone else to approve it also
• Once approved, merge it and verify that the sync-stream-metadata job syncs the contents to S3
• Verify the new version shows up on the download page
• Verify the incoming edges are showing up in the update graph.
  • x86_64
  • aarch64
  • ppc64le
  • s390x

Update graph manual check

curl -H 'Accept: application/json' 'https://updates.coreos.fedoraproject.org/v1/graph?basearch=x86_64&stream=stable&rollout_wariness=0'
curl -H 'Accept: application/json' 'https://updates.coreos.fedoraproject.org/v1/graph?basearch=aarch64&stream=stable&rollout_wariness=0'
curl -H 'Accept: application/json' 'https://updates.coreos.fedoraproject.org/v1/graph?basearch=ppc64le&stream=stable&rollout_wariness=0'
curl -H 'Accept: application/json' 'https://updates.coreos.fedoraproject.org/v1/graph?basearch=s390x&stream=stable&rollout_wariness=0'

NOTE: In the future, most of these steps will be automated.

Housekeeping

• If one doesn't already exist, open an issue in this repo for the next release in this stream. Use the approximate date of the release in the title.
• Issues opened via the previous link will automatically create a linked Jira card. Assign the GitHub issue and Jira card to the next person in the rotation.

[dustymabe]

fast-track PR for rpm-ostree update for CVE-2024-2905

• [stable] overrides: fast-track rpm-ostree-2024.4-6.fc39 fedora-coreos-config#2951

[dustymabe]

• x86_64 Build ✅

[dustymabe]

• aarch64 Build ❌

Pipeline failed during signing but robosignatory did sign everything OK. I was able to get into the pod and do the verification by commented out the fedmsg parts:

[builder@coreos-aarch64-builder build-arch]$ cosa sign --build=39.20240322.3.1 --arch=aarch64 robosignatory --s3 fcos-builds/prod/streams/stable/builds --aws-config-file **** --extra-fedmsg-keys stream=stable --images --gpgkeypath /etc/pki/rpm-gpg --fedmsg-conf ****
warning: /sys/fs/selinux appears to be mounted but should not be; enabling workaround                                                                                                                                                                                                                             
2024-04-09 21:30:40,735 INFO - Credentials found in config file: ****
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-ostree.aarch64.ociarchive                                                                                                                                                                                                    
gpg: Signature made Tue Apr  9 20:26:27 2024 UTC                                                                                                                                                                                                                                                                  
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                                                                                                                                                        
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                   
gpg: WARNING: This key is not certified with a trusted signature!                                                                                        
gpg:          There is no indication that the signature belongs to the owner.                                                                            
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                                                                                                                                                       
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-ostree.aarch64-manifest.json.xz                                                                                                                                                                                              
gpg: Signature made Tue Apr  9 20:26:27 2024 UTC                                                                                                                                                               
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                           
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                   
gpg: WARNING: This key is not certified with a trusted signature!                                                                                        
gpg:          There is no indication that the signature belongs to the owner.                                                                            
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                              
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-qemu.aarch64.qcow2.xz                                                                                                                                                                                                        
gpg: Signature made Tue Apr  9 20:26:52 2024 UTC                                                                                                                                                               
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                           
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                   
gpg: WARNING: This key is not certified with a trusted signature!                                                                                        
gpg:          There is no indication that the signature belongs to the owner.                                                                            
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                              
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-openstack.aarch64.qcow2.xz                                                                                                                                                                                                   
gpg: Signature made Tue Apr  9 20:27:15 2024 UTC                                                                                                                                                               
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                                                                                                                                                        
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                   
gpg: WARNING: This key is not certified with a trusted signature!                                                                                        
gpg:          There is no indication that the signature belongs to the owner.                                                                            
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                                                                                                                                                       
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-metal.aarch64.raw.xz                                                                                                                                                                                                         
gpg: Signature made Tue Apr  9 20:27:39 2024 UTC                                                                                                                                                                                                                                                                  
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                                                                                                                                                        
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                                                                                                                                                            
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                                                                                                                                                                 
gpg:          There is no indication that the signature belongs to the owner.                                                                                                                                                                                                                                     
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                                                                                                                                                       
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-metal4k.aarch64.raw.xz                                                                                                                                                                                                       
gpg: Signature made Tue Apr  9 20:28:03 2024 UTC                                                                                                                                                                                                                                                                  
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                                                                                                                                                        
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                                                                                                                                                            
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                                                                                                                                                                 
gpg:          There is no indication that the signature belongs to the owner.                                                                                                                                                                                                                                     
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                                                                                                                                                       
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-applehv.aarch64.raw.gz                                                                                                                                                                                                       
gpg: Signature made Tue Apr  9 20:28:32 2024 UTC                                                                                                                                                                                                                                                                  
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                                                                                                                                                        
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                                                                                                                                                            
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                                                                                                                                                                 
gpg:          There is no indication that the signature belongs to the owner.                                                                                                                                                                                                                                     
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                            
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-azure.aarch64.vhd.xz                                                                                                                                                                                                                                                    
gpg: Signature made Tue Apr  9 20:28:56 2024 UTC                                                                                                                                                               
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                 
gpg: WARNING: This key is not certified with a trusted signature!                                      
gpg:          There is no indication that the signature belongs to the owner.                          
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                            
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-aws.aarch64.vmdk.xz                                                                                                                                                                                                                                                     
gpg: Signature made Tue Apr  9 20:29:26 2024 UTC                                                                                                                                                               
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                        
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                             
gpg:          There is no indication that the signature belongs to the owner.                                                                                                 
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                   
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-gcp.aarch64.tar.gz                                                                                                                                                                                                                                                      
gpg: Signature made Tue Apr  9 20:29:56 2024 UTC                                       
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                        
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                             
gpg:          There is no indication that the signature belongs to the owner.                                                                                                 
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                   
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-hyperv.aarch64.vhdx.zip                                                                                                                                                                                                                                                 
gpg: Signature made Tue Apr  9 20:30:26 2024 UTC                                       
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                        
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                             
gpg:          There is no indication that the signature belongs to the owner.                                                                                                 
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                   
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-live.aarch64.iso                                                                         
gpg: Signature made Tue Apr  9 20:30:55 2024 UTC                                       
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                        
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                             
gpg:          There is no indication that the signature belongs to the owner.                                                                                                 
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                   
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-live-kernel-aarch64                                                                                                                                                                                                                                                     
gpg: Signature made Tue Apr  9 20:30:57 2024 UTC                                       
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                        
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                             
gpg:          There is no indication that the signature belongs to the owner.                                                                                                 
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                   
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-live-initramfs.aarch64.img                                                                                                                                                                                                                                              
gpg: Signature made Tue Apr  9 20:31:01 2024 UTC                                       
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                        
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                             
gpg:          There is no indication that the signature belongs to the owner.                                                                                                 
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C                                                                                                   
Verifying signature for builds/39.20240322.3.1/aarch64/fedora-coreos-39.20240322.3.1-live-rootfs.aarch64.img                                                                                                                                                                                                                                                 
gpg: Signature made Tue Apr  9 20:31:27 2024 UTC                                       
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C                                                                                                    
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]                                                                                        
gpg: WARNING: This key is not certified with a trusted signature!                                                                                                             
gpg:          There is no indication that the signature belongs to the owner.                                                                                                 
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C

