This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours

Bug 707199

Summary: Review Request: openstack-nova - OpenStack Compute (nova)
Product: [Fedora] Fedora Reporter: Oleg S. Gelbukh <ogelbukh>
Component: Package ReviewAssignee: Matt Domsch <matt_domsch>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: bloch, david, fedora-package-review, gholms, knight, lemenkov, markmc, matt_domsch, mrunge, notting, ogelbukh, ry, sander, xavier
Target Milestone: ---Flags: matt_domsch: fedora‑review+
limburgher: fedora‑cvs+
Target Release: ---   
Hardware: All   
OS: Linux   
See Also: https://bugzilla.redhat.com/show_bug.cgi?id=649495
https://bugzilla.redhat.com/show_bug.cgi?id=731966
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-08-30 02:19:03 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On: 731966, 731980, 733238    
Bug Blocks:    
Attachments:
Description Flags
spec file patch
none
rpmlint.txt none

Description Oleg S. Gelbukh 2011-05-24 07:44:47 EDT
Spec URL: 
https://github.com/Mirantis/openstack-fedora-specs
SRPM URL: 
http://download.mirantis.com/repo/nova-2011.3-1102.1.fc14.src.rpm
Description: 
Open source 'Infrastructure as a Service' cloud computing fabric controller. Written in Python using Twisted framework. Starts and controls virtual server instances, configures network connectivity, manages virtual disk attachment.
Generally compatible with AWS EC2 and S3 APIs. Modular, designed to adapt easily using plug-in modules mechanism.

NB: the package is under heavy refactoring by Mirantis Inc. team. We highly appreciate any feedback.
Comment 1 Robert Knight 2011-06-03 08:58:43 EDT
I get a 404 Not Found from the src.rpm URL.
Comment 2 Matthias Runge 2011-06-15 07:13:20 EDT
looks like a duplicate of 

https://bugzilla.redhat.com/show_bug.cgi?id=649495

Are you going to request reviews for  the other specs mentioned on the gitgub-page too?
Comment 3 Robert Knight 2011-06-15 21:13:29 EDT
There is source under

http://download.mirantis.com/repo/noarch

Oleg was not kidding when he said "heavy refactoring".  The source that I found there earlier today was

nova-2011.3-1184.1.fc15.src.rpm

eighty-two steps beyond the one mentioned in the initial entry.  I was able to get that source to build within mock, for Fedora 14 (which he seems to be using as his base), by adding the BuildRequires for python-eventlet, python-greenlet, python-gflags, and bzr to the .spec file.

I have not started examining the other .spec files.
Comment 4 Ryan Rix 2011-06-24 23:30:54 EDT
@Oleg: Could you and Silas in #649495 figure out which of the SRPMs should be reviewed, even if it means comaintaining some combination of both :) We'd like to mark one of these as a duplicate, and make sure people end up with less work at the end.
Comment 5 Silas Sewell 2011-06-25 20:48:52 EDT
*** Bug 649495 has been marked as a duplicate of this bug. ***
Comment 6 Matt Domsch 2011-06-29 15:27:18 EDT
rpmlint on the spec file is the first step.  These are trivially fixed.

$ rpmlint SPECS/openstack-nova.spec
SPECS/openstack-nova.spec:55: W: hardcoded-packager-tag "Mirantis
SPECS/openstack-nova.spec:380: W: deprecated-grep [u'fgrep']
SPECS/openstack-nova.spec:430: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:431: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:450: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:451: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:467: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:483: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:499: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:515: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:566: W: macro-in-comment %{name}
SPECS/openstack-nova.spec:384: W: mixed-use-of-spaces-and-tabs (spaces: line 7, tab: line 384)
SPECS/openstack-nova.spec: W: invalid-url Source0: http://nova.openstack.org/tarballs/nova.tar.gz HTTP Error 404: Not Found

In addition I have started other packaging guidelines related cleanups, and will post a spec file patch shortly.
Comment 7 Matt Domsch 2011-06-29 15:43:11 EDT
Oleg, the spec looks like a good starting point.  There are definitely some things to fix, but nothing impossible yet...

