On 6/25/21 10:25, Neal Gompa wrote:
> On Fri, Jun 25, 2021 at 10:15 AM Lokesh Mandvekar
> <lsm5(a)fedoraproject.org> wrote:
>> Hi list,
>>
>>
>> I own the rhcontainerbot account. Apologies it took so long to respond to this
thread. A number of legitimate concerns have been raised about the bot, so let me address
those below on behalf of the Containers team.
>>
>>
>> We have disabled all autobuilds for now.
>>
>> The podman RC build landing in updates a month ago was a one-off and it has been
discussed at:
https://lists.podman.io/archives/list/podman@lists.podman.io/thread/WYNTH...
>>
>> The fuse-overlayfs downgrade occurred unintendedly during the upstream branch
rename from master to main. That has been fixed at:
https://koji.fedoraproject.org/koji/buildinfo?buildID=1775442
>> Disabling autobuilds during the branch rename phase would’ve evidently avoided
this issue.
>>
>>
>> Going forward:
>>
>> We will only manually build upstream release tags for Fedora releases. We would
prefer to send RC tags to Fedora rawhide as that will trigger gating tests and allow us to
test podman with FCOS and toolbox CIs, so please let us know if that would be a
deal-breaker.
>>
> RCs and final releases are generally okay IMO even for stable
> releases, as long as you're prepared to address feedback brought up in
> bodhi updates. The problem here is nobody is paying attention to Bodhi
> at all.
>
>> We may look at re-enabling the bot only for koji builds of upstream releases,
while bodhi updates will still be manual. We’ll make sure to check for breakages / version
downgrades before re-enablement. The bot has so far compared upstream tags, rpm
installability, version number sanity, but evidently it has missed a lot of cases
including git branch changes.
>>
>> If we re-enable the bot, we will mention the human’s name and email for every
changelog entry in every relevant package as well as regularly monitor the bot’s email.
Please let us know if there are any concerns with this approach.
>>
>> We will use openSUSE’s OBS for builds of the latest upstream commits for our
users who need the latest packages. We would need this to check if the latest commits in
podman work well with new kernel features and selinux.
>>
>>
>> Team members will not add karma to containers’ packages, with the exception of
our QE Engineer who owns our gating tests and is in charge of final testing of our builds.
Currently Ed Santiago (FAS: @santiago) owns that responsibility.
>>
> The important aspect isn't who is doing it, but that it's actually
> *tested* to work. Very serious breakages have happened in the past,
> and that's we want to avoid going forward.
And sometimes this breakage is caused by other parts of the system. For
example a kernel update caused breakage in Podman when it suddenly
enabled overlay mounts, which no one had tried. We quickly fixed the
container-selinux package to handle it, and got the fixes in F33 and F34
before the kernel showed up.
If we remove Podman updates from Rawhide other then when we prepare for
release. Their will be errors that do not get caught early.
Forcing us to treat Rawhide like we do F34 makes Rawhide less
interesting to the container effort.
But none of you are paying attention to Rawhide anyway. As far as I
know, none of you actively run Rawhide, none of you test it, and
nobody is paying attention to when stuff is pushed into Rawhide. This
is the difference between what your team is doing and what I do when I
push snapshots into Rawhide.
If you're going to push stuff into Rawhide, *care* about it.
--
真実はいつも一つ!/ Always, there's only one truth!