Bug 1021733 - Review Request: python-SecretStorage - Python module for secure storing of passwords and secrets
Review Request: python-SecretStorage - Python module for secure storing of pa...
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Mario Blättermann
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 1014976 1021192
  Show dependency treegraph
 
Reported: 2013-10-21 19:50 EDT by Christopher Meng
Modified: 2014-07-17 07:59 EDT (History)
6 users (show)

See Also:
Fixed In Version: python-SecretStorage-1.1.0-1.fc20
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-11-26 23:38:05 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
mario.blaettermann: fedora‑review+
limburgher: fedora‑cvs+


Attachments (Terms of Use)
build.log -- FTBFS on rawhide (16.78 KB, text/x-log)
2013-10-22 09:50 EDT, Björn 'besser82' Esser
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Launchpad 1243622 None None None Never

  None (edit)
Description Christopher Meng 2013-10-21 19:50:21 EDT
Spec URL: http://cicku.me/python-SecretStorage.spec
SRPM URL: http://cicku.me/python-SecretStorage-1.0.0-1.fc21.src.rpm 
Description: This module provides a way for securely storing passwords and other secrets.

It uses D-Bus Secret Service API that is supported by GNOME Keyring (>= 2.30) 
and KSecretsService.

The main classes provided are secretstorage.Item, representing a secret item 
(that has a label, a secret and some attributes) and secretstorage.Collection,
a place items are stored in.

SecretStorage supports most of the functions provided by Secret Service, 
including creating and deleting items and collections, editing items, locking 
and unlocking collections (asynchronous unlocking is also supported).
Fedora Account System Username: cicku
Comment 1 Björn 'besser82' Esser 2013-10-22 09:05:13 EDT
taken  ;)
Comment 2 Björn 'besser82' Esser 2013-10-22 09:50:33 EDT
Created attachment 815008 [details]
build.log -- FTBFS on rawhide

FTBFS on rawhide!!!  :(  It seems rpmbuild complains about non-existing files, when creating rpm(s) from %{buildroot}...
Comment 3 Christopher Meng 2013-10-22 10:41:53 EDT
Fixed, forgot to mark it as noarch.

Same URL again.
Comment 4 Björn 'besser82' Esser 2013-10-22 11:36:34 EDT
===== Review report for python-SecretStorage-1.0.0-1 =====

Package has issues.  :(


Package Review
==============

Legend:
[x] = Pass
[!] = Fail
[-] = Not applicable
[?] = Not evaluated


===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses found:
     "Unknown or generated". 12 files have unknown license. Detailed output of
     licensecheck in /home/besser82/shared/fedora/review/1021733-python-
     SecretStorage/licensecheck.txt

     ---> License-tag is fine.  :)

[!]: License file installed when any subpackage combination is installed.

     ---> License is missing in -doc. The -doc sub-pkg should have
          `%doc changelog LICENSE README build/sphinx/html` (without that
          '/*' suffixed) instead of `%doc build/sphinx/html/*`.  So it
          will pick-up all docs && carry a html-subdir.

[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 20480 bytes in 6 files.
[!]: Package complies to the Packaging Guidelines

     ---> issues are present.

[x]: Package successfully compiles and builds into binary rpms on at least one
     supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: No rpmlint messages.
[x]: If (and only if) the source package includes the text of the license(s)
     in its own file, then that file, containing the text of the license(s)
     for the package is included in %doc.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any that
     are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Each %files section contains %defattr if rpm < 4.4
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package do not use a name that already exist
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as provided
     in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

Python:
[x]: Python eggs must not download any dependencies during the build process.
[x]: A package which is used by another package via an egg interface should
     provide egg info.
[x]: Package meets the Packaging Guidelines::Python
[x]: Package contains BR: python2-devel or python3-devel
[x]: Binary eggs must be removed in %prep

===== SHOULD items =====

Generic:
[-]: If the source package does not include license text(s) as a separate file
     from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[-]: Fully versioned dependency in subpackages if applicable.
     Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in
     python3-SecretStorage , python-SecretStorage-doc

     ---> not needed

[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[!]: %check is present and all tests pass.