You will need to join the Fedora packagers team to be able to maintain this package in Fedora.  https://fedoraproject.org/wiki/PackageMaintainers/Join for how.  I will sponsor you.  Please clear needinfo when you've got a FAS account created, and tell us your account name.
Comment 8 Matt Domsch 2011-06-29 16:14:01 EDT
    MUST: rpmlint must be run on the source rpm and all binary rpms
    the build produces. The output should be posted in the review.[1]

    = done for spec only; once spec is updated to match guidelines
      more closely, will perform this step.

    MUST: The package must be named according to the Package Naming
    Guidelines .
    MUST: The spec file name must match the base package %{name}, in
    the format %{name}.spec unless your package has an exemption. [2]

    = Per convention, this package should be called 'openstack-nova'.
      Name tag must be changed to this.

    MUST: The package must meet the Packaging Guidelines .

    = in review here

    MUST: The package must be licensed with a Fedora approved license
    =nd meet the Licensing Guidelines .

    * Apache 2.0 is acceptable.

    MUST: The License field in the package spec file must match the
    actual license. [3]

    = OK

    MUST: If (and only if) the source package includes the text of the
    license(s) in its own file, then that file, containing the text of
    the license(s) for the package must be included in %doc.[4]

    = needs work. LICENSE file present in two of the 10 subpackages
      only.  It must be added to the rest.

    MUST: The spec file must be written in American English. [5]

    = OK

    MUST: The spec file for the package MUST be legible. [6]

    = OK

    MUST: The sources used to build the package must match the
    upstream source, as provided in the spec URL. Reviewers should use
    md5sum for this task. If no upstream URL can be specified for this
    package, please see the Source URL Guidelines for how to deal with
    this.

    = Needs work. URL there doesn't work, must provide an explicit
    bzr-versioned URL it seems.

    MUST: The package MUST successfully compile and build into binary
    rpms on at least one primary architecture. [7]

    = OK on x86_64 (building noarch)

    MUST: If the package does not successfully compile, build or work
    on an architecture, then those architectures should be listed in
    the spec in ExcludeArch. Each architecture listed in ExcludeArch

    = N/A

    MUST have a bug filed in bugzilla, describing the reason that the
    package does not compile/build/work on that architecture. The bug
    number MUST be placed in a comment, next to the corresponding
    ExcludeArch line. [8]

    = N/A

    MUST: All build dependencies must be listed in BuildRequires,
    except for any that are listed in the exceptions section of the
    Packaging Guidelines ; inclusion of those as BuildRequires is
    optional. Apply common sense.

    = OK.  Some BRs are missing that would be beneficial but which do
    not block the build, including python-carrot, python-mox,
    python-suds, m2crypto, bpython, python-memcached, python-migrate

    MUST: The spec file MUST handle locales properly. This is done by
    using the %find_lang macro. Using %{_datadir}/locale/* is strictly
    forbidden.[9]

    = N/A

    MUST: Every binary RPM package (or subpackage) which stores shared
    library files (not just symlinks) in any of the dynamic linker's
    default paths, must call ldconfig in %post and %postun. [10]

    = N/A

    MUST: Packages must NOT bundle copies of system libraries.[11]

    = OK

    MUST: If the package is designed to be relocatable, the packager
    must state this fact in the request for review, along with the
    rationalization for relocation of that specific package. Without
    this, use of Prefix: /usr is considered a blocker. [12]

    = N/A

    MUST: A package must own all directories that it creates. If it
    does not create a directory that it uses, then it should require a
    package which does create that directory. [13]

    = OK

    MUST: A Fedora package must not list a file more than once in the
    spec file's %files listings. (Notable exception: license texts in
    specific situations)[14]

    = needs work.  %{_datarootdir}/nova/setup_iptables.sh appeared
    twice by nature of directory is listed, as well as this specific file.


    MUST: Permissions on files must be set properly. Executables
    should be set with executable permissions, for example. [15]

    = needs work.  ajaxterm py[co] files are group writeable.

    MUST: Each package must consistently use macros. [16]

    = OK

    MUST: The package must contain code, or permissable content. [17]

    = OK

    MUST: Large documentation files must go in a -doc subpackage. (The
    definition of large is left up to the packager's best judgement,
    but is not restricted to size. Large can refer to either size or
    quantity). [18]

    = needs work. -doc subpackage exists.  Not set to build
    automaticaly though, which it must.  Drop the if/then test and
    build it unconditionally.

