Given the problems we had with font packages not being rebuilt in the last mass rebuild, can we ensure that the mass rebuild script uses "git push --no-verify" instead of plain "git push"?
See: - https://bugzilla.redhat.com/show_bug.cgi?id=2233878 - https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/...
On Tue, 2024-01-16 at 14:50 -0700, Jerry James wrote:
Given the problems we had with font packages not being rebuilt in the last mass rebuild, can we ensure that the mass rebuild script uses "git push --no-verify" instead of plain "git push"?
See:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/...
You got mass rebuild script here [1] in massrebuildsinfo.py [2] you may define what packages you are going to rebuild , in line 93 of mass- rebuild.py [3] you got the list of packages that you go rebuild and since line 132 [4] you have the commands that will run . Is rpmdev-bumpspec that fails ?
[1] https://pagure.io/releng/blob/main/f/scripts/mass-rebuild.py
[2] https://pagure.io/releng/blob/main/f/scripts/massrebuildsinfo.py
[3] https://pagure.io/releng/blob/main/f/scripts/mass-rebuild.py#_93
[4] https://pagure.io/releng/blob/main/f/scripts/mass-rebuild.py#_132
-- Jerry James http://www.jamezone.org/ -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
On Tue, Jan 16, 2024 at 3:32 PM Sérgio Basto sergio@serjux.com wrote:
You got mass rebuild script here [1] in massrebuildsinfo.py [2] you may define what packages you are going to rebuild , in line 93 of mass- rebuild.py [3] you got the list of packages that you go rebuild and since line 132 [4] you have the commands that will run . Is rpmdev-bumpspec that fails ?
Thank you for the pointer, Sérgio. I have opened https://pagure.io/releng/pull-request/11897.
It is not rpmdev-bumpspec that fails. That works just fine. But any package that uses the %{fontpkgname1}, %{fontpkgname2}, ... macros requires --no-verify today when pushing to git, due to the referenced bug. That's merely annoying for a human, but fatal to an automated build script that doesn't pass --noverify.
On Thu, 2024-01-18 at 09:13 -0700, Jerry James wrote:
On Tue, Jan 16, 2024 at 3:32 PM Sérgio Basto sergio@serjux.com wrote:
You got mass rebuild script here [1] in massrebuildsinfo.py [2] you may define what packages you are going to rebuild , in line 93 of mass- rebuild.py [3] you got the list of packages that you go rebuild and since line 132 [4] you have the commands that will run . Is rpmdev-bumpspec that fails ?
Thank you for the pointer, Sérgio. I have opened https://pagure.io/releng/pull-request/11897.
It is not rpmdev-bumpspec that fails. That works just fine. But any package that uses the %{fontpkgname1}, %{fontpkgname2}, ... macros requires --no-verify today when pushing to git, due to the referenced bug. That's merely annoying for a human, but fatal to an automated build script that doesn't pass --noverify.
ok, is git push that fails . As an idea , you may do "no verify" build option like noautobuild, in line 143 of mass-rebuild.py [1] we have "Check for a noautobuild file" to optout to skip mass rebuild, we may add an option in similar way for noverify push, for example file "noverifybuild" .
Kodi use noautobuild (and it works :) ) : https://github.com/rpmfusion/kodi/
[1] https://pagure.io/releng/blob/main/f/scripts/mass-rebuild.py#_143
-- Jerry James http://www.jamezone.org/ -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Am Do., 18. Jan. 2024 um 17:14 Uhr schrieb Jerry James loganjerry@gmail.com:
On Tue, Jan 16, 2024 at 3:32 PM Sérgio Basto sergio@serjux.com wrote:
You got mass rebuild script here [1] in massrebuildsinfo.py [2] you may define what packages you are going to rebuild , in line 93 of mass- rebuild.py [3] you got the list of packages that you go rebuild and since line 132 [4] you have the commands that will run . Is rpmdev-bumpspec that fails ?
Thank you for the pointer, Sérgio. I have opened https://pagure.io/releng/pull-request/11897.
It is not rpmdev-bumpspec that fails. That works just fine. But any package that uses the %{fontpkgname1}, %{fontpkgname2}, ... macros requires --no-verify today when pushing to git, due to the referenced bug. That's merely annoying for a human, but fatal to an automated build script that doesn't pass --noverify.
No, that's not the case. Please re-read the bug.
For *some* of the packages among those which use these macros (but definitely not all), the python bindings to rpm do not expand that macro whereas rpm itself does.
Since `spectool` uses the bindings, its check for the presence of all source files fails if the source macro contains an unexpanded macro. The packages build fine.
Whether it's the bindings' fault, or the spec files', or the rpm-font-macros' is unclear at this point. In any case the check *wrongly* indicates FTBFS.
Michael
On Tue, Jan 16, 2024 at 02:50:43PM -0700, Jerry James wrote:
Given the problems we had with font packages not being rebuilt in the last mass rebuild, can we ensure that the mass rebuild script uses "git push --no-verify" instead of plain "git push"?
