Bug 1998370

Summary: Review Request: dnf-plugin-flunk_dependent_remove - DNF plugin to prevent removing packages recursively via automation
Product: [Fedora] Fedora Reporter: Davide Cavalca <davide>
Component: Package ReviewAssignee: Neal Gompa <ngompa13>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: ngompa13, package-review
Target Milestone: ---Flags: ngompa13: fedora-review+
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-09-05 20:15:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Davide Cavalca 2021-08-26 23:51:40 UTC 
Spec URL: https://dcavalca.fedorapeople.org/review/dnf-flunk_dependent_remove/dnf-flunk-dependent-remove.spec
SRPM URL: https://dcavalca.fedorapeople.org/review/dnf-flunk_dependent_remove/dnf-flunk_dependent_remove-1.0-3.fc36.src.rpm

Description:
Do not allow "dnf -y remove" to expand the list of packages to remove to
include packages which require one of the explicitly listed packages.
Fail the request instead.

Fedora Account System Username: dcavalca
Comment 1 Davide Cavalca 2021-08-26 23:51:42 UTC 
This package built on koji:  https://koji.fedoraproject.org/koji/taskinfo?taskID=74589544
Comment 2 Davide Cavalca 2021-08-26 23:55:24 UTC 
This probably warrants some additional context. This package is an updated version of https://github.com/facebookincubator/rpm-backports/tree/main/rpms/python3-dnf-flunk-dependent-remove and is meant to protect the system from automation (e.g. config management systems) accidentally removing more packages than originally expected via "dnf -y remove". It does that by simply failing the transaction.

I'm including the source as part of the packages because it's a tiny Python script, and it seems overkill to setup a whole repo just for that, but I can go down that path if necessary (the rpm-backports repo I linked above is a legacy thing and will go away soon).
Comment 3 Neal Gompa 2021-08-27 00:00:09 UTC 
Taking this review.
Comment 4 Neal Gompa 2021-08-27 00:01:37 UTC 
(In reply to Davide Cavalca from comment #2)
> This probably warrants some additional context. This package is an updated
> version of
> https://github.com/facebookincubator/rpm-backports/tree/main/rpms/python3-
> dnf-flunk-dependent-remove and is meant to protect the system from
> automation (e.g. config management systems) accidentally removing more
> packages than originally expected via "dnf -y remove". It does that by
> simply failing the transaction.
> 
> I'm including the source as part of the packages because it's a tiny Python
> script, and it seems overkill to setup a whole repo just for that, but I can
> go down that path if necessary (the rpm-backports repo I linked above is a
> legacy thing and will go away soon).

It's fine to do it this way, though if it ever gets more complex, you probably would want to set up a proper repo.
Comment 5 Neal Gompa 2021-08-27 00:02:18 UTC 
> Summary:        Do not remove packages recursively via automation

This doesn't indicate that it's a DNF plugin...

The package name should probably also change to have "dnf-plugin-" prefix instead of "dnf-" prefix.
Comment 6 Davide Cavalca 2021-08-27 00:10:20 UTC 
Spec URL: https://dcavalca.fedorapeople.org/review/dnf-plugin-flunk_dependent_remove/dnf-plugin-flunk-dependent-remove.spec
SRPM URL: https://dcavalca.fedorapeople.org/review/dnf-plugin-flunk_dependent_remove/dnf-plugin-flunk_dependent_remove-1.0-4.fc36.src.rpm

Changelog:
- Rename to dnf-plugin-flunk-dependent-remove
- Clarify summary and description
Comment 7 Neal Gompa 2021-08-27 01:58:36 UTC 
The spec file name doesn't match the SRPM name, which caused fedora-review to complain.
Comment 8 Davide Cavalca 2021-08-27 04:04:34 UTC 
Spec URL: https://dcavalca.fedorapeople.org/review/dnf-plugin-flunk_dependent_remove/dnf-plugin-flunk_dependent_remove.spec
SRPM URL: https://dcavalca.fedorapeople.org/review/dnf-plugin-flunk_dependent_remove/dnf-plugin-flunk_dependent_remove-1.0-5.fc36.src.rpm

Changelog:
- Fix specfile name to match the actual package
Comment 9 Neal Gompa 2021-08-27 04:32:41 UTC 
Review notes:

- Packaging follows general guidelines
- Package licensing is indicated correctly
- Packaging builds and installs
- No serious issues from rpmlint

PACKAGE APPROVED
Comment 10 Davide Cavalca 2021-08-27 05:46:22 UTC 
Thanks!

$ fedpkg request-repo dnf-plugin-flunk_dependent_remove 1998370
https://pagure.io/releng/fedora-scm-requests/issue/36569
Comment 11 Gwyn Ciesla 2021-08-28 19:46:26 UTC 
(fedscm-admin):  The Pagure repository was created at https://src.fedoraproject.org/rpms/dnf-plugin-flunk_dependent_remove
Comment 12 Fedora Update System 2021-08-28 20:05:02 UTC 
FEDORA-2021-e33feb6ac0 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-e33feb6ac0
Comment 13 Fedora Update System 2021-08-28 20:12:24 UTC 
FEDORA-2021-a2a9d304b1 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-a2a9d304b1
Comment 14 Fedora Update System 2021-08-28 20:17:47 UTC 
FEDORA-EPEL-2021-9abed9303c has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9abed9303c
Comment 15 Fedora Update System 2021-08-29 01:20:55 UTC 
FEDORA-2021-a2a9d304b1 has been pushed to the Fedora 34 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-a2a9d304b1 \*`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-a2a9d304b1

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 16 Fedora Update System 2021-08-29 01:25:38 UTC 
FEDORA-EPEL-2021-9abed9303c has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9abed9303c

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 17 Fedora Update System 2021-08-29 17:51:48 UTC 
FEDORA-2021-e33feb6ac0 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-e33feb6ac0 \*`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-e33feb6ac0

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 18 Fedora Update System 2021-09-05 20:15:30 UTC 
FEDORA-EPEL-2021-9abed9303c has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 19 Fedora Update System 2021-09-05 21:12:58 UTC 
FEDORA-2021-a2a9d304b1 has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 20 Fedora Update System 2021-09-24 20:10:47 UTC 
FEDORA-2021-e33feb6ac0 has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.