    MUST: If a package includes something as %doc, it must not affect
    the runtime of the application. To summarize: If it is in %doc,
    the program must run properly if it is not present. [18]

    = untested at this time

    MUST: Header files must be in a -devel package. [19]

    = N/A

    MUST: Static libraries must be in a -static package. [20]

    = N/A

    MUST: If a package contains library files with a suffix
    (e.g. libfoo.so.1.1), then library files that end in .so (without
    suffix) must go in a -devel package. [19]

    = N/A

    MUST: In the vast majority of cases, devel packages must require
    the base package using a fully versioned dependency: Requires:
    %{name}%{?_isa} = %{version}-%{release} [21]

    = N/A

    MUST: Packages must NOT contain any .la libtool archives, these
    must be removed in the spec if they are built.[20]

    = N/A

    MUST: Packages containing GUI applications must include a
    %{name}.desktop file, and that file must be properly installed
    with desktop-file-install in the %install section. If you feel
    that your packaged GUI application does not need a .desktop file,
    you must put a comment in the spec file with your
    explanation. [22]

    = N/A


    MUST: Packages must not own files or directories already owned by
    other packages. The rule of thumb here is that the first package
    to be installed should own the files or directories that other
    packages may rely upon. This means, for example, that no package
    in Fedora should ever share ownership with any of the files or
    directories owned by the filesystem or man package. If you feel
    that you have a good reason to own a file or directory that
    another package owns, then please present that at package review
    time. [23]

    = OK

    MUST: All filenames in rpm packages must be valid UTF-8. [24]

    = OK


SHOULD: If the source package does not include license text(s) as a
separate file from upstream, the packager SHOULD query upstream to
include it. [25]

        = N/A

SHOULD: The description and summary sections in the package spec file
should contain translations for supported Non-English languages, if
available. [26]

           = N/A

SHOULD: The reviewer should test that the package builds in mock.        = not done yet, other things to fix first.

SHOULD: The package should compile and build into binary rpms on all
supported architectures. [28]

          = OK (noarch)

SHOULD: The reviewer should test that the package functions as
described. A package should not segfault instead of running, for
example.

        = not done yet

SHOULD: If scriptlets are used, those scriptlets must be sane. This is
vague, and left up to the reviewers judgement to determine
sanity. [29]

        = needs work.  Specifically, calling rpmquery from inside
        %post is not allowed.  Database upgrade should be an
        application-specific step, not an installtime step.

SHOULD: Usually, subpackages other than devel should require the base
package using a fully versioned dependency. [21]

        = OK

SHOULD: The placement of pkgconfig(.pc) files depends on their
usecase, and this is usually for development purposes, so should be
placed in a -devel pkg. A reasonable exception is that the main pkg
itself is a devel tool not installed in a user runtime, e.g. gcc or
gdb. [30]

     = N/A

SHOULD: If the package has file dependencies outside of /etc, /bin,
/sbin, /usr/bin, or /usr/sbin consider requiring the package which
provides the file instead of the file itself. [31]

          = OK

SHOULD: your package should contain man pages for binaries/scripts. If
it doesn't, work with upstream to add them where they make sense.[32]
   = N/A


Additional points:
* see how to properly do release tags using bzr in the release field
* remove Distribution, Packager, Vendor tags
* Group: tag should be Applications/System even in the top-level
package
* consider defining %{shortname} to 'nova', use consistently
throughout.
* Consider other text in the description field.  e.g. the main package use:

OpenStack Compute (codename Nova) is open source software designed to
provision and manage large networks of virtual machines, creating a
redundant and scalable cloud computing platform. It gives you the
software, control panels, and APIs required to orchestrate a cloud,
including running instances, managing networks, and controlling access
through users and projects. OpenStack Compute strives to be both
hardware and hypervisor agnostic, currently supporting a variety of
standard hardware configurations and seven major hypervisors.

and in the top of each subpackage, use:

OpenStack Compute (codename Nova) is open source software designed to
provision and manage large networks of virtual machines, creating a
redundant and scalable cloud computing platform.

then the package-specific one-liner.
 [27]
* In Summary lines, s/nova/OpenStack Compute/'

* in %setup, use %setup -q -n %{shortname}-%{version}

* uncomment all %postun sections, use this template:
if [ "$1" -ge 1 ] ; then
    /sbin/service %{shortname}-api condrestart > /dev/null 2>&1 || :
    /sbin/service %{shortname}-direct-api condrestart > /dev/null 2>&1 || :
fi

* add an initial changelog line
Comment 9 Matt Domsch 2011-06-29 16:18:30 EDT
Created attachment 510531 [details]
spec file patch

My suggestions for how to fix many of the items in the above review.
Comment 10 Matt Domsch 2011-06-29 16:19:21 EDT
Created attachment 510533 [details]
rpmlint.txt

After above patch is applied, still get a lot of warnings and errors from rpmlint, mostly from the content of the initscripts.
Comment 11 Mark McLoughlin 2011-07-29 08:33:58 EDT
(In reply to comment #9)
> Created attachment 510531 [details]
> spec file patch
> 
> My suggestions for how to fix many of the items in the above review.

Matt, I took the liberty of splitting your patch up:

  https://github.com/markmc/openstack-fedora-specs

Perhaps that'll make it easier for Oleg and co to accept the changes?
Comment 12 Mark McLoughlin 2011-07-29 08:49:15 EDT
Some of the things Matt listed that still need sorting:

  - correct the version to reflect this is a bzr snapshot

  - DB migration shouldn't be in %post

Some other things that need sorting:

  - does the nova user/group need registering? I've forgotten the policy

  - there shouldn't be a warning about SELinux being enabled in %post

  - shouldn't be modifying sudoers in %post

  - the package requires openstack-glance and openstack-client, neither of
    which are packaged AFAICS

  - the cc-config and compute-config packages are used to package two different
    versions of nova.conf. I think the base nova package needs a nova.conf
    and further configuration should be left to the admin

  - the initscripts use start-stop-daemon, whereas we'd use the daemon function
    in Fedora. We should fix that rather than packaging start-stop-daemon. Also,
    perhaps we'd be better jumping straight to systemd rather than using 
    sysvinit

  - nitpicky perhaps, but someone else could take over this spec and submit it,
    if we got confirmation from the mirantis and griddynamics that they are 
    happy for their work to be contributed under the FPCA (e.g. they could 
    license the spec under MIT)
Comment 13 Mark McLoughlin 2011-08-19 08:27:04 EDT
Since this review has stalled, I've gone ahead and done some further work on the package. I've also filed bug #731966 for glance and bug #731980 for novaclient.

Matt, can you review the new package?

Spec URL:
https://raw.github.com/markmc/openstack-fedora-specs/014f8941/SPECS/openstack-nova.spec
SRPM URL:
http://koji.fedoraproject.org/koji/getfile?taskID=3279389&name=openstack-nova-2011.3-0.1.1449bzr.fc16.src.rpm
Scratch Koji Build URL:
http://koji.fedoraproject.org/koji/taskinfo?taskID=3279388
Fedora 16 yum repo URL:
http://repos.fedorapeople.org/repos/markmc/openstack/fedora-openstack.repo

Description:
OpenStack Compute (codename Nova) is open source software designed to
provision and manage large networks of virtual machines, creating a
redundant and scalable cloud computing platform. It gives you the
software, control panels, and APIs required to orchestrate a cloud,
including running instances, managing networks, and controlling access
through users and projects. OpenStack Compute strives to be both
hardware and hypervisor agnostic, currently supporting a variety of
standard hardware configurations and seven major hypervisors.
Comment 14 Mark McLoughlin 2011-08-26 12:10:28 EDT
Okay, I've done a good bit more work on this.

The main change I've made is to collapse all the sub-packages into openstack-nova, apart from python-nova.

From my commit message:

    The many, many subpackages isn't really buying us anything. The packages
    themselves are tiny (at around ~10k) and none of them have any massiv
    dependency set which would be nice to avoid.
    