See:
I suppose this might be a good idea... I'd be afraid of what it might break, while fixing the fonts packages though. But of course if it was completely broken it would fail after that anyhow...
kevin
On Wed, Jan 17, 2024 at 3:48 PM kevin kevin@scrye.com wrote:
I suppose this might be a good idea... I'd be afraid of what it might break, while fixing the fonts packages though. But of course if it was completely broken it would fail after that anyhow...
That's exactly my thinking. The package is either broken already or it is not. If it is, then allowing a mass rebuild push won't change the situation. If it is not, then skipping verification has no effect.
On Tue, Jan 16, 2024 at 10:52 PM Jerry James loganjerry@gmail.com wrote:
Given the problems we had with font packages not being rebuilt in the last mass rebuild, can we ensure that the mass rebuild script uses "git push --no-verify" instead of plain "git push"?
This is not a good idea. Because of a few packages that are not rebuilding we would disable the hook for every push the script does.
See:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/...
Jerry James http://www.jamezone.org/ -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
On Thu, Jan 18, 2024 at 4:50 AM Tomas Hrcka thrcka@redhat.com wrote:
This is not a good idea. Because of a few packages that are not rebuilding we would disable the hook for every push the script does.
My thinking is that the hook is not useful for automated build scripts anyway, so disabling it doesn't hurt. See my previous replies in this thread.
On Thu, Jan 18, 2024 at 09:15:18AM -0700, Jerry James wrote:
On Thu, Jan 18, 2024 at 4:50 AM Tomas Hrcka thrcka@redhat.com wrote:
This is not a good idea. Because of a few packages that are not rebuilding we would disable the hook for every push the script does.
My thinking is that the hook is not useful for automated build scripts anyway, so disabling it doesn't hurt. See my previous replies in this thread.
yeah...
* Current setup with the hook: Bunch of fonts don't even get touched by the mass rebuild Some other packages with problems caught by the hook also are completely missed.
* With --no-verify: Bunch of fonts do rebuild in the mass rebuild Some packages with problems get a mass rebuild commit at least and attempted build. It might fail, but it's at least tried.
The mass rebuild is only doing a bump/rebuild. There's no reason it should ever cause something that be caught by the hook, and if it did, it would be better for it to do the commit anyhow and cause a failed build. IMHO.
So, I think we should run with --no-verify.
kevin
kevin wrote:
The mass rebuild is only doing a bump/rebuild. There's no reason it should ever cause something that be caught by the hook, and if it did, it would be better for it to do the commit anyhow and cause a failed build. IMHO.
If, hypothetically, a defect in the mass-rebuild script would corrupt thousands of spec files, how easy would it be to write a mass-revert script to repair the damage? The mass-revert script shouldn't just revert the latest commit in every package, because the corruption might not have happened in every package, and some might have been reverted manually in the meantime. The mass-revert script would need to verify that it reverts only commits done by the defective mass-rebuild script.
If that's nontrivial to get right, then it seems to me that there is value in a hook that validates changes made by a script.
Björn Persson
On Thu, Jan 18, 2024 at 08:24:38PM +0100, Björn Persson wrote:
If, hypothetically, a defect in the mass-rebuild script would corrupt thousands of spec files, how easy would it be to write a mass-revert script to repair the damage? The mass-revert script shouldn't just revert the latest commit in every package, because the corruption might not have happened in every package, and some might have been reverted manually in the meantime. The mass-revert script would need to verify that it reverts only commits done by the defective mass-rebuild script.
If that's nontrivial to get right, then it seems to me that there is value in a hook that validates changes made by a script.
That seems pretty hypothetical.
The pre-push check simply looks at the sources/patches defineed in the spec and checks them against the sources file. The mass rebuild script only uses rpmdev-bumpspec, which should only change the release and add a changelog entry (or even less if the spec is using rpmautospec).
Should these font packages get fixed? Absolutely. But I think doing no-verify helps us because we will track more of those packages that were simply skipped. I think it's better to not skip them and have them fail than ignore them.
kevin
AgreeThank you.
See below
Leslie Satenstein
On Thursday, January 18, 2024 at 01:35:13 p.m. EST, kevin kevin@scrye.com wrote:
On Thu, Jan 18, 2024 at 09:15:18AM -0700, Jerry James wrote:
On Thu, Jan 18, 2024 at 4:50 AM Tomas Hrcka thrcka@redhat.com wrote:
This is not a good idea. Because of a few packages that are not rebuilding we would disable the hook for every push the script does.
My thinking is that the hook is not useful for automated build scripts anyway, so disabling it doesn't hurt. See my previous replies in this thread.
yeah...
* Current setup with the hook: Bunch of fonts don't even get touched by the mass rebuild Some other packages with problems caught by the hook also are completely missed.
* With --no-verify: Bunch of fonts do rebuild in the mass rebuild Some packages with problems get a mass rebuild commit at least and attempted build. It might fail, but it's at least tried.
The mass rebuild is only doing a bump/rebuild. There's no reason it should ever cause something that be caught by the hook, and if it did, it would be better for it to do the commit anyhow and cause a failed build. IMHO.
So, I think we should run with --no-verify.
kevin -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
-
Björn Persson -
Jerry James -
kevin -
Leslie Satenstein -
Michael J Gruber -
Sérgio Basto -
Tomas Hrcka