Bug 1480752

Summary: Review Request: kcov - Code coverage tool without special compilation options
Product: [Fedora] Fedora Reporter: Dridi Boukelmoune <dridi.boukelmoune>
Component: Package ReviewAssignee: Robert-André Mauchin 🐧 <zebob.m>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: package-review, projects.rg, randy, rjones, simon.kagstrom, zebob.m
Target Milestone: ---Flags: zebob.m: fedora-review+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-08-16 07:18:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dridi Boukelmoune 2017-08-11 19:53:59 UTC
Spec URL: https://dridi.fedorapeople.org/review/kcov.spec
SRPM URL: https://dridi.fedorapeople.org/review/kcov-33-1.fc26.src.rpm

Description:
Kcov is a code coverage tester for compiled programs, Python scripts and shell
scripts.  It allows collecting code coverage information from executables
without special command-line arguments, and continuously produces output from
long-running applications.

Fedora Account System Username: dridi

The source archive bundles 3 javascript files and C headers. The C headers don't matter on Linux but to be on the safe side they are removed during the %setup.

The 3 javascript files exist in packages but they are all shipped differently:

- a static javascript file
- a nodejs module
- an xstatic package

Versions shipped by Fedora probably don't match upstream expectations, and the javascript in question is embedded in the kcov program and used to generate static HTML reports. I chose to bundle them and document that via Provides.

I have been using a local build for a couple weeks now with satisfaction.

Scratch builds:

https://koji.fedoraproject.org/koji/taskinfo?taskID=21170130 (rawhide)
https://koji.fedoraproject.org/koji/taskinfo?taskID=21170134 (f26)
https://koji.fedoraproject.org/koji/taskinfo?taskID=21170143 (f25)

Comment 1 Raphael Groner 2017-08-15 21:30:12 UTC
Hi Dridi,
are you interested in a review swap, maybe you can look into bug #1462467?

Comment 2 Dridi Boukelmoune 2017-08-21 07:18:18 UTC
Hi Raphael,

Sure, I will gladly review your request too. Probably not before next weekend though but I see it depends on another review request so hopefully there's no hurry yet.

Thanks!

Comment 3 Raphael Groner 2017-08-21 11:53:32 UTC
(In reply to Dridi Boukelmoune from comment #2)
> Sure, I will gladly review your request too. Probably not before next
> weekend though but I see it depends on another review request so hopefully
> there's no hurry yet.

Dridi, thanks for your interest. We're nearly done with the dependencies, so it shouldn't block the review. Though, please don't expect any needed hurry as well. :)

Comment 5 Raphael Groner 2017-09-19 19:46:01 UTC
First, some general advices:

- You can directly link to pushed commits being parts of pull requests.
  For instance:
  Patch0: https://github.com/SimonKagstrom/kcov/commit/49b588443ddc6644f728d04af662a6d13d51ecd2.patch

- Create a separate bug for each entry of ExcludeArch and let it block the
  individual tracker.
  https://fedoraproject.org/wiki/Packaging:Guidelines#Architecture_Build_Failures

- Please decide if the package is for python2 or python3, maybe both. The
  executables need to run with the versionized shebang command.
  BuildRequire: python is not unique about version.
  https://fedoraproject.org/wiki/Packaging:Python#Multiple_Python_Runtimes
  https://fedoraproject.org/wiki/Packaging:Python#Avoiding_collisions_between_the_python_2_and_python_3_stacks
  
- Why not unbundle handlebars and jquery? What's the reason for concrete
  versions as noted?
  https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_Static_Libraries
  https://fedoraproject.org/wiki/Packaging:Guidelines#Bundling_and_Duplication_of_system_libraries

- When above suggestion is applied to add direct links to upstream commits as
  patches, it's possible to use %autosetup only instead of %setup -q and
  several %patch lines.
  https://fedoraproject.org/wiki/How_to_create_an_RPM_package#.25prep_section:_.25autosetup_command

- Can you be more precise in %files about the file names? It would simplify
  further updates and 'll show new and lost files.
  https://fedoraproject.org/wiki/How_to_create_an_RPM_package#.25files_section

Comment 6 Dridi Boukelmoune 2017-12-10 22:28:45 UTC
Sorry for the unresponsiveness, it's been quite a while already and today I'm dealing with a bunch of packages I maintain at once, and this one I'm submitting. In the mean time kcov-34 was released:

Spec URL: https://dridi.fedorapeople.org/review/kcov.spec
SRPM URL: https://dridi.fedorapeople.org/review/kcov-34-1.fc28.src.rpm

Scratch build:

https://koji.fedoraproject.org/koji/taskinfo?taskID=23630352 (rawhide)
https://koji.fedoraproject.org/koji/taskinfo?taskID=23630994 (f27)
https://koji.fedoraproject.org/koji/taskinfo?taskID=23631090 (f26)

Raphael, even though you removed yourself as the reviewer, I will nevertheless answer your comments for the next reviewer.

> You can directly link to pushed commits being parts of pull requests.

