FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 12-09-2008, 09:02 AM
Patrice Dumas
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

On Tue, Dec 09, 2008 at 10:49:55AM +0100, Michael Schwendt wrote:
> On Tue, 09 Dec 2008 04:55:33 +0100, Kevin wrote:
>
> > I think we need to be more careful with certain types of security updates,
> > and better let them get some QA even if it means the fix gets delayed.
>
> QA ... reminds me to ask once more:
>
> Where can I learn more about the thing referred to as "Fedora QA"?
> Who is it? What do they do?

Unless I have missed something, currently there is no QA done. One
reason is that bodhi pushes already take one day, and adding some QA
would delay even more. Verifying duplicate provides would be, in my
opinio, the first thing to add.

More offline QA could be done, though. Currently I am not even sure that
never checking scripts are sent. There is the FTBFS stuff, however, and
broken dependencies are reported.

> Fedora has a serious problem with updates that are pushed out to "stable"
> directly. Originally we've had a guideline to use updates-testing for
> a few days.

Sometime it is better to push directly to stable, when the package is
already broken, when it is a security fix, or for packages with few
users.

--
Pat

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 09:04 AM
Patrice Dumas
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

On Tue, Dec 09, 2008 at 11:02:30AM +0100, Patrice Dumas wrote:
>
> More offline QA could be done, though. Currently I am not even sure that
> never checking scripts are sent. There is the FTBFS stuff, however, and

I meant 'I am not even sure that n-ver checking scripts are sent'.

--
Pat

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 11:03 AM
Sven Lankes
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

On Tue, Dec 09, 2008 at 11:02:30AM +0100, Patrice Dumas wrote:

> Sometime it is better to push directly to stable, when the package is
> already broken, when it is a security fix, or for packages with few
> users.

Which then leads to the question, why a broken package was pushed to
stable in the first place.

We should try to get the bohdi-karma-mechanism more popular. I have
updates-testing activated on both my F10 machines but I haven't set a
single karma-point yet. The reason is that it's not easy after a day or
two to review that last updates and send a +1 on them if I have used
them and they didn't break.

Maybe a small gui tool showing the latest testing-updates and allowing
to send (positive) bohdi-karma would encourage more people to actually
send the karma which in turn would encourage developers to use
updates-testing more.

--
sven === jabber/xmpp: sven@lankes.net

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 01:12 PM
Patrice Dumas
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

On Tue, Dec 09, 2008 at 12:25:54PM +0100, Michael Schwendt wrote:
> On Tue, 9 Dec 2008 11:02:30 +0100, Patrice wrote:
>
> > Sometime it is better to push directly to stable, when the package is
> > already broken, when it is a security fix,
>
> ... and if you find out that dependencies are broken because of a rushed
> update, you need to wait a day before the problem can be corrected with
> the next time-consuming push. It's better to prevent issues like that. We
> currently can check remote repositories. Contrary to the FUD spread by
> some people, plain repoclosure doesn't run for hours. For stuff released
> into the "stable" repo it would be too late, however.

I agree, I think that some QA should already be done even if pushes are
long, but in an automated way.

> > or for packages with few users.
>
> ... which have even less reason to be pushed to "stable" quickly rather
> than spending a few days in updates-testing first. Even such packages
> can cause chaos and disturb SONAME Provides, for example. Recently, we've
> had a case where an update accidentally obsoleted packages in a different
> namespace. Or watch this one: https://bugzilla.redhat.com/473182

Fully agreed. That's why I think that multiple obsolete and provides
should be catched automatically. But I don't think that much more QA is
needed. In my opinion checking missing deps, mutiple
provides/obsoletes, unattended conflicts and n-ver should be done
automaticaly and block autoamtically packages (with a whitelist for
provides/obsoletes that are meant to be shared). But otherwise how
testing is done and how bodhi is used should be left to the packagers.

> I know you'd like to be able to push to repositories immediately
> without any release management, but for Fedora's users that would be
> one step closer to the infamous dumping ground of packages.

That's not my opinion. I think that packagers should be able to chose
what suits their userbase better, taking into account fedora as a whole.
In most cases I left the updates sit in bodhi until I get the automatic
mail.