     ---> there is a tests-subdir in tarball.  You should BR:
          python-nose, python3-nose and run the corresponding
          `nosetests` within %check.

[x]: Packages should try to preserve timestamps of original installed files.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: Dist tag is present (not strictly required in GL).
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: SourceX tarball generation or download is documented.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on all installed packages.
     Note: No rpmlint messages.
[x]: Large data in /usr/share should live in a noarch subpackage if package is
     arched.
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: python-SecretStorage-1.0.0-1.fc21.noarch.rpm
          python3-SecretStorage-1.0.0-1.fc21.noarch.rpm
          python-SecretStorage-doc-1.0.0-1.fc21.noarch.rpm
          python-SecretStorage-1.0.0-1.fc21.src.rpm
4 packages and 0 specfiles checked; 0 errors, 0 warnings.




Rpmlint (installed packages)
----------------------------
# rpmlint python3-SecretStorage python-SecretStorage python-Secre 
tStorage-doc
3 packages and 0 specfiles checked; 0 errors, 0 warnings.
# echo 'rpmlint-done:'



Requires
--------
python3-SecretStorage (rpmlib, GLIBC filtered):
    python(abi)
    python3-dbus

python-SecretStorage (rpmlib, GLIBC filtered):
    dbus-python
    python(abi)

python-SecretStorage-doc (rpmlib, GLIBC filtered):



Provides
--------
python3-SecretStorage:
    python3-SecretStorage

python-SecretStorage:
    python-SecretStorage

python-SecretStorage-doc:
    python-SecretStorage-doc



Source checksums
----------------
https://pypi.python.org/packages/source/S/SecretStorage/SecretStorage-1.0.0.tar.gz :
  CHECKSUM(SHA256) this package     : 27c441f2cf524edaa0cf39abb4a9f65cde6ab99bb1471a9e2cdb11ffcfbc0081
  CHECKSUM(SHA256) upstream package : 27c441f2cf524edaa0cf39abb4a9f65cde6ab99bb1471a9e2cdb11ffcfbc0081


Generated by fedora-review 0.5.0 (920221d) last change: 2013-08-30
Command line :/usr/bin/fedora-review -m fedora-rawhide-x86_64 -b 1021733
Buildroot used: fedora-rawhide-x86_64
Active plugins: Generic, Python, Shell-api
Disabled plugins: Java, C/C++, SugarActivity, Perl, R, PHP, Ruby
Disabled flags: EPEL5, EXARCH, DISTTAG


===== Additional comments =====

- There is trouble when building the autodocs with sphinx, because of missing
  BR: dbus-python.  You should add that.


===== Solution =====

NOT APPROVED -- Please fix those issues and think about my additional comments.  I'll run another review on the updated package then.
Comment 5 Christopher Meng 2013-10-23 01:12:01 EDT
(In reply to Björn "besser82" Esser from comment #4)
> [!]: License file installed when any subpackage combination is installed.
> 
>      ---> License is missing in -doc. The -doc sub-pkg should have
>           `%doc changelog LICENSE README build/sphinx/html` (without that
>           '/*' suffixed) instead of `%doc build/sphinx/html/*`.  So it
>           will pick-up all docs && carry a html-subdir.

I'm sorry, but I don't agree.
I think doc package should only contains docs, but no need to ship changelog LICENSE README anymore. Besides I think keeping /* will let users enter the dir and see docs immediately but not enter a html folder again.


> [!]: %check is present and all tests pass.
> 
>      ---> there is a tests-subdir in tarball.  You should BR:
>           python-nose, python3-nose and run the corresponding
>           `nosetests` within %check.

Because tests will fail to test.

1. Simply use

nosetests-%{python_version}

Failed because ImportError: No module named secretstorage

2. Then I did a tricks:

PYTHONPATH=%{buildroot}%{python_sitelib} nosetests-%{python_version}

This time real failures are coming:

---------------------------

Executing(%check): /bin/sh -e /var/tmp/rpm-tmp.NGiSNR
+ umask 022
+ cd /home/rpmaker/rpmbuild/BUILD
+ cd SecretStorage-1.0.0
+ pushd tests
~/rpmbuild/BUILD/SecretStorage-1.0.0/tests ~/rpmbuild/BUILD/SecretStorage-1.0.0
+ PYTHONPATH=/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages
+ nosetests-2.7
..EEEE..E
======================================================================
ERROR: test_create_empty_item (test_collection.CollectionTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/rpmaker/rpmbuild/BUILD/SecretStorage-1.0.0/tests/test_collection.py", line 28, in test_create_empty_item
    item = self.collection.create_item('', {}, b'')
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 120, in create_item
    self.ensure_not_locked()
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 55, in ensure_not_locked
    raise LockedException('Collection is locked!')
LockedException: Collection is locked!

