RPM-level auto release and changelog bumping - Fedora 33 System-Wide Change proposal
by Ben Cotton
https://fedoraproject.org/wiki/Changes/rpm_level_auto_release_and_changel...
== Summary ==
redhat-rpm-config will be updated so users of the auto framework get
automated release and changelog bumping.
== Owner ==
* Name: [[User:nim| Nicolas Mailhot]]
* Email: <nicolas.mailhot at laposte.net>
== Detailed Description ==
This is a system-wide change because all packages build with
redhat-rpm-config, but it only concerns packages that opted to use
this part of redhat-rpm-config (auto framework).
The change will make those packages auto-bump and auto-changelog at
the rpm level, in an infrastructure-independent way.
== Benefit to Fedora ==
Autobumping removes a huge packager shore and makes timestamping in
changelogs more reliable.
== Scope ==
* Proposal owners: The feature is coded and works at the rpm level.
Unfortunately, mock filters away the srpms containing the bump state,
so it does not work in upper layers.
* Other developers: The feature requires buy-in by mock developers
(and probably koji developers) to lift the restrictions that block it
above the rpm level. Also, it requires a mechanism to pass the user
name and email that will be used in bumped changelogs (defining two
variables in ~/.rpmmacros is sufficient at rpm level)
* Mock issue: https://github.com/rpm-software-management/mock/issues/599
* Release engineering: https://pagure.io/releng/issue/9567
* Policies and guidelines: maybe eventually if things work out on the
technical level
* FPC issue: https://pagure.io/packaging-committee/issue/998
* Trademark approval: N/A (not needed for this Change)
== Upgrade/compatibility impact ==
This is a pure build tooling update, it changes how things are built
not what is built.
== How To Test ==
A redhat-rpm-config packages with the changes and some example
packages are available in
https://copr.fedorainfracloud.org/coprs/nim/refactoring-forge-patches-aut...
Since the mock/copr layer is currently blocking the feature, you need
to install the redhat-rpm-config and forge macro packages available in
this repo locally. Afterwards you can take any of the example packages
in the repo and rebuild them with rpmbuild -ba to your heart content,
and see the releases bump and the changelogs being updated
accordingly.
To get beautiful changelogs, you also need to add
<pre>
%buildsys_name Your name
%buildsys_email Your email
</pre>
in ~/.rpmmacros
== User Experience ==
N/A Packager experience change only
== Dependencies ==
The change is a spin-off of
https://fedoraproject.org/wiki/Changes/Patches_in_Forge_macros_-_Auto_mac...
Therefore, it depends on the success of that other change and will
probably need rebasing if the code in this other change evolves during
the redhat-rpm-config merge.
It also depends on mock / copr/ koji buy-in and changes, that may add
their own requirements.
== Contingency Plan ==
There is no contingency plan because the change will happen or not at all.
== Documentation ==
There is as much documentation as the average redhat-rpm-config change
(ie comments in the macro files themselves)
== Release Notes ==
N/A Packager productivity change only
--
Ben Cotton
He / Him / His
Senior Program Manager, Fedora & CentOS Stream
Red Hat
TZ=America/Indiana/Indianapolis
1 year, 1 month
Odd problem with obsoletes in EPEL8
by Martin Jackson
Hello,
I'm having a problem I don't understand how to fix, and I would
appreciate some guidance. I'm maintaining nagios-plugins, which bundles
a number of different "check" plugins and has some metapackages that
include different subsets of those check plugins.
In the EL 8.2 release cycle, one of the dependencies of one of those
plugins was moved from EPEL into EL proper, which broke new installs of
that plugin and the -all metapackage. A user filed a bug, so as a
temporary workaround, I stopped building the plugin package with that
dependency (nagios-plugins-ssl_validity, and had that version
(nagios-plugins-2.3.3-3) obsolete the ssl_validity plugin, since leaving
it around caused it to want to keep the base package in conflict with
other packages that were upgrading.
Now that CentOS 8.2 is released, and the dependency is available, I've
issued an update
(https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-70bcfe5382)
that builds ssl_validity again, and also adds it back to the -all
subpackage. I can upgrade it sucessfully (which installs the
ssl_validity plugin again, as expected), but subsequent calls to dnf
upgrade give this error:
Obsoleting Packages
nagios-plugins.x86_64 2.3.3-3.el8 epel
nagios-plugins-ssl_validity.x86_64 2.3.3-4.el8 @epel-testing
nagios-plugins 2.3.3-3 is not installed anymore, and there are no
explicit Obsoletes: in the ssl_validity package. I'm not sure what
needs to be done here, but whatever it is I'm willing to make the
change. Also wondering if this is expected behavior.