As a side note, I don't think that the dumping ground effect is that
much linked with the number of days in bodhi, rather to uncareful
packagers and lack of consideration for integration, uncareful use of
unstable upstream and push from rawhide too early.

--
Pat

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 10:35 PM
Kevin Kofler
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

Jˇhann B. Gu­mundsson wrote:
> For a developer to be able to test his code he needs to test on all
> possible scenarios
> hw and sw related repeated times the n option ( if any ) his application
> can do.

Right, and there's absolutely no way we can do that. That's what
updates-testing is for. We developers/packagers test as much as possible
where possible (or should, at least ;-) ), but we can't test everything all
on our own. Sometimes we don't even have the required hardware. And
sometimes in the real world it is also more important to work on the next
fix than to test the one we just wrote.

Kevin Kofler

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 10:36 PM
Kevin Kofler
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

Sven Lankes wrote:
> Which then leads to the question, why a broken package was pushed to
> stable in the first place.

Because it was deemed a security update, complete with a CVE ID, and pushed
directly to stable.

Kevin Kofler

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 10:45 PM
Kevin Kofler
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

Michael Schwendt wrote:
> Fedora has a serious problem with updates that are pushed out to "stable"
> directly. Originally we've had a guideline to use updates-testing for
> a few days.

I think we need to differentiate, not all updates pushed straight to stable
are bad. Some updates really bear essentially no risk, for example an
update which just restores a bugfix patch which accidentally got forgotten
while rebasing to a new version, e.g.:
https://admin.fedoraproject.org/updates/F10/FEDORA-2008-11045
https://admin.fedoraproject.org/updates/F9/FEDORA-2008-11054
(and yes, the rebase to the new version *did* go through testing, the
regression was not noticed there unfortunately). It also makes sense to
push critical security updates directly to stable, like a trivial fix for a
remote root. The problem is when the security update is not critical (at
least not to the point where it would have been fixed in less than a
month!) and the fix is very much non-obvious and risky, but it still gets
the expedited treatment.

> I'm also surprised to find discrepancies between Rawhide (just 1-2 weeks
> before F10 release) and F10 final.

The first weeks of Rawhide after a release are always a horribly broken
mess, why are you surprised? It's called "pre-alpha software".

Kevin Kofler

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 11:05 PM
"Jeff Spaleta"
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

On Tue, Dec 9, 2008 at 2:45 PM, Kevin Kofler <kevin.kofler@chello.at> wrote:
>> I'm also surprised to find discrepancies between Rawhide (just 1-2 weeks
>> before F10 release) and F10 final.
>
> The first weeks of Rawhide after a release are always a horribly broken
> mess, why are you surprised? It's called "pre-alpha software".

I think you read that backwards. I think he's saying that F10 final
had regressions compared to rawhide 1-2 weeks before release.

-jef

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-09-2008, 11:10 PM
Kevin Kofler
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

Jeff Spaleta wrote:
> I think you read that backwards. I think he's saying that F10 final
> had regressions compared to rawhide 1-2 weeks before release.

Oh, indeed I did.

Well, the changes which went in at the last moment were all fixes for
critical showstoppers.

Kevin Kofler

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 12-11-2008, 11:57 AM
Robert Scheck
 
Default Fedora QA ? - What Fedora makes sucking for me - or why I am NOT Fedora

On Tue, 09 Dec 2008, Patrice Dumas wrote:
> Sometime it is better to push directly to stable, when the package is
> already broken, when it is a security fix, or for packages with few
> users.

I agree with that so far, but such unluckily gotten base packages as dbus
(you know, I dislike dbus) need definately more love and especially much
more QA before getting stable. Such base packages IMHO need to succeed
several defined test cases, before they ever should make it into stable -
including security packages. The broken dbus brought us nice results in
and around Fedora.

I don't want to blame the package maintainer or upstream for that, but we
as Fedora need to do better QA before getting such updates into stable.


Greetings,
Robert

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 

Thread Tools




All times are GMT. The time now is 10:08 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ę2007 - 2008, www.linux-archive.org