Bug#1049999: [DRE-maint] Bug#1049999: vagrant: the future of packaging vagrant in Debian

2024-09-26 Thread Francesco P. Lovergine

On Thu, Sep 26, 2024 at 04:15:37PM +0200, Lucas Nussbaum wrote:

Hi,

On 26/09/24 at 14:31 +0200, Francesco P. Lovergine wrote:

On Mon, 27 May 2024 22:24:12 +0200 Lucas Nussbaum  wrote:
> Hi,
>
> An update on this:
>
> I plan to take care of the Debian vagrant package (in the framework of
> the Ruby team, as this is currently done). I uploaded the latest free
> version of Vagrant to unstable/testing
> (2.3.7+git20230731.5fc64cde+dfsg-2).
>
> Of course help is welcomed. An easy and useful entry point is to look at
> existing bugs, try to reproduce them with the latest version, and report
> back.
>

Hi,

did you consider to patch for Virtualbox 7.1 support? It should be
quite immediate, I don't see any specific problem in the provider,
I could provide a patch agains 3.7 series just in case...


A patch would be great.
For now Virtualbox 7.1 is not in unstable yet.

Lucas



Sorry, I missed the update of the Log4r logger name, this is a bit
better.

Just to clarify I'm using it under stable with 7.1, apparently there are
no special issues as for some past versions.

--
⢀⣴⠾⠻⢶⣦⠀ Francesco Paolo Lovergine
⣾⠁⢠⠒⠀⣿⡁ Debian Developer
⢿⡄⠘⠷⠚⠋⠀ 0579 A97A 2238 EBF9 BE61
⠈⠳⣄ ED02 0F02 A5E1 1636 86A4
diff --git a/plugins/providers/virtualbox/driver/meta.rb b/plugins/providers/virtualbox/driver/meta.rb
index 04c130c44..251f79ca5 100644
--- a/plugins/providers/virtualbox/driver/meta.rb
+++ b/plugins/providers/virtualbox/driver/meta.rb
@@ -66,6 +66,7 @@ module VagrantPlugins
 "6.0" => Version_6_0,
 "6.1" => Version_6_1,
 "7.0" => Version_7_0,
+"7.1" => Version_7_1,
   }
 
   if @@version.start_with?("4.2.14")
diff --git a/plugins/providers/virtualbox/driver/version_7_1.rb b/plugins/providers/virtualbox/driver/version_7_1.rb
new file mode 100644
index 0..563c55918
--- /dev/null
+++ b/plugins/providers/virtualbox/driver/version_7_1.rb
@@ -0,0 +1,24 @@
+require File.expand_path("../version_7_0", __FILE__)
+
+module VagrantPlugins
+  module ProviderVirtualBox
+module Driver
+  # Driver for VirtualBox 7.1.x
+  class Version_7_1 < Version_7_0
+def initialize(uuid)
+  super
+
+  @logger = Log4r::Logger.new("vagrant::provider::virtualbox_7_1")
+end
+
+# VirtualBox version in use
+#
+# @return [Gem::Version]
+def get_version
+  return @version if @version
+  @version = Gem::Version.new(Meta.new.version)
+end
+  end
+end
+  end
+end
diff --git a/plugins/providers/virtualbox/plugin.rb b/plugins/providers/virtualbox/plugin.rb
index 3b447c5c2..96d20a156 100644
--- a/plugins/providers/virtualbox/plugin.rb
+++ b/plugins/providers/virtualbox/plugin.rb
@@ -101,6 +101,7 @@ module VagrantPlugins
   autoload :Version_6_0, File.expand_path("../driver/version_6_0", __FILE__)
   autoload :Version_6_1, File.expand_path("../driver/version_6_1", __FILE__)
   autoload :Version_7_0, File.expand_path("../driver/version_7_0", __FILE__)
+  autoload :Version_7_1, File.expand_path("../driver/version_7_1", __FILE__)
 end
 
 module Model


Bug#1049999: [DRE-maint] Bug#1049999: vagrant: the future of packaging vagrant in Debian

2024-09-26 Thread Francesco P. Lovergine

On Thu, Sep 26, 2024 at 04:15:37PM +0200, Lucas Nussbaum wrote:

Hi,

On 26/09/24 at 14:31 +0200, Francesco P. Lovergine wrote:


Hi,

did you consider to patch for Virtualbox 7.1 support? It should be
quite immediate, I don't see any specific problem in the provider,
I could provide a patch agains 3.7 series just in case...


A patch would be great.
For now Virtualbox 7.1 is not in unstable yet.

Lucas



Here it is.

