Re: Is there any value to per-Fedora branch ACLs?
tis 2010-12-07 klockan 10:20 -0800 skrev Jesse Keating: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? Can't see any. The only use I see is to allow people to indicate retirement and show a record of I did maintain in earlier Fedora releases but no longer, but that info is much better displayed by other means than the acl memberships. Regards Henrik -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
Jesse Keating wrote: Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? No. But the real question is: Is there any value to ACLs at all? Before the big Core-Extras Merge, Fedora Extras did just fine with no ACLs at all. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
Toshio Kuratomi venit, vidit, dixit 08.12.2010 01:44: On Tue, Dec 07, 2010 at 10:20:28AM -0800, Jesse Keating wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? Somethng I jsut thought of is whether package maintainers can create new branches in git by themselves. If the answer is still no, then we'd probably want to keep that information in pkgdb. If the answer is yes, then there's already the chance htat the branches could get out of sync. Another couple of issues are: 1) Statistics. People like to get statistics relating to packages in a release from pkgdb. We'd need to switch these around to somehow extract the information from git. 2) Bodhi work on a per-branch level. Storing critpath information in pkgdb pretty much means that we have to keep separate records for separate releases. So although I'd like to simplify things, it seems like there's lots of work to implement this but not a whole lot of benefit (other than making things less complex). Well, I currently have an issue where unretiring a package lead to some weird problems for some branches, see: https://fedorahosted.org/rel-eng/ticket/4290#preview pkgdb would let me take over the f13 branch from orphan, but not f14 nor master (which ahd been created automatically, probably during dist-git conversion). Since they've been set up via SCM request, I am able to push to git but not fedpkg build on master. (I can push to all branches haven't tried fedpkg build on them since I'm supposed to build master first.) It seems to me that at least the fact I was able to take over f13 from orphan but not the others is related to per-branch ACLs. But what do I know ;) Michael -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On Tue, Dec 7, 2010 at 6:20 PM, Jesse Keating jkeat...@redhat.com wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? I'm not sure there is. I'd like an on ramp to recruit yet to be sponsored contributors into helping out by allowing them to patch the packaging without build or bodhi rights...give me the ability to review their work and do the builds. But I don't need that on a per branch level. -jef -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? The pkgdb interface distinguishes them. Apparently there was some motivation for that in the first place. If the git hooks are not going to distinguish them, then pkgdb should change not to either. In my own experience, I've never put someone on any ACL for a package whom I wouldn't trust to respect informal agreements about who should do what commits to which branches. So any finer granularity on the ACL enforcement is to avoid accidental braino commits, if anything. Thanks, Roland -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On Tue, Dec 07, 2010 at 10:20:28AM -0800, Jesse Keating wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? I've never had a use case where I need to give someone access to only one branch. -- Ian Weller i...@ianweller.org Where open source multiplies: http://opensource.com pgpZb5ibi07eg.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
Jesse Keating wrote, at 12/08/2010 03:20 AM +9:00: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? There can be a case that F-13 package and F-14 package are completely different, even if the packages have the same name. For example there may be a case that a package of older version shipped in F-13 is written in perl, and new version shipped in F-14 is complete rewritten in python (and I know one example, and for this case re-review request for newer python version was submitted by the person who was not the primary maintainer of perl version). In this case for F-13 it may be reasonable that perl-sig is added in watchcommits, however on F-14 it is perhaps meaningless. And even they may want to change primary maintainer between these two (although for this case the primary maintainer did not change finally). Regards, Mamoru -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On Tue, Dec 07, 2010 at 10:20:28AM -0800, Jesse Keating wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? There should be at least a distinction between EOL releases and non EOL releases, e.g. someone having only commit access for F12 must not have commit access for F13+ currently, because usually only ownership / ACLs for current Fedora releases are up to date in PackageDB. And there should still be a distinction in PackageDB for different (co)maintainer for different Fedora releases. Regards Till pgpNqLQFLOAXj.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On Tue, Dec 7, 2010 at 7:20 PM, Jesse Keating jkeat...@redhat.com wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? No -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On 12/07/2010 10:25 AM, Jeff Spaleta wrote: On Tue, Dec 7, 2010 at 6:20 PM, Jesse Keating jkeat...@redhat.com wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? I'm not sure there is. I'd like an on ramp to recruit yet to be sponsored contributors into helping out by allowing them to patch the packaging without build or bodhi rights...give me the ability to review their work and do the builds. But I don't need that on a per branch level. -jef That can be accomplished by having them do an anonymous clone, commit their changes locally, and send you the changes via git send-email. If you like them, you can git am the emails and the changes will appear in the repo as authored and with the changelog of the potential contributor. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On 12/07/2010 10:27 AM, Roland McGrath wrote: The pkgdb interface distinguishes them. Apparently there was some motivation for that in the first place. If the git hooks are not going to distinguish them, then pkgdb should change not to either. Currently the git ACLs do enforce per-branch ACLs. It does make the acl config rather lengthy and the logic behind it a bit cumbersome, but it works. In my own experience, I've never put someone on any ACL for a package whom I wouldn't trust to respect informal agreements about who should do what commits to which branches. So any finer granularity on the ACL enforcement is to avoid accidental braino commits, if anything. Since it's so easy to undo things in git I think this is less of a concern. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On 12/07/2010 11:22 AM, Mamoru Tasaka wrote: There can be a case that F-13 package and F-14 package are completely different, even if the packages have the same name. For example there may be a case that a package of older version shipped in F-13 is written in perl, and new version shipped in F-14 is complete rewritten in python (and I know one example, and for this case re-review request for newer python version was submitted by the person who was not the primary maintainer of perl version). In this case for F-13 it may be reasonable that perl-sig is added in watchcommits, however on F-14 it is perhaps meaningless. And even they may want to change primary maintainer between these two (although for this case the primary maintainer did not change finally). primary maintainer doesn't really matter. Bugzilla doesn't do owners per release, there is just one owner for Fedora, and one for EPEL. The matter of watchcommits is interesting, but I wonder if that really needs to be tied to pkgdb or if in the future we have a better way of subscribing to data regarding a particular package/branch/whatever. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On 12/07/2010 11:52 AM, Till Maas wrote: On Tue, Dec 07, 2010 at 10:20:28AM -0800, Jesse Keating wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? There should be at least a distinction between EOL releases and non EOL releases, e.g. someone having only commit access for F12 must not have commit access for F13+ currently, because usually only ownership / ACLs for current Fedora releases are up to date in PackageDB. I don't think the above really means we need different ACLs per branch, just that if we did flatten then we need to flatten them as a union of current active branches and not any EOL data. And there should still be a distinction in PackageDB for different (co)maintainer for different Fedora releases. For what reason? -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On Tue, Dec 07, 2010 at 01:55:26PM -0800, Jesse Keating wrote: On 12/07/2010 11:52 AM, Till Maas wrote: On Tue, Dec 07, 2010 at 10:20:28AM -0800, Jesse Keating wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? There should be at least a distinction between EOL releases and non EOL releases, e.g. someone having only commit access for F12 must not have commit access for F13+ currently, because usually only ownership / ACLs for current Fedora releases are up to date in PackageDB. I don't think the above really means we need different ACLs per branch, just that if we did flatten then we need to flatten them as a union of current active branches and not any EOL data. I agree. And there should still be a distinction in PackageDB for different (co)maintainer for different Fedora releases. For what reason? To properly display the state of the package in PackageDB. E.g. if a package has different owners in different releases, it is more clear who is responsible. E.g. sometimes packages are faded out from Fedora and therefore orphaned in devel, but not in the stable releases. If there is only one Owner for all Fedora releases, this cannot be modeled. It might also happen that a package was orphaned for all releases but is only unorphaned for newer ones like devel. And I guess it might also happen that maintainership is passed for packages only for e.g. devel but not the stable releases from one maintainer to another. Regards Till pgprYySejIsJ1.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On 12/07/2010 02:25 PM, Till Maas wrote: To properly display the state of the package in PackageDB. E.g. if a package has different owners in different releases, it is more clear who is responsible. E.g. sometimes packages are faded out from Fedora and therefore orphaned in devel, but not in the stable releases. If there is only one Owner for all Fedora releases, this cannot be modeled. It might also happen that a package was orphaned for all releases but is only unorphaned for newer ones like devel. And I guess it might also happen that maintainership is passed for packages only for e.g. devel but not the stable releases from one maintainer to another. But what practical purpose does this serve? If bug is filed, the right person will be assigned or on the CC list. If email is sent to pkg-ow...@fedoraproject.org then the right person would get the email. As for orphaning that's an interesting thing to think about. As for maintainership passing, is there any practical reason to have different maintainers per branch? -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Is there any value to per-Fedora branch ACLs?
On Tue, Dec 07, 2010 at 10:20:28AM -0800, Jesse Keating wrote: While I'm looking into the git setup and ACLs and all this, I have a question. Is anybody seeing any real value of having different commit ACLs per Fedora branch? I've seen some argument for EPEL vs Fedora, but is there real value in ACLs for f13, f14, devel, etc...? Somethng I jsut thought of is whether package maintainers can create new branches in git by themselves. If the answer is still no, then we'd probably want to keep that information in pkgdb. If the answer is yes, then there's already the chance htat the branches could get out of sync. Another couple of issues are: 1) Statistics. People like to get statistics relating to packages in a release from pkgdb. We'd need to switch these around to somehow extract the information from git. 2) Bodhi work on a per-branch level. Storing critpath information in pkgdb pretty much means that we have to keep separate records for separate releases. So although I'd like to simplify things, it seems like there's lots of work to implement this but not a whole lot of benefit (other than making things less complex). -Toshio pgpVbmV6iYcyB.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel