Bug 844011

Summary: Review Request: openshift-origin-cartridge-abstract - OpenShift Origin common cartridge components
Product: [Fedora] Fedora Reporter: Troy Dawson <tdawson>
Component: Package ReviewAssignee: Michael Scherer <misc>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: misc, notting, package-review, xtian
Target Milestone: ---Flags: misc: fedora‑review+
limburgher: fedora‑cvs+
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-08-21 05:56:39 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On:    
Bug Blocks: 845314, 845319    

Description Troy Dawson 2012-07-27 17:34:16 EDT
Spec URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract.spec
SRPM URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract-0.14.4-2.fc18.src.rpm
This contains the common function used while building openshift cartridges.

Fedora Account System Username: tdawson

Rpmlint Output:

[rawhide]$ rpmlint openshift-origin-cartridge-abstract.spec
0 packages and 1 specfiles checked; 0 errors, 0 warnings.
[rawhide]$ rpmlint /home/quake/rpmbuild/SRPMS/openshift-origin-cartridge-abstract-0.14.4-2.fc18.src.rpm
1 packages and 0 specfiles checked; 0 errors, 0 warnings.
[rawhide]$ rpmlint /home/quake/rpmbuild/RPMS/noarch/openshift-origin-cartridge-abstract-0.14.4-2.fc18.noarch.rpm
1 packages and 0 specfiles checked; 0 errors, 0 warnings.
Comment 1 Troy Dawson 2012-07-27 17:40:29 EDT
*** Bug 842447 has been marked as a duplicate of this bug. ***
Comment 2 Michael Scherer 2012-07-27 17:45:15 EDT
I was redacting the comment for the previous bug when you changed the name, but since the file is the same :


So a few issues  :

/usr/libexec/stickshift/cartridges/abstract is the only directory, but 
/usr/libexec/stickshift/cartridges and 
/usr/libexec/stickshift/ would end unowned

So either a dependency is missing, or the file should be owned by the rpm, cf 

[!]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf is only needed if supporting EPEL5
( as i guess openshift would not go to EPEL , this should be cleaned )

I think the license should also be placed in /usr/share/doc, as this is where people would seek it ( but not blocking, afaik ). I also think it would be better to have the license in each file, but that's nitpicking

I am also wondering if the requires are correct. Git is likely used by stickshift_abstract script, but why mod_ssl ?

Looking at a few file, there is also missing requires :

abstract/info/bin/jenkins_build use ruby, rubygems, json 
abstract/info/connection-hooks/publish-http-url use facter, python
abstract/info/connection-hooks/publish-gear-endpoint too ( and in fact, there is code duplication )
abstract/info/connection-hooks/nurture_app_push.sh use curl
abstract/info/connection-hooks/open_ports.sh use socat and facter
abstract/info/connection-hooks/sync_gears.sh use rsync
abstract/info/hooks/deploy-httpd-proxy use rhc-idler, not sure where it come from 
abstract/info/lib/apache run various apache stuff with service, 
abstract/info/lib/network run lsof 
abstract-httpd/info/bin/app_ctl.sh run httpd directly 
abstract-jboss/info/bin/build.sh requires mvn, from maven

I looked at all files, but I may have look one so I guess a double check would not be bad. I am also not 

[!]: SHOULD Packages should try to preserve timestamps of original installed
I think you need to use a specific option of cp ( -p or -a )

[!]: SHOULD Spec use %global instead of %define.
     Note: %define cartdir %{_libexecdir}/stickshift/cartridges
again, not blocking but there is subtle effect 

And there is some compiled code in abstract-jboss/info/data/mysql.tar, and I am not sure if this would be a exception ( https://fedoraproject.org/wiki/Packaging:Guidelines#No_inclusion_of_pre-built_binaries_or_libraries ).
Comment 3 Troy Dawson 2012-07-27 19:21:23 EDT
Spec URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract.spec
SRPM URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract-0.14.4-3.fc18.src.rpm

- Fixed orphaned directories
- Fixed rm -rf %{buildroot}
-- Note: OpenShift Origin will go into EPEL6
-- I'm not sure if it will go into EPEL5, I'm assuming not, which is why I removed this instead of adding the other changes needed for EPEL 5.
- Added License into standard doc area
-- I also left it into the original areas.
- Changed cp command to use cp -p to preserve timestamp
- Changed %define to %global
- Dependancies
-- Added facter, python, curl, rsync, httpd, lsof
-- I'll have to ask about rhc-idler.  I thought it was an admin tool we use, and not really part of openshift-origin.
-- jboss and jenkens dependancies - we are not putting either of those cartridges into Fedora, and I'd hate to add some very big dependancies pulled in for something not used.
--- I personally would like to see the abstract-jboss pulled out into it's own rpm, openshift-origin-cartridge-abstract-jboss.
Comment 4 Michael Scherer 2012-07-28 08:35:36 EDT
It would be nice to document the Requires, as I fear that one day, they change ( for example, I think using less bash and more ruby would be better , only because there would be less process fork, and maybe more test framework ), so we can at least revise them easily.

In fact, the rpm you are submitting need to be first synced with the openshift production rpm ( cause i do not see what prevent you from puttin it in a separate rpm right now, except that )

But I agree that it should be splitted.

Also, you should IMHO investigate creating a rpm macro file for %cartdir ( but I guess that is it may be planned once the process for adding your own cart ? )
Comment 5 Troy Dawson 2012-07-30 10:33:04 EDT
Spec URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract.spec
SRPM URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract-0.14.4-4.fc18.src.rpm

- Added comments to requires that only one script depended on
- Added rubygem requires (for jenkins)
- Seperated jboss abstract into it's own rpm
- added /usr/bin/mvn to requires for jboss absctract rpm
Comment 6 Michael Scherer 2012-07-30 14:03:03 EDT
I am working on the review,but now I have a question. The review process ask me to check :

"MUST Package uses nothing in %doc for runtime."

then why is there %{_libexecdir}/stickshift/cartridges/abstract/COPYRIGHT in %doc ?

IE, if I choose to install the rpm with documentation disabled ( there is a macro in rpm for that, and that's something that could be done for a livecd ), would anything break, or is there some requirement to ship the license as part of the cartdrige ? 

If that's the case and if that's required for runtime, then it should not be tagged as %doc ( since it could be removed by error ), and if that's really just documentation, why ship it in 2 places ?
Comment 7 Michael Scherer 2012-07-30 14:16:34 EDT
I am not sure of using /usr/libexec/stickshift instead of /usr/share for FHS compliance. While that's upstream decision, I think /usr/share/ would be better ( since that's treated as data ).

And there is still a compiled binary version of mysql jdbc driver in mysql.tar ( modules/com/mysql/jdbc/main/mysql-connector-java-5.1.16-bin.jar ). 

I do not see where this is used, except in a documentation that refer to RH internal server : https://github.com/openshift/crankcase/blob/master/cartridges/jbossas-7/README 

So i would suggest to drop it from the tarball for now ( or to require the corresponding rpm from fedora, and use it as a source instead ).

Anyway, here is the review, there is just these 2 issue to fix ( bundle of java class, and the %doc issue ) :

Package Review

- = N/A
x = Pass
! = Fail
? = Not evaluated

==== Generic ====
[x]: EXTRA Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: EXTRA Spec file according to URL is the same as in SRPM.
[x]: MUST Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
[x]: MUST Package successfully compiles and builds into binary rpms on at
     least one supported primary architecture.
[-]: MUST %build honors applicable compiler flags or justifies otherwise.
[x]: MUST All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[x]: MUST Buildroot is not present
     Note: Unless packager wants to package for EPEL5 this is fine
[!]: MUST Package contains no bundled libraries.
[x]: MUST Changelog in prescribed format.
[x]: MUST Package has no %clean section with rm -rf %{buildroot} (or
     Note: Clean would be needed if support for EPEL is required
[x]: MUST Sources contain only permissible code or content.
[x]: MUST Each %files section contains %defattr if rpm < 4.4
     Note: Note: defattr macros not found. They would be needed for EPEL5
[x]: MUST Macros in Summary, %description expandable at SRPM build time.
[-]: MUST Package contains desktop file if it is a GUI application.
[-]: MUST Development files must be in a -devel package
[x]: MUST Package requires other packages for directories it uses.
[!]: MUST Package uses nothing in %doc for runtime.
[x]: MUST Package is not known to require ExcludeArch.
[x]: MUST Permissions on files are set properly.
[x]: MUST Package does not contain duplicates in %files.
[x]: MUST Fully versioned dependency in subpackages, if present.
[x]: MUST Package complies to the Packaging Guidelines
[x]: MUST Spec file lacks Packager, Vendor, PreReq tags.
[x]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf would be needed if support for EPEL5 is required
[-]: MUST Large documentation files are in a -doc subpackage, if required.
[x]: MUST If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %doc.
[x]: MUST License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. No licenses
     found. Please check the source files for licenses manually.
[x]: MUST License file installed when any subpackage combination is installed.
[x]: MUST Package consistently uses macro is (instead of hard-coded directory
[x]: MUST Package is named using only allowed ascii characters.
[x]: MUST Package is named according to the Package Naming Guidelines.
[x]: MUST Package does not generate any conflict.
     Note: Package contains no Conflicts: tag(s)
[x]: MUST Package obeys FHS, except libexecdir and /usr/target.
[-]: MUST If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: MUST Package must own all directories that it creates.
[x]: MUST Package does not own files or directories owned by other packages.
[x]: MUST Package installs properly.
[x]: MUST Package is not relocatable.
[x]: MUST Requires correct, justified where necessary.
[x]: MUST Rpmlint is run on all rpms the build produces.
     Note: No rpmlint messages.
[x]: MUST Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: MUST Spec file is legible and written in American English.
[x]: MUST Spec file name must match the spec package %{name}, in the format
[-]: MUST Package contains systemd file(s) if in need.
[x]: MUST File names are valid UTF-8.
[x]: SHOULD Reviewer should test that the package builds in mock.
[x]: SHOULD If the source package does not include license text(s) as a
     separate file from upstream, the packager SHOULD query upstream to
     include it.
[x]: SHOULD Dist tag is present.
[x]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin,
[x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q
[-]: SHOULD Package functions as described.
[x]: SHOULD Latest version is packaged.
[x]: SHOULD Package does not include license text files separate from
[x]: SHOULD SourceX tarball generation or download is documented.
[x]: SHOULD SourceX / PatchY prefixed with %{name}.
[x]: SHOULD SourceX is a working URL.
[x]: SHOULD Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: SHOULD Package should compile and build into binary rpms on all supported
[-]: SHOULD %check is present and all tests pass.
[x]: SHOULD Packages should try to preserve timestamps of original installed
[x]: SHOULD Spec use %global instead of %define.