While the commits would apply to the master branch, some wouldn't directly apply to the kcov-33 release. No longer a problem, they are part of kcov-34.

> Please decide if the package is for python2 or python3, maybe both.

The package can work with both, and python was only needed by the test suite that is not yet in a shape suitable for the %check step. I was discussing this upstream at the time and will hopefully find time later to revisit this.

> Why not unbundle handlebars and jquery?

TL;DR: They are used as static assets rather than libraries, full story in the updated spec.

> What's the reason for concrete versions as noted?

Required by the same guidelines you linked since I chose bundling.

> Can you be more precise in %files about the file names?

I'd rather lessen the packaging bureaucracy and use globs. As long as I don't own anything the package shouldn't, I believe it is allowed by the guidelines unless I missed an update at some point.

Comment 7 Simon Kågström 2017-12-18 12:50:07 UTC
A small note: kcov doesn't actually depend on dyninst. It did that for a while between v33 and v34, but that dependency is gone again.

Comment 8 Robert-André Mauchin 🐧 2018-03-12 15:19:24 UTC
 - You forgot that part mentioned by Raphael:

  Create a separate bug for each entry of ExcludeArch and let it block the
  individual tracker.
  https://fedoraproject.org/wiki/Packaging:Guidelines#Architecture_Build_Failures

 - Remove cmake(dyninst) as upstream recommended

 - Use a more meaningful name for your archive:

Source:         https://github.com/SimonKagstrom/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz

 - kcov.x86_64: E: incorrect-fsf-address /usr/share/licenses/kcov/COPYING

Notify upstream about this



Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



===== MUST items =====

C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: Header files in -devel subpackage, if present.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses
     found: "MIT/X11 (BSD like)", "Unknown or generated". 209 files have
     unknown license. Detailed output of licensecheck in
     /home/bob/packaging/review/kcov/review-kcov/licensecheck.txt
[x]: License file installed when any subpackage combination is installed.
[x]: If the package is under multiple licenses, the licensing breakdown
     must be documented in the spec.
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[-]: Package is not known to require an ExcludeArch tag.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 0 bytes in 0 files.
[x]: Packages must not store files under /srv, /opt or /usr/local

===== SHOULD items =====

Generic:
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[-]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Fully versioned dependency in subpackages if applicable.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on debuginfo package(s).
     Note: No rpmlint messages.
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Large data in /usr/share should live in a noarch subpackage if package
     is arched.
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: kcov-34-1.fc29.x86_64.rpm
          kcov-debuginfo-34-1.fc29.x86_64.rpm
          kcov-debugsource-34-1.fc29.x86_64.rpm
          kcov-34-1.fc29.src.rpm
kcov.x86_64: W: only-non-binary-in-usr-lib
kcov.x86_64: E: incorrect-fsf-address /usr/share/licenses/kcov/COPYING
kcov-debugsource.x86_64: W: no-documentation
4 packages and 0 specfiles checked; 1 errors, 2 warnings.

Comment 9 Dridi Boukelmoune 2018-03-14 14:04:31 UTC
> You forgot that part mentioned by Raphael:

No, a comment only until the package is approved according to the guidelines.

> Remove cmake(dyninst) as upstream recommended

Will do!

> Use a more meaningful name for your archive:

Thanks for the tip!

> kcov.x86_64: E: incorrect-fsf-address /usr/share/licenses/kcov/COPYING
>
> Notify upstream about this

Already done last August, fixed in git and pending a release.

https://github.com/SimonKagstrom/kcov/commit/116b7e8ef48c2ade8e345e9403a51ec8cb4aa719

Comment 10 Robert-André Mauchin 🐧 2018-03-14 14:15:50 UTC
Perfect, package is approved then.

Comment 11 Dridi Boukelmoune 2018-03-14 17:47:29 UTC
Spec URL: https://dridi.fedorapeople.org/review/kcov.spec
SRPM URL: https://dridi.fedorapeople.org/review/kcov-34-1.fc29.src.rpm

I'm afraid Simon was wrong because without dyninst the build plainly fails:

https://koji.fedoraproject.org/koji/taskinfo?taskID=25697748

Here is a scratch build of this latest submission:

https://koji.fedoraproject.org/koji/taskinfo?taskID=25698142

The only change is the Source tag resulting in a much better archive name.

Thanks!

Comment 12 Dridi Boukelmoune 2018-03-16 08:18:27 UTC
Spec URL: https://dridi.fedorapeople.org/review/kcov.spec
SRPM URL: https://dridi.fedorapeople.org/review/kcov-34-1.fc29.src.rpm

Let it be known that I was wrong and Simon was right, the reason why building with dyninst worked was because one of its nested dependencies brought python in. So I updated the spec one last time after trying to build it on platforms that were initially excluded because of dyninst, wrote a patch for aarch64, and now only the s390 family is left unsupported.

Scratch build:

https://koji.fedoraproject.org/koji/taskinfo?taskID=25737460

Comment 13 Dridi Boukelmoune 2018-08-16 07:18:29 UTC
Closing in favor of bug 1617920.