======================================================================
ERROR: test_label (test_collection.CollectionTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/rpmaker/rpmbuild/BUILD/SecretStorage-1.0.0/tests/test_collection.py", line 33, in test_label
    self.collection.set_label('Hello!')
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 109, in set_label
    self.ensure_not_locked()
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 55, in ensure_not_locked
    raise LockedException('Collection is locked!')
LockedException: Collection is locked!

======================================================================
ERROR: test suite for <class 'test_compat_functions.CompatFunctionsTest'>
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 208, in run
    self.setUp()
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 291, in setUp
    self.setupContext(ancestor)
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 314, in setupContext
    try_run(context, names)
  File "/usr/lib/python2.7/site-packages/nose/util.py", line 469, in try_run
    return func()
  File "/home/rpmaker/rpmbuild/BUILD/SecretStorage-1.0.0/tests/test_compat_functions.py", line 23, in setUpClass
    ATTRIBUTES, PASSWORD)
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/__init__.py", line 96, in create_item
    collection.unlock()
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 70, in unlock
    return exec_prompt_glib(self.bus, prompt)[0]
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/util.py", line 85, in exec_prompt_glib
    exec_prompt(bus, prompt, callback)
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/util.py", line 73, in exec_prompt
    prompt_iface.connect_to_signal('Completed', new_callback)
  File "/usr/lib/python2.7/site-packages/dbus/proxies.py", line 544, in connect_to_signal
    dbus_interface, **keywords)
  File "/usr/lib/python2.7/site-packages/dbus/proxies.py", line 369, in connect_to_signal
    **keywords)
  File "/usr/lib/python2.7/site-packages/dbus/bus.py", line 148, in add_signal_receiver
    path, **keywords)
  File "/usr/lib/python2.7/site-packages/dbus/connection.py", line 400, in add_signal_receiver
    self._require_main_loop()
RuntimeError: To make asynchronous calls, receive signals or export objects, D-Bus connections must be attached to a main loop by passing mainloop=... to the constructor or calling dbus.set_default_main_loop(...)

======================================================================
ERROR: test_double_deleting (test_exceptions.ExceptionsTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/rpmaker/rpmbuild/BUILD/SecretStorage-1.0.0/tests/test_exceptions.py", line 22, in test_double_deleting
    {'application': 'secretstorage-test'}, b'pa$$word')
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 120, in create_item
    self.ensure_not_locked()
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 55, in ensure_not_locked
    raise LockedException('Collection is locked!')
LockedException: Collection is locked!

======================================================================
ERROR: test suite for <class 'test_item.ItemTest'>
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 208, in run
    self.setUp()
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 291, in setUp
    self.setupContext(ancestor)
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 314, in setupContext
    try_run(context, names)
  File "/usr/lib/python2.7/site-packages/nose/util.py", line 469, in try_run
    return func()
  File "/home/rpmaker/rpmbuild/BUILD/SecretStorage-1.0.0/tests/test_item.py", line 24, in setUpClass
    b'pa$$word')
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 120, in create_item
    self.ensure_not_locked()
  File "/home/rpmaker/rpmbuild/BUILDROOT/python-SecretStorage-1.0.0-1.fc21.i386/usr/lib/python2.7/site-packages/secretstorage/collection.py", line 55, in ensure_not_locked
    raise LockedException('Collection is locked!')
LockedException: Collection is locked!

----------------------------------------------------------------------
Ran 7 tests in 0.893s

FAILED (errors=5)
error: Bad exit status from /var/tmp/rpm-tmp.NGiSNR (%check)

----------------------------------------------------------------------

Also my computer's keyring unlock window bumped out and asked my password.