    Collapsing the sub-packages simplifies the packaging hugely, makes
    things a lot more attractive and gets rid of the clunky 'node-full'
    package name.
    
    If needs be, we can start splitting individual components out again
    later. A starting point would probably be to create openstack-core and
    openstack-compute subpackages.

The new bits are here:

Spec URL: https://raw.github.com/markmc/openstack-fedora-specs/acdfd0f6/SPECS/openstack-nova.spec
SRPM URL: http://koji.fedoraproject.org/koji/getfile?taskID=3304149&name=openstack-nova-2011.3-0.3.d4.fc16.src.rpm
Scratch Koji Build URL: http://koji.fedoraproject.org/koji/taskinfo?taskID=3304148
Fedora 16 yum repo URL: http://repos.fedorapeople.org/repos/markmc/openstack/fedora-openstack.repo

Please someone review! Pretty please! :-)

(Oh - I had to disable the docs build in that scratch build above because Sphinx has started segfaulting on my in the koji builder. Doesn't happen locally)
Comment 15 Matt Domsch 2011-08-26 15:48:32 EDT
assigning to me.
Comment 16 Matt Domsch 2011-08-28 22:51:31 EDT
Formal review:

* rpmlint appended at bottom
* naming: OK
* spec file name matches: OK
* Packaging Guidelines: OK
* Licensed: OK (ASL 2.0)
* License tag: OK
* License included: OK
* Spec in English: OK
* Source matches: OK (manually downloaded)
* Builds on at least one arch: OK (built for noarch on on x86_64)
* ExcludeArch: unneeded, as it's noarch: OK
* BRs ok: Built in Koji. OK.
  Failed to build in koji against dist-rawhide due to sphinx segfault. http://koji.fedoraproject.org/koji/getfile?taskID=3307949&name=build.log
  Successfully built in koji against dist-f14
http://koji.fedoraproject.org/koji/taskinfo?taskID=3307950

* spec locales: N/A. OK.
* ldconfig: N/A. OK.
* no system libs: OK
* relocateable: N/A.  OK.
* own directories: needs to add Requires: logrotate polkit
* no duplicate files: OK
* file permissions: mostly OK.  Oddness, may be explained away though...
/etc/nova/* owned by root:nova, but not writeable by group.
-rw-r--r--    1 root    nova                     4101 Aug 28 20:43 /etc/nova/api-paste.ini
-rw-r-----    1 root    nova                      453 Aug 26 14:39 /etc/nova/nova.conf

/var/lib/nova and subdirs owned by nova:nobody.
drwxr-xr-x    2 nova    nobody                      0 Aug 28 20:44 /var/lib/nova

* consistent use of macros: OK
* code or content: OK
* large docs in subpackage: OK
* nothing in %doc critical: OK
* headers in -devel: N/A. OK
* static libs in -static: N/A. OK
* libs in -devel: N/A. OK
* -devel requires base: N/A. OK
* no libtool archives: OK
* GUI with .desktop: N/A. OK
* directory ownership: see above for logrotate and polkit
* filenames UTF-8: OK

SHOULDs:
* source has license: OK
* Translations in spec: N/A. OK
* builds in mock: OK on F14 x86_64.  Didn't try other arches.  koji build fails in rawhide (see above).
* build into binary arches: OK (via koji)
* test the package: not done.
* scriptlets must be sane: mostly OK.  The only real problem is in the creation of the CA Cert in %post, which cannot happen in %post and must be moved to an initscript.  The author notes this is problematic too, but you cannot assume that at %post time the kernel has enough entropy to be able to generate cryptographically secure keys.  At least as an initscript there's a chance for interaction to ensure sufficient entropy.
* require base package fully versioned: N/A. OK
* pkgconfig files: N/A. OK
* require package not file: N/A OK
* manpages: none provided by upstream.  Boo.