[!]: MUST Package contains no bundled libraries.
[!]: MUST Package uses nothing in %doc for runtime.

Checking: openshift-origin-cartridge-abstract-0.14.4-4.fc17.noarch.rpm
3 packages and 0 specfiles checked; 0 errors, 0 warnings.

Rpmlint (installed packages)
Cannot parse rpmlint output:
openshift-origin-cartridge-abstract-0.14.4-4.fc17.noarch.rpm (rpmlib, GLIBC filtered):

openshift-origin-cartridge-abstract-jboss-0.14.4-4.fc17.noarch.rpm (rpmlib, GLIBC filtered):
    openshift-origin-cartridge-abstract = 0.14.4

    openshift-origin-cartridge-abstract = 0.14.4-4.fc17

    openshift-origin-cartridge-abstract-jboss = 0.14.4-4.fc17

MD5-sum check
http://mirror.openshift.com/pub/openshift-origin/source/openshift-origin-cartridge-abstract/openshift-origin-cartridge-abstract-0.14.4.tar.gz :
  MD5SUM this package     : e6b1462cd390117a0c501b593d337e5a
  MD5SUM upstream package : e6b1462cd390117a0c501b593d337e5a

Generated by fedora-review 0.2.0 (a5c4ced) last change: 2012-07-22
Command line :./try-fedora-review -b 844011
External plugins:
Comment 8 Troy Dawson 2012-07-31 14:54:13 EDT
Spec URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract.spec
SRPM URL: http://tdawson.fedorapeople.org/openshift-origin/openshift-origin-cartridge-abstract-0.14.4-5.fc18.src.rpm

- Docs are only in the normal doc area
- bundled library has been removed
-- Talked with developers and this was a leftover from early development.  Although I am just removing the mysql.tar in the spec file now, they will work on getting it out of the original source.
Comment 9 Michael Scherer 2012-07-31 15:31:41 EDT
404 not found for the spec
Comment 10 Troy Dawson 2012-07-31 15:34:34 EDT
Sorry about that.  Fixed.
Comment 11 Michael Scherer 2012-07-31 15:41:07 EDT
Ok, the 2 issues got fixed, so package is approved.
Comment 12 Troy Dawson 2012-08-02 14:07:12 EDT
New Package SCM Request
Package Name: openshift-origin-cartridge-abstract
Short Description: OpenShift Origin common cartridge components
Owners: tdawson maxamillion
Branches: f17 f18
Comment 13 Jon Ciesla 2012-08-02 14:15:32 EDT
Git done (by process-git-requests).

f18 not yet branched.
Comment 14 Fedora Update System 2012-08-02 19:10:29 EDT
openshift-origin-cartridge-abstract-0.14.4-5.fc17 has been submitted as an update for Fedora 17.
Comment 15 Fedora Update System 2012-08-03 07:30:34 EDT
openshift-origin-cartridge-abstract-0.14.4-5.fc17 has been pushed to the Fedora 17 testing repository.
Comment 16 Fedora Update System 2012-08-21 05:56:39 EDT
openshift-origin-cartridge-abstract-0.14.4-5.fc17 has been pushed to the Fedora 17 stable repository.