FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 02-26-2010, 02:26 PM
Jesse Keating
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 2010-02-26 at 16:09 +0100, Kevin Kofler wrote:
>
> Good point. Indeed, packages are often tested sufficiently before they even
> enter updates-testing. Even if pushes become more frequent, it can still
> happen if testing is called for on a fast medium like IRC and the fix
> touches many people.
>

And if an update gets sufficient karma before a push to -testing, then
it's certainly reasonable to push that directly to stable. Your fear
mongering is clouding your judgment.

--
Jesse Keating
Fedora -- Freedom˛ is a feature!
identi.ca: http://identi.ca/jkeating
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 02:28 PM
Paul Wouters
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 26 Feb 2010, Chris Adams wrote:

> EPEL has run this way for a while, and it doesn't seem to be a problem.

EPEL does not have a 6 month release cycle

Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 02:29 PM
Matthias Clasen
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 2010-02-26 at 10:28 -0500, Paul Wouters wrote:
> On Fri, 26 Feb 2010, Chris Adams wrote:
>
> > EPEL has run this way for a while, and it doesn't seem to be a problem.
>
> EPEL does not have a 6 month release cycle
>

The 6 month release cycle means you need to hurry to get your stuff into
rawhide in time. It does not mean you need to rush out untested fixes to
a supposedly stable, released product.

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 02:32 PM
Adam Jackson
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 2010-02-26 at 13:16 +0100, Kevin Kofler wrote:

> at the FESCo meeting on Tuesday, everyone except me seemed to be set on
> wanting to disable the possibility to queue updates directly to stable in
> Bodhi. The only reason this was not decided right there (with no outside
> feedback) is that Matthew Garrett (mjg59) wants to write down a precise
> policy (which may end up even more restrictive, like some arbitrary minimum
> time period of testing).

This is needlessly inflammatory. Matthew argued that it was premature
to take the issue to vote before knowing exactly what we were voting
for. Three other fesco members agreed, by my reading of the logs (not
including myself, though I didn't voice it at the time as the discussion
was entirely too noisy already). I'm also not really seeing consensus
in the logs that all direct stable pushes are inherently bad. It was
certainly _mooted_ as an idea; that's not the same as agreeing. Finally,
you've accused the (not yet written) proposal of potentially being even
more odious than you've already made out.

By my count, that's three misrepresentations in one paragraph. I
certainly hope they were not deliberate.

> He also noted that doing so "gives us an opportunity to discuss various
> consequences with affected teams". But sadly, the people driving this
> proposed change haven't used this opportunity to discuss this issue in a
> transparent way as I would have expected (and I've been waiting for almost 3
> days!), so I am doing it now. (We really need more transparency in decision
> making!)

Here you're making the accusation that the proposal not being written
yet is due to some intentional opacity in constructing it. That may
certainly be true, but I'd love to see your evidence for it.

A more parsimonious explanation is that Matthew's simply been busy the
last few days and hasn't gotten around to it yet. Again, this may or
may not be true, but Occam's Razor suggests it's more likely.

> Some situations where I and others have used direct stable pushes in the
> past and where I think they're really warranted and should be used:
> * A new package which doesn't replace anything, and which I verified to work
> fine for me. It's clearly not a completely broken package and there's no way
> it can break anybody's existing setup as nobody has that package yet.

Just to be ragingly pedantic: utterly false.

You create package A. Someone else has created package B, with a
triggerin script on A, unbeknownst to you, and you don't have B
installed. Your testing of A will not reflect the experience of anyone
with B installed. B's triggerin script might rm -rf /, for example.

Yes, this is a pathological example. Software, like humanity, is
occasionally pathological.

> * A regression which causes big breakage at least for some people slipped
> through testing for whatever reason. We urgently want the fix to get out
> ASAP.
> * A regression slipped through testing for whatever reason and the patch is
> trivial. We want the fix to get out ASAP, and the risk of breakage is very
> low.