rpmlint:
$ rpmlint SPECS/openstack-nova.spec SRPMS/openstack-nova-2011.3-0.3.d4.fc14.src.rpm RPMS/noarch/*
SPECS/openstack-nova.spec:365: W: macro-in-%changelog %config
openstack-nova.src: W: spelling-error %description -l en_US hypervisor -> hyper visor, hyper-visor, supervisory
openstack-nova.src: W: spelling-error %description -l en_US hypervisors -> hyper visors, hyper-visors, supervisors
openstack-nova.src:365: W: macro-in-%changelog %config
openstack-nova.noarch: W: spelling-error %description -l en_US hypervisor -> hyper visor, hyper-visor, supervisory
openstack-nova.noarch: W: spelling-error %description -l en_US hypervisors -> hyper visors, hyper-visors, supervisors
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/openssl.cnf nova
openstack-nova.noarch: W: non-standard-uid /var/run/nova nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/crl.pem nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/private/cakey.pem nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/genvpn.sh nova
openstack-nova.noarch: W: non-standard-gid /etc/nova/nova.conf nova
openstack-nova.noarch: E: non-readable /etc/nova/nova.conf 0640L
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/crl nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/buckets nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/serial nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/certs nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/reqs nova
openstack-nova.noarch: W: non-standard-gid /etc/nova/api-paste.ini nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/newcerts nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/images nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/instances nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/private nova
openstack-nova.noarch: E: non-standard-dir-perm /var/lib/nova/CA/private 0750L
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/openssl.cnf.tmpl nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/index.txt nova
openstack-nova.noarch: W: non-standard-uid /var/log/nova nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/tmp nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/geninter.sh nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/cacert.pem nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/networks nova
openstack-nova.noarch: E: non-readable /etc/sudoers.d/nova 0440L
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/projects nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/keys nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/genrootca.sh nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/nova.sqlite nova
openstack-nova.noarch: W: no-manual-page-for-binary nova-clear-rabbit-queues
openstack-nova.noarch: W: no-manual-page-for-binary nova-dhcpbridge
openstack-nova.noarch: W: no-manual-page-for-binary nova-manage
openstack-nova.noarch: W: no-manual-page-for-binary nova-console
openstack-nova.noarch: W: no-manual-page-for-binary nova-compute
openstack-nova.noarch: W: no-manual-page-for-binary nova-api
openstack-nova.noarch: W: no-manual-page-for-binary nova-volume
openstack-nova.noarch: W: no-manual-page-for-binary nova-logspool
openstack-nova.noarch: W: no-manual-page-for-binary nova-network
openstack-nova.noarch: W: no-manual-page-for-binary nova-spoolsentry
openstack-nova.noarch: W: no-manual-page-for-binary nova-vncproxy
openstack-nova.noarch: W: no-manual-page-for-binary nova-api-ec2
openstack-nova.noarch: W: no-manual-page-for-binary nova-debug
openstack-nova.noarch: W: no-manual-page-for-binary nova-api-os
openstack-nova.noarch: W: no-manual-page-for-binary nova-direct-api
openstack-nova.noarch: W: no-manual-page-for-binary nova-ajax-console-proxy
openstack-nova.noarch: W: no-manual-page-for-binary nova-stack
openstack-nova.noarch: W: no-manual-page-for-binary nova-scheduler
openstack-nova.noarch: W: no-manual-page-for-binary nova-objectstore
openstack-nova.noarch: W: no-manual-page-for-binary nova-instance-usage-audit
openstack-nova.noarch: W: dangerous-command-in-%post chmod
openstack-nova-doc.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/openstack-nova-doc-2011.3/html/_sources/vmwareapi_readme.txt
4 packages and 1 specfiles checked; 3 errors, 57 warnings.

nothing hugely incorrect here, these warnings and errors can be ignored.

Thanks for getting a static uid/gid assignment.

with minor fixes noted above, happy to approve thereafter.

Thanks,
Matt
Comment 17 Matt Domsch 2011-08-28 23:02:47 EDT
Given this is targeting only recent distros (F15+), a few other changes should be made.

* add tmpfiles.d config file https://fedoraproject.org/wiki/Packaging:Tmpfiles.d
* add systemd unit files https://fedoraproject.org/wiki/Packaging:Systemd
- when done, initscripts go into an optional subpackage.
Comment 18 Matt Domsch 2011-08-28 23:44:27 EDT
How hard would it be to build the whole stack for EPEL 6 now also? :-)
Comment 19 Mark McLoughlin 2011-08-29 06:17:52 EDT
Thanks much Matt!