--
Francesco P. Lovergine | https://lovergine.com/
diff --git a/plugins/providers/virtualbox/driver/meta.rb b/plugins/providers/virtualbox/driver/meta.rb
index 04c130c44..251f79ca5 100644
--- a/plugins/providers/virtualbox/driver/meta.rb
+++ b/plugins/providers/virtualbox/driver/meta.rb
@@ -66,6 +66,7 @@ module VagrantPlugins
 "6.0" => Version_6_0,
 "6.1" => Version_6_1,
 "7.0" => Version_7_0,
+"7.1" => Version_7_1,
   }
 
   if @@version.start_with?("4.2.14")
diff --git a/plugins/providers/virtualbox/driver/version_7_1.rb b/plugins/providers/virtualbox/driver/version_7_1.rb
new file mode 100644
index 0..563c55918
--- /dev/null
+++ b/plugins/providers/virtualbox/driver/version_7_1.rb
@@ -0,0 +1,24 @@
+require File.expand_path("../version_7_0", __FILE__)
+
+module VagrantPlugins
+  module ProviderVirtualBox
+module Driver
+  # Driver for VirtualBox 7.1.x
+  class Version_7_1 < Version_7_0
+def initialize(uuid)
+  super
+
+  @logger = Log4r::Logger.new("vagrant::provider::virtualbox_7_0")
+end
+
+# VirtualBox version in use
+#
+# @return [Gem::Version]
+def get_version
+  return @version if @version
+  @version = Gem::Version.new(Meta.new.version)
+end
+  end
+end
+  end
+end
diff --git a/plugins/providers/virtualbox/plugin.rb b/plugins/providers/virtualbox/plugin.rb
index 3b447c5c2..96d20a156 100644
--- a/plugins/providers/virtualbox/plugin.rb
+++ b/plugins/providers/virtualbox/plugin.rb
@@ -101,6 +101,7 @@ module VagrantPlugins
   autoload :Version_6_0, File.expand_path("../driver/version_6_0", __FILE__)
   autoload :Version_6_1, File.expand_path("../driver/version_6_1", __FILE__)
   autoload :Version_7_0, File.expand_path("../driver/version_7_0", __FILE__)
+  autoload :Version_7_1, File.expand_path("../driver/version_7_1", __FILE__)
 end
 
 module Model


Bug#1049999: [DRE-maint] Bug#1049999: vagrant: the future of packaging vagrant in Debian

2024-09-26 Thread Lucas Nussbaum
Hi,

On 26/09/24 at 14:31 +0200, Francesco P. Lovergine wrote:
> On Mon, 27 May 2024 22:24:12 +0200 Lucas Nussbaum  wrote:
> > Hi,
> > 
> > An update on this:
> > 
> > I plan to take care of the Debian vagrant package (in the framework of
> > the Ruby team, as this is currently done). I uploaded the latest free
> > version of Vagrant to unstable/testing
> > (2.3.7+git20230731.5fc64cde+dfsg-2).
> > 
> > Of course help is welcomed. An easy and useful entry point is to look at
> > existing bugs, try to reproduce them with the latest version, and report
> > back.
> > 
> 
> Hi,
> 
> did you consider to patch for Virtualbox 7.1 support? It should be
> quite immediate, I don't see any specific problem in the provider,
> I could provide a patch agains 3.7 series just in case...

A patch would be great.
For now Virtualbox 7.1 is not in unstable yet.

Lucas



Bug#1049999: vagrant: the future of packaging vagrant in Debian

2024-09-26 Thread Francesco P. Lovergine

On Mon, 27 May 2024 22:24:12 +0200 Lucas Nussbaum  wrote:

Hi,

An update on this:

I plan to take care of the Debian vagrant package (in the framework of
the Ruby team, as this is currently done). I uploaded the latest free
version of Vagrant to unstable/testing
(2.3.7+git20230731.5fc64cde+dfsg-2).

Of course help is welcomed. An easy and useful entry point is to look at
existing bugs, try to reproduce them with the latest version, and report
back.



Hi, 


did you consider to patch for Virtualbox 7.1 support? It should be
quite immediate, I don't see any specific problem in the provider,
I could provide a patch agains 3.7 series just in case...

--
⢀⣴⠾⠻⢶⣦⠀ Francesco Paolo Lovergine
⣾⠁⢠⠒⠀⣿⡁ Debian Developer
⢿⡄⠘⠷⠚⠋⠀ 0579 A97A 2238 EBF9 BE61
⠈⠳⣄ ED02 0F02 A5E1 1636 86A4



Bug#1049999: vagrant: the future of packaging vagrant in Debian

2024-05-27 Thread Lucas Nussbaum
Hi,

An update on this:

I plan to take care of the Debian vagrant package (in the framework of
the Ruby team, as this is currently done). I uploaded the latest free
version of Vagrant to unstable/testing
(2.3.7+git20230731.5fc64cde+dfsg-2).