"Slipping through testing" is itself the problem. It means that testers
aren't using testing! We should fix the technical and UX problems that
make testing hard to consume.

> * A trivial bugfix (like a one-line diff), tested and confirmed to fix the
> bug by at least one person. The risk of breakage is extremely low.

If I had a dollar for every obviously correct one-line fix that broke
something, I could probably quit this software game.

- ajax
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 02:46 PM
Jesse Keating
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 2010-02-26 at 16:23 +0100, Patrice Dumas wrote:
> Because EPEL has to be very stable, so additional time spent in testing is
> even better, for example for reasons you highlight below. I never said
> that packages should not go through testing in EPEL! But Fedora is another
> thing.

The conclusion here is that it's OK for Fedora to be broken and unstable
in it's releases. I call bullshit. It is very much not OK for this to
happen.

--
Jesse Keating
Fedora -- Freedom˛ is a feature!
identi.ca: http://identi.ca/jkeating
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 02:49 PM
Michael Schwendt
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 26 Feb 2010 06:59:59 -0800, Jesse wrote:

> On Fri, 2010-02-26 at 14:55 +0100, Kevin Kofler wrote:
> > > The possibility to publish hot-fixes is most important.
> >
> > +1. Not being able to push those out quickly would really suck.
>
> What sucks more is recent "hot-fixes" which were even more broken than
> the issue they were trying to fix. They were pushed directly to stable
> and broke a significant number of systems because of a scenario the
> maintainer didn't imagine or test.

Could happen also with security updates. E.g. the recent gnome-screensaver
security update visually corrupted the Fedora and GNOME screensavers. Rather
harmless, but in other cases (e.g. kernel upgrades) a trade-off is made
between number of bug-fixes/new drivers and regression, and -1 votes don't
have an impact.

Making updates-testing mandatory will not result in increased testing.
Some packages just won't see any feedback. I claim that for most packages
real testing doesn't happen before they appear in the stable updates repo.

We have the Critical Path Packages feature already. How about letting
Fedora users vote in pkgdb on how critical a package is to them? The
higher the rating, the more positive testing feedback a package will
require and the more testing the Fedora community will need to contribute.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 02:50 PM
Jesse Keating
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 2010-02-26 at 16:20 +0100, Kevin Kofler wrote:
> Jesse Keating wrote:
>
> > On Fri, 2010-02-26 at 14:55 +0100, Kevin Kofler wrote:
> >> > The possibility to publish hot-fixes is most important.
> >>
> >> +1. Not being able to push those out quickly would really suck.
> >
> > What sucks more is recent "hot-fixes" which were even more broken than
> > the issue they were trying to fix. They were pushed directly to stable
> > and broke a significant number of systems because of a scenario the
> > maintainer didn't imagine or test.
>
> Those weren't "hot-fixes", they were fixes for an issue which wasn't really
> a regression. They were also quite invasive and risky, very much unlike the
> trivial fixes I'm talking about. The maintainer simply underestimated the
> risk, maybe he also overestimated the urgency. But that's not an issue with
> the process.
>
> Kevin Kofler
>

It is an issue with the process when the process allows for these types
of updates to go direct to stable without getting any karma along the
way. It clearly illustrates that we need a system that protects our
users from our maintainers, as our maintainers clearly cannot do it
themselves.

--
Jesse Keating
Fedora -- Freedom˛ is a feature!
identi.ca: http://identi.ca/jkeating
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 02:55 PM
Paul Wouters
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, 26 Feb 2010, Jesse Keating wrote:

>> +1. Not being able to push those out quickly would really suck.
>
> What sucks more is recent "hot-fixes" which were even more broken than
> the issue they were trying to fix. They were pushed directly to stable
> and broke a significant number of systems because of a scenario the
> maintainer didn't imagine or test.