I think I've captured everything you pointed out here:

  https://fedoraproject.org/wiki/OpenStack#Nova_To_Do

Will work through them
Comment 20 Mark McLoughlin 2011-08-29 06:18:40 EDT
(In reply to comment #18)
> How hard would it be to build the whole stack for EPEL 6 now also? :-)

Only one way to find out - be my guest :)
Comment 21 Mark McLoughlin 2011-08-29 09:11:03 EDT
(In reply to comment #16)

> * own directories: needs to add Requires: logrotate polkit

Actually, unless I misunderstand you, there's no need to require these just because we're dropping files into directories owned by them:

http://fedoraproject.org/wiki/Packaging/Guidelines#FileAndDirectoryOwnership

  "you do not need to require a package for the sole fact that it happens
   to own a directory that your package places files in"
Comment 22 Mark McLoughlin 2011-08-29 09:29:33 EDT
Came up with a workaround for the sphinx segfault issue:

  https://github.com/markmc/openstack-fedora-specs/commit/25b13fe05f

Will file a bugzilla to remind us to find a real fix
Comment 23 Mark McLoughlin 2011-08-29 10:15:32 EDT
(In reply to comment #16)
> * file permissions: mostly OK.  Oddness, may be explained away though...
> /etc/nova/* owned by root:nova, but not writeable by group.
> -rw-r--r--    1 root    nova                     4101 Aug 28 20:43
> /etc/nova/api-paste.ini

Right, there's no need for this to be owned by the nova group. Changed it to root:root

> -rw-r-----    1 root    nova                      453 Aug 26 14:39
> /etc/nova/nova.conf

I think the idea here is that nova.conf may contain a MySQL password. So owned and writeable by root and readable only by the nova daemons 

> /var/lib/nova and subdirs owned by nova:nobody.
> drwxr-xr-x    2 nova    nobody                      0 Aug 28 20:44
> /var/lib/nova

Changed these to nova:nova
Comment 24 Mark McLoughlin 2011-08-29 10:17:16 EDT
(In reply to comment #16)
> * scriptlets must be sane: mostly OK.  The only real problem is in the creation
> of the CA Cert in %post, which cannot happen in %post and must be moved to an
> initscript.

Okay, it turns out the API server can generate the CA script itself on startup, so I've just removed the %post script to do this
Comment 26 Matt Domsch 2011-08-29 13:04:52 EDT
Thanks for the fixes.  They all look good.

gholmes noted that 'nova' may well be a user or group name on an existing system.  It is both a person's name, as well as many projects use the same name.  Would it make sense (and would the code break if) the user/group name were changed to openstack-nova:openstack-nova ?

The above notwithstanding, APPROVED.

Please be sure to include branches for el6 as well.
Comment 27 Matt Domsch 2011-08-29 13:53:56 EDT
Would be good to replace the BR on python-sphinx as noted here:

%{?fedora:BuildRequires:    python-sphinx >= 1.0}
%{?el6:BuildRequires:    python-sphinx10}
Comment 28 Matt Domsch 2011-08-29 14:00:22 EDT
epel build needs python-distutils-extra not currently in EPEL
Comment 29 Mark McLoughlin 2011-08-29 17:06:27 EDT
Thanks Matt!

New Package SCM Request
=======================
Package Name: openstack-nova
Short Description: OpenStack Compute (nova)
Owners: markmc mdomsch
Branches: f16 el6
InitialCC:
Comment 30 Mark McLoughlin 2011-08-29 17:08:01 EDT
Matt - feel free to go ahead on the epel6 branch when it's created

As I said for python-novaclient, let's try just maintaining separate specs and merging changes as appropriate using git. If that fails, we can always go back to the conditional based approach
Comment 31 Jon Ciesla 2011-08-29 18:49:06 EDT
Git done (by process-git-requests).
Comment 32 Mark McLoughlin 2011-08-30 02:19:03 EDT
Awesome. Built now in rawhide and F16
Comment 33 Xavier Bachelot 2011-10-13 10:18:17 EDT
Any one taking care of EL6 ? I have a patch against git master that allows building on EL6 if there is interest.