Skip to Main Content
Talk Intermediate

Automating Backporting & Packaging: Ansible, EDA, and RPM Hacks for Maintainers

Rejected
Session Description

Backporting security fixes to legacy software shouldn’t feel like defusing a time bomb. Yet, without the right tools, one wrong patch can break dependencies, delay releases, and leave systems vulnerable. What if you could automate the entire workflow—from CVE detection to stable RPM builds—while sleeping soundly at night?


In this talk, I’ll share battle-tested strategies for maintaining enterprise-grade software using open-source automation. Drawing from real-world experience maintaining long-term supported (LTS) systems, you’ll learn how to:

  * Automate backporting workflows with Ansible playbooks and Event-Driven Ansible (EDA) to respond to CVEs faster.


  * Design resilient RPM spec files that minimize manual patching (with coding examples).

   

  * Ansible EDA in Action: Trigger automated backporting tasks when new CVEs are detected

 

  * RPM Packaging Deep Dive: Use rpmbuild macros and modular spec files to future-proof packages

Session Categories

FOSS

Speakers

goutam tiwari Associate Software Maintenance Engineer | Red Hat

I am a Software Maintenance Engineer at Red Hat, where I work on backporting patches for various desktop subsystem tools to ensure security and stability in enterprise Linux environments. I am keenly interested in software and automation, and I actively contribute to open-source communities while learning and sharing knowledge. I’ve been a CFP reviewer for PyCon US, which helped me understand how to create and evaluate effective proposals. My work has been featured at DevConf India, and I’ve also been part of the GNOME Asia organizing team. I enjoy simplifying workflows and encouraging others to explore open-source technologies
goutam tiwari

Reviews

The topic seems to be covering a good real world use-case for Ansible and EDA - It would be great if the flow also covers a little bit of an introduction to what Ansible is and how people usually use it.
Reviewer #1 Approved
RPMs are hardly used outside for RedHat/EL/Fedora. This might be too "in the weeds" for people unfamiliar with Linux or specifically with RHEL. Learning about how you do you job and how you utilize open source tools like Ansible is very much in line with FOSSU. So this is why this is a potentially very good talk
Reviewer #2 Not Sure
No reference project related to the proposal mentioned in bio or reference link.
Reviewer #3 Not Sure
Reviewer #4 Approved