So I didn't add tests.

 
> ===== Additional comments =====
> 
> - There is trouble when building the autodocs with sphinx, because of missing
>   BR: dbus-python.  You should add that.

Fixed.

I will listen to your new opinions and then upload a new version.
Comment 6 Björn 'besser82' Esser 2013-10-23 03:58:39 EDT
(In reply to Christopher Meng from comment #5)
> (In reply to Björn "besser82" Esser from comment #4)
> > [!]: License file installed when any subpackage combination is installed.
> > 
> >      ---> License is missing in -doc. The -doc sub-pkg should have
> >           `%doc changelog LICENSE README build/sphinx/html` (without that
> >           '/*' suffixed) instead of `%doc build/sphinx/html/*`.  So it
> >           will pick-up all docs && carry a html-subdir.
> 
> I'm sorry, but I don't agree.
> I think doc package should only contains docs, but no need to ship changelog
> LICENSE README anymore. Besides I think keeping /* will let users enter the
> dir and see docs immediately but not enter a html folder again.

Ain't changelog, license, readme docs, are they?  I usually _strongly recommend_ to add them to -doc.  And for that reason finding them between a kazillion other files is extremely hard, I recommend keeping html-doc in a html-subdir...


> > [!]: %check is present and all tests pass.
> > 
> >      ---> there is a tests-subdir in tarball.  You should BR:
> >           python-nose, python3-nose and run the corresponding
> >           `nosetests` within %check.
> 
> Because tests will fail to test.
> 
> 1. Simply use
> 
> nosetests-%{python_version}
> 
> Failed because ImportError: No module named secretstorage
> 
> 2. Then I did a tricks:
> 
> PYTHONPATH=%{buildroot}%{python_sitelib} nosetests-%{python_version}
> 
> This time real failures are coming:
> 
> ----------------------------------------------------------------------
> Ran 7 tests in 0.893s
> 
> FAILED (errors=5)
> error: Bad exit status from /var/tmp/rpm-tmp.NGiSNR (%check)
> 
> ----------------------------------------------------------------------
> 
> Also my computer's keyring unlock window bumped out and asked my password.
> 
> So I didn't add tests.

Did you ask upstream about that?  Failing test are usually _really_ bad.  :(


> I will listen to your new opinions and then upload a new version.

There you go.  :D
Comment 7 Christopher Meng 2013-10-23 05:45:12 EDT
(In reply to Björn "besser82" Esser from comment #6)
> Ain't changelog, license, readme docs, are they?  I usually _strongly
> recommend_ to add them to -doc.  And for that reason finding them between a
> kazillion other files is extremely hard, I recommend keeping html-doc in a
> html-subdir...

No, IMHO -doc should contains docs about software itself but not package itself.

Well, if I add changelog, license and readme as docs, of course I will use html but not html/* ;) But now I need some proven people to tell me whether the opinion is true or false...


> Did you ask upstream about that?  Failing test are usually _really_ bad.  :(

Externel bug tracker added.
Comment 8 Michael Schwendt 2013-10-23 05:47:45 EDT
Whether to include the license file in the -doc package boils down to:

  https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#Subpackage_Licensing

That way the licensing terms are distributed with each individual piece of the software as shipped by Fedora.

I also find it worthwhile to include the other few %doc files, so somebody who examines just the -doc package can find all documentation in it.
Comment 9 Björn 'besser82' Esser 2013-10-23 07:31:39 EDT
Just got that by pm:

> Please take a look at mail below, maybe I have to disable tests for a
> while(I can't wait as backintime pulls in this dependency and I've pushed
> the updates...).
> 
> Thanks.
> 
> ---------- Forwarded message ----------
> From: "Dmitry Shachnev" <mitya57@gmail.com>
> Date: Oct 23, 2013 6:25 PM
> Subject: [Bug 1243622] Re: Tests failed with locked collection
> To: <cickumqt@gmail.com>
> Cc: 
> 
> Thanks for packaging it for Fedora!
> 
> The current trunk in lp:secretstorage (I'm going to release 1.1 in the
> next couple of weeks) contains a secretservice_mock.py file which allows
> you to export USE_SS_MOCK=1 and then the tests will pass even if there
> is no SecretService daemon running.
> 
> However, when you want to test it against a real-life implementation
> (i.e. GNOME Keyring), you should make sure it is running and the keyring
> is unlocked.
> 
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1243622
 