Of course help is welcomed. An easy and useful entry point is to look at
existing bugs, try to reproduce them with the latest version, and report
back.


I do not plan to package the non-free versions of Vagrant.


I also plan to continue to take care of the Debian Vagrant images,
including ensure that they work with the version of Vagrant in Debian.


I also looked a bit at potential alternatives. A project with a good
potential is Incus (a LXD fork by the original LXC/LXD main developer).
It is easy to install, and it provides both VMs and containers support.

However currently it does not provide an equivalent to a Vagrantfile (to
describe the infrastructure to create, what to execute on nodes, etc.).
There's a terraform/opentofu provider, but that doesn't sounds very
exciting regarding complexity. I raised that topic in
https://discuss.linuxcontainers.org/t/incus-as-a-vagrant-replacement/19586
but the discussion did not go anywhere interesting.

Maybe a third party project could create an incus frontend that provides
a Vagrantfile-like interface. Given infinite free time, I would likely
work on that. :)

Lucas



Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-24 Thread Antonio Terceiro
On Thu, Aug 24, 2023 at 01:46:11AM +0200, Guillem Jover wrote:
> Hi!
> 
> On Fri, 2023-08-18 at 08:07:44 -0300, Antonio Terceiro wrote:
> > FWIW, I have been maintaining vagrant in Debian for several years.
> 
> BTW, thank you for having done that, it's been much appreciated!
> 
> > TL;DR: I will not be maintaining vagrant anymore.
> 
> > On Fri, Aug 18, 2023 at 02:56:28PM +0900, Kentaro HAYASHI wrote:
> > > * What was the outcome of this action?
> 
> > > Plan A.
> […]
> 
> > > Plan B.
> […]
> 
> > On Fri, Aug 18, 2023 at 09:37:54AM +, gwili.stif...@easymailer.live 
> > wrote:
> > > Plan C.
> […]
> 
> There's perhaps a:
> 
> Plan D.
> 
> - Package Vagrunt (https://github.com/vaagrunt/vagrunt) a fork of
>   Vagrant, that is stated should remain free software. And as it does
>   not have a CLA, if it gets several contributions it will be
>   increasingly hard to relicense.
> - Transition from vagrant to vagrunt via a transitional package.
> 
> (We use Vagrant at work, and I'm not planning on relying on a non-free
> tool, so a fork would do, otherwise I'd have to look into alternatives
> for us to switch to.)

I have seen this a couple of days ago.

So far vagrunt is vaporware. The GitHub user which created has -- as far
as I looked, i.e. on GitHub itself -- 0 contributions to Ruby projects.
I'm also not confident that it will be easy to keep up with e.g. new
VirtualBox versions without effectively infringing on HashiCorp
copyrights.

I will love to be proven wrong, but I'm not holding my breath here.


signature.asc
Description: PGP signature


Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-23 Thread Guillem Jover
Hi!

On Fri, 2023-08-18 at 08:07:44 -0300, Antonio Terceiro wrote:
> FWIW, I have been maintaining vagrant in Debian for several years.

BTW, thank you for having done that, it's been much appreciated!

> TL;DR: I will not be maintaining vagrant anymore.

> On Fri, Aug 18, 2023 at 02:56:28PM +0900, Kentaro HAYASHI wrote:
> > * What was the outcome of this action?

> > Plan A.
[…]

> > Plan B.
[…]

> On Fri, Aug 18, 2023 at 09:37:54AM +, gwili.stif...@easymailer.live wrote:
> > Plan C.
[…]

There's perhaps a:

Plan D.

- Package Vagrunt (https://github.com/vaagrunt/vagrunt) a fork of
  Vagrant, that is stated should remain free software. And as it does
  not have a CLA, if it gets several contributions it will be
  increasingly hard to relicense.
- Transition from vagrant to vagrunt via a transitional package.

(We use Vagrant at work, and I'm not planning on relying on a non-free
tool, so a fork would do, otherwise I'd have to look into alternatives
for us to switch to.)

> Hopefully, being burned a second time will teach me to not put my
> volunteer time in non-copyleft packages provided by a single
> corporation.

