[Proposal] Ring-based Packaging Policies

Wed Feb 18 14:27:09 UTC 2015

On Wed, Feb 18, 2015 at 08:58:34AM -0500, Stephen Gallagher wrote:
> On Mon, 2015-02-16 at 17:03 +0100, Kevin Kofler wrote:
> > So, for my counterproposal:
> > I propose that packagers with a sufficient level of trust (packager 
> > sponsors, provenpackagers, or a new, yet-to-be-defined group (maybe 
> > packagers with at least N packages)) be allowed to import new packages with 
> > a self-review. We trust those people for so many things, and we know that 
> > they understand the packaging guidelines, so why can we not trust them to 
> > import their own packages without blocking on somebody else? Here are just 2 
> > examples of packages that have been sitting in the queue for months and 
> > would have gone in instantly with my proposed policy:
> > https://bugzilla.redhat.com/show_bug.cgi?id=922781
> > https://bugzilla.redhat.com/show_bug.cgi?id=1125952
> > The submitter has been a packager sponsor and provenpackager for years (and 
> > even several of the people he sponsored are now also packager sponsors 
> > and/or provenpackagers), so why do we need to waste our time reviewing his 
> > packages when it's clear that he knows what he's doing?
> 
> 
> This is an interesting idea (and one that could be investigated
> irrespective of the original discussion). In the last few years, the
> fedora-review project has made the review process significantly easier
> for many packages. It covers a lot of the policies that are automatable,
> thereby reducing the packager requirements.
> 
> Elsewhere in this thread, it was suggested that we could further improve
> the process by taking reviews out of Bugzilla and building a tool
> specifically for this purpose. If we built this atop fedora-review, we
> could make large parts of the review-submission process automated.
> (Automated guideline checks for those things that *can* be automated,
> automatically perform koji scratch builds for each architecture, etc.)
> 
> With something like that in place to provide at least a minimal level of
> review, we probably *could* give members of the provenpackager and/or
> sponsors groups permission to pass a review solely based on those
> results (plus a manual checkbox of "this is permissible content").
> 
> In parallel with another discussion on the list, this could be a really
> worthwhile effort for the Google Summer of Code this year. Maybe Michel
> Salim (CCed) would be interested in having the fedora-review team mentor
> two or three interns to work on a web-app version of fedora-review?

While I agree that it makes a nice project for a GSoC, it is my experience that
we should not have too many students working on the same project. Most often
they will overlap and might even conflict.
So having one perhaps two (and that's a grand max imho) students might be
interesting indeed.

For further reference about this project:
https://www.youtube.com/watch?v=PJ-Hjb1UrXw
https://github.com/fedora-infra/fresque
Because it's not completely a new idea nor has there been no work started on it
:)

Pierre
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150218/c26951eb/attachment.sig>