#####

So my recommendation would be to update to latest prerelease-bzr-snapshot and let's see testsuite passes on this...
Comment 10 Christopher Meng 2013-11-15 05:06:57 EST
Just find the best way of mine to handle snapshot packages, so new here:

Spec URL: http://cicku.me/python-SecretStorage.spec
SRPM URL: http://cicku.me/python-SecretStorage-1.0.0-0.2.bzr83.fc21.src.rpm
Comment 11 Mario Blättermann 2013-11-18 10:54:24 EST
Scratch build fails:
http://koji.fedoraproject.org/koji/taskinfo?taskID=6193993

From root.log:

DEBUG util.py:266:  Updating / installing...
DEBUG util.py:266:  python-SecretStorage-1.0.0-0.2.bzr83.f########################################
DEBUG util.py:266:  warning: user rpmaker does not exist - using root
DEBUG util.py:266:  warning: group rpmaker does not exist - using root
DEBUG util.py:266:  error: unpacking of archive failed on file /builddir/build/SPECS/python-SecretStorage.spec;528a370c: cpio: Digest mismatch
DEBUG util.py:266:  error: /builddir/build/originals/python-SecretStorage-1.0.0-0.2.bzr83.fc21.src.rpm cannot be installed

There's something wrong with the srpm, although I was able to unpack it locally.

Moreover, the -doc package still misses a license. It is independent from the main package, which is OK because reading docs is independent from the Python module installed. But then the docs lacks a license declaration. Read comment #8 once again.
Comment 12 Christopher Meng 2013-11-19 04:56:02 EST
-------------------Upstream latest reply-------------------
I'm going to rewrite the test suite to use the (real) Secret Service
daemon written in C++.

Unfortunately that code won't go into mainline branch of secretstorage.

-------------------Upstream latest reply-------------------

Spec URL: http://cicku.me/python-SecretStorage.spec
SRPM URL: http://cicku.me/python-SecretStorage-1.0.0-0.3.bzr83.fc21.src.rpm
Comment 13 Mario Blättermann 2013-11-19 14:39:48 EST
New scratch build fails again:
http://koji.fedoraproject.org/koji/taskinfo?taskID=6199437

From build.log:

ERROR: test suite for <class 'test_collection.CollectionTest'>
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 208, in run
    self.setUp()
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 291, in setUp
    self.setupContext(ancestor)
  File "/usr/lib/python2.7/site-packages/nose/suite.py", line 314, in setupContext
    try_run(context, names)
  File "/usr/lib/python2.7/site-packages/nose/util.py", line 469, in try_run
    return func()
  File "/builddir/build/BUILD/python-secretstorage-bzr83/tests/test_collection.py", line 16, in setUpClass
    cls.bus = dbus_init(main_loop=False)
  File "/builddir/build/BUILDROOT/python-SecretStorage-1.0.0-0.3.bzr83.fc21.noarch/usr/lib/python2.7/site-packages/secretstorage/__init__.py", line 51, in dbus_init
    e.get_dbus_message())
SecretServiceNotAvailableException: Unable to autolaunch a dbus-daemon without a $DISPLAY for X11

The test suite expects a running X server and a valid display number. As far as I can evaluate, the tests will fail again and again because a Koji server doesn't have the ability to start an X server. So we should disable the tests for now.
Comment 14 Björn 'besser82' Esser 2013-11-19 17:20:54 EST
(In reply to Mario Blättermann from comment #13)
> The test suite expects a running X server and a valid display number. As far
> as I can evaluate, the tests will fail again and again because a Koji server
> doesn't have the ability to start an X server. So we should disable the
> tests for now.

One actually can start a framebuffer-based x-server on koji  ;)

BuildRequires: xorg-x11-server-Xvfb

...