• ppc64le Build ✅

• s390x Build ❌

Pipeline failed during signing but robosignatory did sign everything OK. I was able to get into the pod and do the verification by commented out the fedmsg parts:

[builder@coreos-s390x-builder build-arch]$ cosa sign --build=39.20240322.3.1 --arch=s390x robosignatory --s3 fcos-builds/prod/streams/stable/builds --aws-config-file **** --extra-fedmsg-keys stream=stable --images --gpgkeypath /etc/pki/rpm-gpg --fedmsg-conf ****

warning: /sys/fs/selinux appears to be mounted but should not be; enabling workaround
2024-04-09 21:23:02,081 INFO - Credentials found in config file: ****
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-ostree.s390x.ociarchive
gpg: Signature made Tue Apr  9 20:12:27 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-ostree.s390x-manifest.json.xz
gpg: Signature made Tue Apr  9 20:12:28 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-qemu.s390x.qcow2.xz
gpg: Signature made Tue Apr  9 20:12:48 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-openstack.s390x.qcow2.xz
gpg: Signature made Tue Apr  9 20:13:07 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-metal.s390x.raw.xz
gpg: Signature made Tue Apr  9 20:13:27 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-metal4k.s390x.raw.xz
gpg: Signature made Tue Apr  9 20:13:47 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-ibmcloud.s390x.qcow2.xz
gpg: Signature made Tue Apr  9 20:14:08 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-live.s390x.iso
gpg: Signature made Tue Apr  9 20:14:35 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-live-kernel-s390x
gpg: Signature made Tue Apr  9 20:14:37 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-live-initramfs.s390x.img
gpg: Signature made Tue Apr  9 20:14:40 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C
Verifying signature for builds/39.20240322.3.1/s390x/fedora-coreos-39.20240322.3.1-live-rootfs.s390x.img
gpg: Signature made Tue Apr  9 20:15:02 2024 UTC
gpg:                using RSA key E8F23996F23218640CB44CBE75CF5AC418B8E74C
gpg: Good signature from "Fedora (39) <fedora-39-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E8F2 3996 F232 1864 0CB4  4CBE 75CF 5AC4 18B8 E74C

[dustymabe]

	AWS	Azure	GCP	OpenStack
x86_64	✔️	✔️	✔️	✔️
aarch64	✔️	−	✔️	✔️

[dustymabe]

• Release Job

[dustymabe]

• Roll out stable 39.20240322.3.1, testing 39.20240407.2.0, next 40.20240408.1.0 #880