While it's certainly true that contributing into a project with
single-corp-control + non-copyleft has uncertain odds to take, at
least everyone is on the same footing. I think, as Lucas has mentioned,
the most problematic aspect in this kind of cases is where there are
both single-corp-control and a CLA, as that's what grants the possibility
of a relicense and this asymmetrical relationship, which could have
happened here as well even with a copyleft license. (Out of principle
I never sign CLAs for my volunteer work, with the exception of the one
for the FSF due to its nature and its assurances, but which I supposedly
rescinded some time ago anyway.)

Thanks,
Guillem



Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-22 Thread Antonio Terceiro
On Sat, Aug 19, 2023 at 06:46:06AM +0200, Lucas Nussbaum wrote:
> Hi,
> 
> This license change is so disappointing...
> 
> On 18/08/23 at 08:07 -0300, Antonio Terceiro wrote:
> > > Plan B.
> > > 
> > > - Drop vagrant because of that changed licence and no need to
> > >   keep older vagrant.
> > > - No vagrant avaiable in Debian. Just use upstream's package.
> > 
> > I think keeping a stale version of vagrant in the archive is worse than
> > telling people to just use upstream packages.
> 
> A follow-up question, especially in the case of Plan B, is: what do we
> do about Debian Vagrant images provided on Vagrant Cloud
> (https://app.vagrantup.com/debian/) ?
> 
> A/ continue to maintain them. But as the main uploader of those images
>in the recent times, I might not continue to maintain them, especially
>if I move to another tool for my own uses, so we might need to look
>for other volunteers.
> B/ stop maintaining them
>B.1/ ... and remove existing images from the 'debian' Vagrant Cloud
>account
>B.2/ ... and leave the 'debian' Vagrant Cloud account as it is
>currently
> 
> I don't think B.2 is a good idea.

I agree. Just as we provide cloud images for proprietary platforms, I
think we as a project want to control what is available as "Debian" for
Vagrant users, just like we do with images targetted at proprietary
cloud platforms.

> > Hopefully, being burned a second time will teach me to not put my
> > volunteer time in non-copyleft packages provided by a single
> > corporation.
> 
> Note that the fact that Vagrant was using a non-copyleft license is not
> entirely relevant. The same relicensing could be achieved by
> organizations using a copyleft licence with a copyright transfer
> agreement for external contributions. (I suspect that this is how it was
> achieved for other Hashicorp products, but I haven't checked).

Yes, that's true.


signature.asc
Description: PGP signature


Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-18 Thread Lucas Nussbaum
Hi,

This license change is so disappointing...

On 18/08/23 at 08:07 -0300, Antonio Terceiro wrote:
> > Plan B.
> > 
> > - Drop vagrant because of that changed licence and no need to
> >   keep older vagrant.
> > - No vagrant avaiable in Debian. Just use upstream's package.
> 
> I think keeping a stale version of vagrant in the archive is worse than
> telling people to just use upstream packages.

A follow-up question, especially in the case of Plan B, is: what do we
do about Debian Vagrant images provided on Vagrant Cloud
(https://app.vagrantup.com/debian/) ?

A/ continue to maintain them. But as the main uploader of those images
   in the recent times, I might not continue to maintain them, especially
   if I move to another tool for my own uses, so we might need to look
   for other volunteers.
B/ stop maintaining them
   B.1/ ... and remove existing images from the 'debian' Vagrant Cloud
   account
   B.2/ ... and leave the 'debian' Vagrant Cloud account as it is
   currently

I don't think B.2 is a good idea.

> Hopefully, being burned a second time will teach me to not put my
> volunteer time in non-copyleft packages provided by a single
> corporation.

Note that the fact that Vagrant was using a non-copyleft license is not
entirely relevant. The same relicensing could be achieved by
organizations using a copyleft licence with a copyright transfer
agreement for external contributions. (I suspect that this is how it was
achieved for other Hashicorp products, but I haven't checked).

Lucas


signature.asc
Description: PGP signature


Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-18 Thread Gwili . Stifter
Source: vagrant
Followup-For: Bug #104

Please consider officially orphaning the package if realistically you are the 
only maintainer of this package. This should help increase the visibility of 
the problem and make users think more about whether using vagrant from debian 
is the right solution to whatever they may be trying to achieve.



Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-18 Thread Antonio Terceiro
Hi,

FWIW, I have been maintaining vagrant in Debian for several years. Thank
you for raising this as I have been too lazy to push this discussion.

I am copying the Debian Ruby team plus all the people that I could find
listed as maintainer or uploader of vagrant related packages (mostly
plugins, vagrant-*, but also other related packages) so that they are
aware.

TL;DR: I will not be maintaining vagrant anymore.