%check
xvfb-run -a %{your_testsuite_cmd}


Cheers,
  Björn
Comment 15 Christopher Meng 2013-11-20 05:11:45 EST
(In reply to Björn "besser82" Esser from comment #14)
> (In reply to Mario Blättermann from comment #13)
> > The test suite expects a running X server and a valid display number. As far
> > as I can evaluate, the tests will fail again and again because a Koji server
> > doesn't have the ability to start an X server. So we should disable the
> > tests for now.
> 
> One actually can start a framebuffer-based x-server on koji  ;)
> 
> BuildRequires: xorg-x11-server-Xvfb
> 
> ...
> 
> %check
> xvfb-run -a %{your_testsuite_cmd}
> 
> 
> Cheers,
>   Björn

BR added.

Still failed.

Using:

%check
pushd tests
PYTHONPATH=%{buildroot}%{python2_sitelib} xvfb-run -a nosetests-%{python2_version}
popd
pushd %{py3dir}
PYTHONPATH=%{buildroot}%{python3_sitelib} xvfb-run -a nosetests-%{python3_version}
popd

http://koji.fedoraproject.org/koji/taskinfo?taskID=6204843
Comment 16 Christopher Meng 2013-11-20 22:50:48 EST
Disable tests, I don't have patience to wait and let many users not able to use backintime:

Spec URL: http://cicku.me/python-SecretStorage.spec
SRPM URL: http://cicku.me/python-SecretStorage-1.0.0-0.3.bzr83.fc21.src.rpm
Comment 17 Christopher Meng 2013-11-21 21:38:14 EST
PING!
Comment 18 Christopher Meng 2013-11-22 08:43:55 EST
Sorry for using needinfo, I'm really annoyed now by making user experience worse and worse.
Comment 19 Mario Blättermann 2013-11-22 13:06:23 EST
Scratch build:
http://koji.fedoraproject.org/koji/taskinfo?taskID=6214374

$ rpmlint -i -v *
python3-SecretStorage.noarch: I: checking
python3-SecretStorage.noarch: I: checking-url http://launchpad.net/python-secretstorage (timeout 10 seconds)
python-SecretStorage.noarch: I: checking
python-SecretStorage.noarch: I: checking-url http://launchpad.net/python-secretstorage (timeout 10 seconds)
python-SecretStorage.src: I: checking
python-SecretStorage.src: I: checking-url http://launchpad.net/python-secretstorage (timeout 10 seconds)
python-SecretStorage.src:101: W: macro-in-comment %{buildroot}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.src:101: W: macro-in-comment %{python2_sitelib}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.src:101: W: macro-in-comment %{python2_version}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.src:103: W: macro-in-comment %{py3dir}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.src:104: W: macro-in-comment %{buildroot}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.src:104: W: macro-in-comment %{python3_sitelib}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.src:104: W: macro-in-comment %{python3_version}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.src: W: invalid-url Source0: python-secretstorage-bzr83.tgz
The value should be a valid, public HTTP, HTTPS, or FTP URL.

python-SecretStorage-doc.noarch: I: checking
python-SecretStorage-doc.noarch: I: checking-url http://launchpad.net/python-secretstorage (timeout 10 seconds)
python-SecretStorage.spec:101: W: macro-in-comment %{buildroot}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.spec:101: W: macro-in-comment %{python2_sitelib}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.spec:101: W: macro-in-comment %{python2_version}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.spec:103: W: macro-in-comment %{py3dir}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.spec:104: W: macro-in-comment %{buildroot}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.spec:104: W: macro-in-comment %{python3_sitelib}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.spec:104: W: macro-in-comment %{python3_version}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

python-SecretStorage.spec: W: invalid-url Source0: python-secretstorage-bzr83.tgz
The value should be a valid, public HTTP, HTTPS, or FTP URL.

4 packages and 1 specfiles checked; 0 errors, 16 warnings.

The macros in the comment have to be escaped -- can be done just before feeding the Git.


