Rawhide Gating
When considering gating rawhide package updates on test results, we need to consider two workflows: single package updates, multi-package updates. Both of them are presented here.
Scope
The scope of this work is adding a mechanism to gate package before they enter the rawhide buildroot (and thus become accessible to others) so broken packages are kept out and cannot affect other packages or the compose until they are fixed by their maintainers.
The CI system and the tests are out of scope for the present document.
People involved
- pingou (point of contact)
- <more to come>
Workflows
<single package update>
<multi package update>
Workload
Bodhi
- Single package update
- We will need to write a message-bus listener that will automatically create a bodhi update for each package built in the rawhide-gated tag.
- We will need to write a message-bus listener to automatically push bodhi updates created for rawhide that have passed CI (the decision being announced by Greenwave).
- Multi package update
- We will need to allow bodhi to create a new update from a specified side-tag instead of a list of builds.
- We will need to write a message-bus listener that, upon greenwave notifications about an update created from a side-tag passing CI, will move all of its builds into the rawhide-candidate tag and clean the side-tag created for this update.
- We will need to write a script that regularly clean old side-tags left around
Koji
- We will need a koji plugin allowing packagers to create new side-tags
fedpkg/rpkg
- We will need to add support for the command:
fedpkg side-tag create
which will create a new side-tag in koji for this user using the new plugin
- We will need to add support for the command:
fedpkg side-tag merge
which will call bodhi to ask it to create an update corresponding to this side-tag
- Alternatively: Expand the existing
fedpkg update
command to add support for creating a new update from a side-tag
- Alternatively: Expand the existing
Greenwave / WaiverDB
Nothing should change for these tools but we will have to confirm this and test in staging that they behave as expected.
CI system
Nothing should change for the CI system but we will have to confirm this and test in staging that they behave as expected.
User experience
Single package update
fedpkg clone rpms/foobar cd foobar/ vim foobar.spec git commit -am "Git commit message" fedpkg build
If the CI tests pass, the package will land in rawhide, if they fail the user will be able to go to bodhi to see what failed and why as well as waiving the failed tests if needed.
Multi package update
fedpkg side-tag create foo1.2 fedpkg clone rpms/foobar cd foobar/ vim foobar.spec git commit -am "Update of foobar to update foo to 1.2" fedpkg push fedpkg build --target=user_foo1.2 cd .. fedpkg clone rpms/foobaz cd foobaz vim foobaz.spec git commit -am "Update of foobaz to update foo to 1.2" fedpkg push fedpkg build --target=user_foo1.2 cd .. fedpkg clone rpms/foo cd foo vim foo.spec git commit -am "Update foo to 1.2" fedpkg push fedpkg build --target=user_foo1.2 fedpkg side-tag merge foo1.2
If the CI tests pass, the package will land in rawhide, if they fail the user will be able to go to bodhi to see what failed and why as well as waiving the failed tests if needed.
Benefits to Fedora and the community =
- As more packagers opt-into gating and add tests to their packages, rawhide becomes more stable
- More stable rawhide will lead to easier composes and a smoother release process
- Ability to use chain-build in rawhide and stable releases
Costs to Fedora and the community
- Slight changes in the packager workflow in the case of multi-packages updates