make force-tag gone

Daniel P. Berrange berrange at redhat.com
Wed Sep 10 10:39:42 UTC 2008


On Tue, Sep 09, 2008 at 09:46:46AM -0700, Jesse Keating wrote:
> On Tue, 2008-09-09 at 18:03 +0200, Denis Leroy wrote:
> > 
> > There's no logic here. You're not forcing people to tag after every CVS 
> > check-in, as far as I know. If a release 'n' fails to build (for 
> > example, because you forgot to check-in a patch), it makes zero sense to 
> > bump to n+1, because release 'n' never *existed* in the first place, 
> > since it was never built. That has zero impact over auditing. Spec file 
> > auditing is done through CVS.
> 
> The audit part is something of a red herring.  The GPL compliance part
> is what is bothersome.  If we want to save archive space by relying on
> re-generating srpms of shipped binaries on demand, we need to ensure
> that CVS tags don't change over time.  For better or worse, we build
> from CVS tags, so to get the source that matched the build, we have to
> checkout via CVS tags.  If those tags can change over time, the trust
> level is gone.  That's why there is a push to make the tags immutable,
> or at least the successfully built tags immutable.
> 
> Personally I just want to move off of CVS and off of building from tags,
> and instead build from something inherently immutable, like the shasum
> of the repo at a given time.
> 
> MikeB said that he'd look into some CVS/make changes that would allow
> checking koji for an on going or successful build of a tag/n-v-r before
> allowing a force-tag.  This would allow folks to force-tag before having
> a successful build, but would not allow you to force the tag after a
> successful build, or while a build is still going with that n-v-r.
> 
> I think this approach, while it may slow down force-tags and prevent
> force-tags during any koji outage, will give us the best of both worlds.

I think this would be a very good approach.

Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|




More information about the fedora-devel-list mailing list