---------------------------------
key:

[+] OK
[.] OK, not applicable
[X] needs work
---------------------------------

[+] MUST: rpmlint must be run on the source rpm and all binary rpms the build produces. The output should be posted in the review.
[+] MUST: The package must be named according to the Package Naming Guidelines.
[+] MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption.
[+] MUST: The package must meet the Packaging Guidelines.
[+] MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines.
[+] MUST: The License field in the package spec file must match the actual license.
    BSD
[+] MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.
[+] MUST: The spec file must be written in American English.
[+] MUST: The spec file for the package MUST be legible.
[+] MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use sha256sum for this task as it is used by the sources file once imported into git. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.
    $ sha256sum *
    34a3a0891f97ad7ff6ffead4f7e6f7bbbb97003757c3de662cc59b833d9da9a2  python-secretstorage-bzr83.tgz
    34a3a0891f97ad7ff6ffead4f7e6f7bbbb97003757c3de662cc59b833d9da9a2  python-secretstorage-bzr83.tgz.orig

[+] MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture.
[.] MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line.
[+] MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
[.] MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
[.] MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun.
[.] MUST: Packages must NOT bundle copies of system libraries.
[.] MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker.
[+] MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory.
[+] MUST: A Fedora package must not list a file more than once in the spec file's %files listings. (Notable exception: license texts in specific situations)
[+] MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example.
[+] MUST: Each package must consistently use macros.
[+] MUST: The package must contain code, or permissable content.
[+] MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity).
[+] MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present.
[.] MUST: Static libraries must be in a -static package.
[.] MUST: Development files must be in a -devel package.
[.] MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name}%{?_isa} = %{version}-%{release}
[.] MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.
[.] MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation.
[+] MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. 
[+] MUST: All filenames in rpm packages must be valid UTF-8.


[.] SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it.
[.] SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available.
[+] SHOULD: The reviewer should test that the package builds in mock.
    See Koji build above (which uses Mock anyway).
[+] SHOULD: The package should compile and build into binary rpms on all supported architectures.
[.] SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.
[.] SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity.
[.] SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency.
[.] SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb.
[.] SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself.
[.] SHOULD: your package should contain man pages for binaries/scripts. If it doesn't, work with upstream to add them where they make sense.


----------------

PACKAGE APPROVED

----------------

(In reply to Christopher Meng from comment #18)
> Sorry for using needinfo, I'm really annoyed now by making user experience
> worse and worse.

If one day more is too much for your poor patience, please don't ask me again for help on a review. Keep in mind, there are seven time zones between us, that's why I'm usually not able to response immediately. And moreover, it's not my *daily* job to do reviews, in the common sense of this word.
Comment 20 Christopher Meng 2013-11-23 06:52:10 EST
New Package SCM Request =======================
Package Name: python-SecretStorage
Short Description: Python module for secure storing of passwords and secrets
Owners: cicku
Branches: f20
Comment 21 Christopher Meng 2013-11-23 06:53:34 EST
New Package SCM Request =======================
Package Name: python-SecretStorage
Short Description: Python module for secure storing of passwords and secrets
Owners: cicku
Branches: f20 f19 f18 el6
Comment 22 Christopher Meng 2013-11-24 02:28:31 EST
Something wrong with my browser yesterday.

New Package SCM Request
=======================
Package Name: python-SecretStorage
Short Description: Python module for secure storing of passwords and secrets
Owners: cicku
Branches: f20 f19 f18 el6
Comment 23 Gwyn Ciesla 2013-11-25 08:20:37 EST
Git done (by process-git-requests).
Comment 24 Fedora Update System 2013-11-25 20:20:10 EST
python-SecretStorage-1.1.0-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/python-SecretStorage-1.1.0-1.fc19
Comment 25 Fedora Update System 2013-11-25 20:20:53 EST
python-SecretStorage-1.1.0-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/python-SecretStorage-1.1.0-1.fc20
Comment 26 Fedora Update System 2013-11-26 23:38:05 EST
python-SecretStorage-1.1.0-1.fc19 has been pushed to the Fedora 19 stable repository.
Comment 27 Fedora Update System 2013-12-13 22:28:30 EST
python-SecretStorage-1.1.0-1.fc20 has been pushed to the Fedora 20 stable repository.
Comment 28 Christopher Meng 2014-07-16 21:59:43 EDT
Package Change Request
======================
Package Name: python-SecretStorage
New Branches: epel7
Owners: cicku
Comment 29 Gwyn Ciesla 2014-07-17 07:59:56 EDT
Git done (by process-git-requests).

Note You need to log in before you can comment on or make changes to this bug.