On Fri, Aug 18, 2023 at 02:56:28PM +0900, Kentaro HAYASHI wrote:
> Package: vagrant
> Version: 2.3.4+dfsg-1
> Severity: normal
> X-Debbugs-Cc: ken...@xdump.org
> 
> Dear Maintainer,
> 
> * What led up to the situation?
> 
> HashiCorp adopts the BSL.
> 
> https://ir.hashicorp.com/news-releases/news-release-details/hashicorp-adopts-
> business-source-license-future-releases-its

This is the second time a package to which I dedicated extensive amount
of my time is made effectively non-free by its corporate upstream.

The first time was with Chef: while the license itself was not changed,
they started imposing trademark-related requirements that would impose a
large amount of busywork to keep something that looks like Chef (Cinc,
their "community" fork) in Debian. I decided to just give up, and moved
on to using something else.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959981
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963750

This is now my second time with this, and this time HashiCorp actually
made new versions of vagrant non-free.

I have used Chef Inc and HashiCorp stuff for free for several years, but
I also put in a large amount of work to make their tools available
trivially to Debian users by taking care of those packages in the Debian
archive.

Both Chef Inc and HashiCorp care a lot about having people that use
Debian consuming their products, so much so that they provide binary
packages for Debian. But they don't care at all about the time of
downstream maintainers, and why would they? They are private companies
trying to maximize their profit at the expense of whoever is in their
way. In this case, HashiCorp is apparently trying to counter other
companies who are selling solutions based on their tools that compete
with them, they have no incentive to care about the time of a few
individuals.

I don't see this change as a particularly evil move, but it effectively
destroys my motivation to continue working on it.

> Currently, vagrant 2.3.4+dfsg-1 was packaged in debian.
> 
> * What exactly did you do (or not do) that was effective (or
>   ineffective)?
> 
> Should we keep non-BSL licenced version (A) or drop it (B)?
> 
> * What was the outcome of this action?
> 
> Plan A.
> 
> - Update to 2.3.7 and hold it. (2.3.7 is the last non-BSL licenced
>   version)
> - Follow a newer version only when BSL limitation expired (4 years).
> - As a result, we can't use newer feature in timely manner if you stick
>   on packaged vagrant in Debian.

I had already looked into this, even before the relicensing being
announced, and it turns out that vagrant 2.3.7 has a few extra
dependencies that would need to be packaged too (something like 3 or 4
NEW packages), and I wasn't ready to put the necessary work in yet.

After the news came out, I gave up on doing it entirely, since after
this vagrant would be a dead end.

> Plan B.
> 
> - Drop vagrant because of that changed licence and no need to
>   keep older vagrant.
> - No vagrant avaiable in Debian. Just use upstream's package.

I think keeping a stale version of vagrant in the archive is worse than
telling people to just use upstream packages.

As far as my volunteer time is concerned, this is the most likely
outcome. I have some private notes on my requirements for a vagrant
replacement, and when I reach a conclusion I will most probably pursue
this path and just move on.

On Fri, Aug 18, 2023 at 09:37:54AM +, gwili.stif...@easymailer.live wrote:
> Source: vagrant
> Followup-For: Bug #104
> 
> Plan C.
> 
> - Move BSL-licenced versions of vagrant into debian's non-free section.

I will not maintain any packages in non-free.

Hopefully, being burned a second time will teach me to not put my
volunteer time in non-copyleft packages provided by a single
corporation.


signature.asc
Description: PGP signature


Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-18 Thread Gwili . Stifter
Source: vagrant
Followup-For: Bug #104

Plan C.

- Move BSL-licenced versions of vagrant into debian's non-free section.



Bug#1049999: vagrant: the future of packaging vagrant in Debian

2023-08-17 Thread Kentaro HAYASHI
Package: vagrant
Version: 2.3.4+dfsg-1
Severity: normal
X-Debbugs-Cc: ken...@xdump.org

Dear Maintainer,

* What led up to the situation?

HashiCorp adopts the BSL.

https://ir.hashicorp.com/news-releases/news-release-details/hashicorp-adopts-
business-source-license-future-releases-its

Currently, vagrant 2.3.4+dfsg-1 was packaged in debian.

* What exactly did you do (or not do) that was effective (or
  ineffective)?

Should we keep non-BSL licenced version (A) or drop it (B)?

* What was the outcome of this action?

Plan A.

- Update to 2.3.7 and hold it. (2.3.7 is the last non-BSL licenced
  version)
- Follow a newer version only when BSL limitation expired (4 years).
- As a result, we can't use newer feature in timely manner if you stick
  on packaged vagrant in Debian.

Plan B.

- Drop vagrant because of that changed licence and no need to
  keep older vagrant.
- No vagrant avaiable in Debian. Just use upstream's package.

* What outcome did you expect instead?

N/A