Thanks,
Marty
2 years, 2 months
CMake out-of-source builds
by Brad Bell
On the web page
https://fedoraproject.org/wiki/Changes/CMake_to_do_out-of-source_builds
the following text appears:
Targeted release: Fedora 33
I am testing output of source builds on Fedora 33 using the following command in a SPEC directory
rpmbuild -ba <package>.spec
where <package> is my package name.
When I run rpmbuild, the soruce code gets upacked in the directory
BUILD/<package>-<version>
where <version> is the package version, so I am trying the 'out of source build' with the following
in the spec file:
%cmake -S <package>-version -B cmake_dir ..
CMake appears to run correction and output its files in BUILD/cmake_dir.
One problem I am having is that I seem to need to put 'cd cmake_dir' directly after the '%cmake'
command or my make command fails ?
I also seem to have to put 'cd cmake_dir' other places ?
Another problem I am having is that an include sub-directory of the source directory
<package>-version needs to be installed
while the rest of the installed files are in the build directory cmake_dir.
I am not sure how to indicate this in the %files section of the spec file ?
2 years, 9 months
Forgotten review request
by Andy Mender
Hello fellow Fedorians,
I'm a reviewer on this review request:
https://bugzilla.redhat.com/show_bug.cgi?id=1727506
The request was submitted last year, but then somehow forgotten by the
submitter. I still carried out the review as usual and would like to push
this forward.
What is the procedure for the re-assigning of a review request to the
reviewer? How do I then nominate a new reviewer for the request?
Cheers,
Andy
2 years, 9 months
Schedule for Thursday's FPC Meeting (2020-12-03 17:00 UTC)
by James Antill
Following is the list of topics that will be discussed in the FPC
meeting Thursday at 2020-12-03 17:00 UTC in #fedora-meeting-1 on
irc.freenode.net.
Local time information (via. uitime):
================= Day: Thursday ==================
2020-12-03 09:00 PST US/Pacific
2020-12-03 12:00 EST --> US/Eastern <--
2020-12-03 17:00 GMT Europe/London
2020-12-03 17:00 UTC UTC
2020-12-03 18:00 CET Europe/Berlin
2020-12-03 18:00 CET Europe/Paris
2020-12-03 22:30 IST Asia/Calcutta
---------------- New Day: Friday -----------------
2020-12-04 01:00 HKT Asia/Hong_Kong
2020-12-04 01:00 +08 Asia/Singapore
2020-12-04 02:00 JST Asia/Tokyo
2020-12-04 03:00 AEST Australia/Brisbane
Links to all tickets below can be found at:
https://pagure.io/packaging-committee/issues?status=Open&tags=meeting
= Followup Actions =
#topic #pr-954
* King_InuYasha
talk to copr to get config. turned on
* tibbs
talk to releng to get config. turned on
#topic #pr-814
* mhroncok
talk to authors again, having a working example might help a lot
#topic Open Floor
* decathorpe
look through non-meeting tickets, see if any are stuck/need to be discussed
= Followup Issues =
#topic #907 Which %__foo macros for executables are acceptable?
.fpc 907
https://pagure.io/packaging-committee/issue/907
= Followup Pull Requests =
#topic #pr-814 Add SELinux Independent Policy Guidelines.
https://pagure.io/packaging-committee/pull-request/814
= Open Floor =
For more complete details, please visit each individual ticket. The
report of the agenda items can be found at:
https://pagure.io/packaging-committee/issues?status=Open&tags=meeting
If you would like to add something to this agenda, you can:
* Reply to this e-mail
* File a new ticket at: https://pagure.io/packaging-committee
* E-mail me directly
* Bring it up at the end of the meeting, during the open floor topic. Note
that added topics may be deferred until the following meeting.
2 years, 10 months
packaging an alternate dictionary for cracklibs?
by Matthew Miller
The cracklibs-dict package is ... quite ... comprehensive. It weighs in at
almost 10MB on disk. Modern password guidance emphasizes length rather than
complicated checks, and this 10MB payload is increasingly irrelevant. I'd
like to provide an alternative, using a list of the 10,000 most common
passwords found in password breeches. This compresses down to about 1k, so
it's significant space savings, and may result in less user frustration
while still giving some real protection against the worst choices -- and
meeting security checklist items like "passwords checked against a
dictionary".
The problem is that cracklib seems to have a compile-time option for where
to find its dictionary. cracklib-dicts is already a subpackage, and a
cracklib-10k-worst or something alternative package could just be a drop-in
replacement... except of course it would conflict. Is this an okay use of
Conflicts? If not, what _should_ I do?
--
Matthew Miller
<mattdm(a)fedoraproject.org>
Fedora Project Leader
2 years, 10 months
