Showstopper in the RPM submission procesdure
Eric S. Raymond
esr at thyrsus.com
Mon Sep 29 19:57:33 UTC 2003
Warren Togami <warren at togami.com>:
> Your suggestion of a fedora-submit script sounds like a good way to
> reduce overhead in submitting Bugzilla reports for packages. I am glad
> somebody finally wants to implement it. I suggest to you to read
> through many of the fedora.us reports to see the steps involved in this
> process. Your script would need to (off the top of my head)
>
> 1) Check for duplicates.
> 2) Submit a new report for a package, along with GPG signatures.
> 3) Submit revised packages along with new GPG signatures after some
> discussion points out flaws.
> 4) Upload packages to *somewhere* which we still haven't worked out. We
> obviously cannot give CVS access to everyone, and there may be issues
> with a public upload location at an official server. I much prefer the
> GPG signatures + submitter controlled URL process that fedora.us
> currently uses, but perhaps a future process may have a hybrid. The
> more senior trusted packagers have upload access to an official staging
> area or CVS, while everyone else uses GPG + URLs.
On point 1, the design of fedora-submit should not try to wire in
repository policy. In particular, putting dup checking in there would
probably be a bad idea, as your concept of a dup is likely to evolve
over time. For example, is it a dup when the same-named RPM is
submitted for two different trees? You want to be able to change the
answers to questions like that without replacing every client instance
in the world.
Points 2 and 3 look right to me. As a toolbuilder I'm agnostic on point 4,
but I share your preference. There's no reason for your server to have
to pay storage costs for RPMs not yet accepted when a URL pointer can
be functionally equivalent to having a copy.
> Fortunately now that we are no longer an unaffilited 3rd party, I
> believe we no longer need the many weird corner case naming
> requirements. The naming document can be greatly simplified, dropping
> the leading "X.fdr." part of the %release tag and all related naming
> policies because they are not needed any longer.
Good. Then by all means nuke 'em.
> In the mean time, please submit your packages to fedora.us in any matter
> that you wish. Don't worry if you don't understand the overly complex
> naming guidelines, because the QA people will quickly point out errors.
OK. I'll write fedora-submit and do some testing, then. I think I've
essentially finished the bug-bugzilla tool that the first implementation
of fedora-submit will use; it's now in evaluation and testing with Christian
Reis of the Bogzilla project.
> BTW, your fedora-submit tools may be good for our RPM development
> toolkit package "fedora-rpmdevtools" which is briefly documented here:
> http://www.fedora.us/wiki/FedoraRPMDevTools
Ahh, that's good to know. Yes, that is obviously the right place.
I see I even got the naming convention right :-).
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel
mailing list