I can see both sides here, having been part of a big disaster recently
(which might have been the cause of this discussion at FESCO). Let me
describe what happened in this case, so people can see these issues can
get very complex.

Due to delays in getting a fedora package updated (purely my fault)
the dnssec-conf package had expired DNSSEC trust anchors. This caused
a denial of service attack by Fedora servers against various important
nameservers at RIPE. This change was not due to a package update, but
due to a missing update. This needed urgent fixing, as in someone called
me at 4am. I got together with the bind maintainer, prepared an update
and we both tested it. It worked for us. I had this tested on devel,
F-12 and EL-5.

I requested a direct push to stable. Which was denied. I was unhappy that
we would not stop a DOS attack within weeks (my packages hardly ever get
any karma feedback despite their obvious use, though I must say that did
change for dnssec-conf after it blew up). So I objected, and got my way.

A push to stable happened, and something went wrong. It turned out that
anyone who had upgraded from F-10/F-11 onwards had a configuration file
in an old location. Testing should have seen this, but we didn't.

In this case the result was bad, though not worse without the
update. Without the update, the bind nameserver would be DOSing RIPE
(and not work very well as a nameserver because it was too busy). After
the update the nameserver failed to start with an error in a few include
statements to non-existing files that was annoying but fairly easy to
fix even for non-developers.

The fix for that was pushed into testing. I did not dare to request
going straight to stable again, though objectively looking from a policy
statement, that's what should have happened to avoid people upgrading
to the broken release.

Looking back at this, the ideal solution would have been to involve a
few people in testing/approving the direct-to-stable push. I believe
this is what Fesco is thinking about with a Fesco/releng/QA. Whether you
call this an "expediated push from testing" or a "direct push to stable"
is really semantics. What's important is that there are resources that
can take on a "hot fix". I don't know where we can get those resources,
as Fesco seems pretty busy as it is.

Summary: Blocking direct-to-stable is fine, as long as requests to
override it are taken seriously and somehow the package gets some
additional attention from someone beside the packager.

It all comes down to human resources....

Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 03:05 PM
Bruno Wolff III
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

On Fri, Feb 26, 2010 at 14:49:18 +0100,
Till Maas <opensource@till.name> wrote:
>
> Imho it is more a perversion of how it is meant to be. This package was
> tested before it went to updates-testing and therefore went straight to
> stable. But the majority of packages goes to updates-testing and is not
> tested by someone else but the maintainer/does not get any karma, but
> still is pushed to stable after some time.

I think that is a separate issue. I pull a lot of stuff from koji and would
sometimes (when there isn't already an open bug) be able to provide a comment
similar to what I could do in bohdi. For some stuff, by the time it hits
testing I've already moved on and don't bother going back bohdi to rate
package versions I have already updated away from. (Typically I pull graphics,
kernel, some selinux and bug related packages from koji when I see them
show up.)
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 02-26-2010, 03:07 PM
Michael Cronenworth
 
Default FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

Jesse Keating wrote:
> If the update is to fix an issue as dire as you say it would be, there
> would be no shortage of people who would be willing to grab the package
> from the bodhi link and test it out, and the maintainer would have no
> problem spending a little effort to find people to do this testing to
> ensure his or her update could go to stable ASAP.

We're back again to a need for a more user-friendly UI to
updates-testing. I was thinking of a PackageKit plugin that would add a
few tabs. One tab would be "Rate Testing" and one would be "Testing
Available". The "Rate Testing" would be packages you already have
installed. The "Testing Available" would display packages you could
update to to test.

Yes, this functionality is available in bodhi-client and I use it
myself, but isn't it safe to say there are many Fedora users that have
no idea what bodhi-client is or even admin.fp.o? If it's pluggable into
PackageKit that users are used to handling packages in, it would expose
updates-testing to more users. The plugin could also be smart and pull
from koji if it finds the update isn't available in updates-testing yet
for faster testing as well.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 

Thread Tools




All times are GMT. The time now is 01:36 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org