Bug 1249702 - Review Request: custodia - A service to manage, retrieve and store secrets.
Summary: Review Request: custodia - A service to manage, retrieve and store secrets.
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Patrick Uiterwijk
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2015-08-03 15:22 UTC by Simo Sorce
Modified: 2015-11-04 20:55 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2015-11-04 20:55:17 UTC
puiterwijk: fedora-review+

Attachments (Terms of Use)

Description Simo Sorce 2015-08-03 15:22:14 UTC
Spec URL: https://simo.fedorapeople.org/reviews/custodia.spec
SRPM URL: https://simo.fedorapeople.org/reviews/custodia-0.1.0-1.fc22.src.rpm
Description: A service to manage, retrieve and store secrets.
Fedora Account System Username: simo

Comment 1 Igor Gnatenko 2015-08-03 16:00:46 UTC
-> %setup -q -n %{name}-%{version}
   just %setup -q or %autosetup
-> %if 0%{?fedora}
-> %global with_python3 0
-> %endif
   You're not using this, just drop these lines.

Comment 2 Simo Sorce 2015-08-17 17:41:45 UTC
Thanks Igor,
I actually had a chat with Patrick and decided to split the package in a main package that contains the binary and a secondary subpackage that contains the modules. This secondary package is also built for python3 so that at least 'client' code can be transitioned to python3 easily.

Comment 3 Patrick Uiterwijk 2015-08-24 09:57:44 UTC
First remark upon trying to review: you are using a %{module_name} macro that you have not defined.
Just using %{name} works.

Comment 4 Patrick Uiterwijk 2015-08-24 10:07:32 UTC
You are missing build requires on pytest (and probably python-coverage), since without at least pytest the check part fails.

Also, it fails to build in koji scratch because it does not want to apply the patch: http://koji.fedoraproject.org/koji/taskinfo?taskID=10802848

Comment 5 Upstream Release Monitoring 2015-09-24 15:05:31 UTC
jgrulich's scratch build of kdevelop?#c8e2b9bc57f11e41f3dc6612cdbcc591078d9062 for f22-candidate and git://pkgs.fedoraproject.org/kdevelop?#c8e2b9bc57f11e41f3dc6612cdbcc591078d9062 completed http://koji.fedoraproject.org/koji/taskinfo?taskID=11212117

Comment 6 Simo Sorce 2015-09-24 16:48:01 UTC
I updated the spec and srpm files in place.
Please recheck

Comment 7 Patrick Uiterwijk 2015-10-01 16:11:32 UTC
The python-custodia and python3-custodia packages don't install the license.
Please fix that before pushing.

Package is APPROVED. 

Package Review

[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed

- License file installed when any subpackage combination is installed
  custodia package installs license file, but is not required for python(3)-custodia

===== MUST items =====

[ ]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
[x]: License field in the package spec file matches the actual license.
[!]: License file installed when any subpackage combination is installed.
[x]: All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
[x]: Package complies to the Packaging Guidelines
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

[x]: Python eggs must not download any dependencies during the build
[x]: A package which is used by another package via an egg interface should
     provide egg info.
[x]: Package meets the Packaging Guidelines::Python
[x]: Package contains BR: python2-devel or python3-devel
[x]: Binary eggs must be removed in %prep

===== SHOULD items =====

[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Reviewer should test that the package builds in mock.
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Fully versioned dependency in subpackages if applicable.
[-]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Patches link to upstream bugs/comments/lists or are otherwise
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
[x]: Sources can be downloaded from URI in Source: tag
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

[x]: Rpmlint is run on all installed packages.
[x]: Spec file according to URL is the same as in SRPM.

Checking: custodia-0.1.0-1.fc22.noarch.rpm
custodia.noarch: W: summary-ended-with-dot C A service to manage, retrieve and store secrets for other processes.
python-custodia.noarch: W: spelling-error Summary(en_US) Subpackage -> Sub package, Sub-package, Package's
python-custodia.noarch: W: spelling-error %description -l en_US Subpackage -> Sub package, Sub-package, Package's
python-custodia.noarch: W: no-documentation
python3-custodia.noarch: W: spelling-error Summary(en_US) Subpackage -> Sub package, Sub-package, Package's
python3-custodia.noarch: W: spelling-error %description -l en_US Subpackage -> Sub package, Sub-package, Package's
python3-custodia.noarch: W: no-documentation
custodia.src: W: summary-ended-with-dot C A service to manage, retrieve and store secrets for other processes.
custodia.src: W: invalid-url Source1: https://github.com/simo5/custodia/releases/download/v0.1.0/custodia-0.1.0.tar.gz.sha512sum.txt HTTP Error 403: Forbidden
custodia.src: W: invalid-url Source0: https://github.com/simo5/custodia/releases/download/v0.1.0/custodia-0.1.0.tar.gz HTTP Error 403: Forbidden
4 packages and 0 specfiles checked; 0 errors, 10 warnings.

custodia (rpmlib, GLIBC filtered):

python3-custodia (rpmlib, GLIBC filtered):

python-custodia (rpmlib, GLIBC filtered):




Source checksums
https://github.com/simo5/custodia/releases/download/v0.1.0/custodia-0.1.0.tar.gz :
  CHECKSUM(SHA256) this package     : face7f24d6b42b6ec79cf578028f7d0bbc9f29110e36147d17517360016f8cb0
  CHECKSUM(SHA256) upstream package : 1ecc6d5324c5c6911d0c777d117b207e37a6ace5495154af1e72eea122d6da05
https://github.com/simo5/custodia/releases/download/v0.1.0/custodia-0.1.0.tar.gz.sha512sum.txt :
  CHECKSUM(SHA256) this package     : ddea3dd174af721896cd90cedf765e9296e2811055434ca5110a0c87a616dfc5
  CHECKSUM(SHA256) upstream package : ddea3dd174af721896cd90cedf765e9296e2811055434ca5110a0c87a616dfc5
However, diff -r shows no differences

Generated by fedora-review 0.6.0 (3c5c9d7) last change: 2015-05-20
Command line :/usr/bin/fedora-review -n custodia --prebuilt
Buildroot used: fedora-21-x86_64
Active plugins: Python, Generic, Shell-api
Disabled plugins: Java, C/C++, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP, Ruby

Comment 8 Patrick Uiterwijk 2015-10-01 16:13:18 UTC
Oh, one last thing:

Python(3)-custodia are missing deps on python-jwcrypto

Comment 9 Fedora Update System 2015-10-01 19:40:25 UTC
custodia-0.1.0-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-b1069b9da9

Comment 10 Fedora Update System 2015-10-04 01:53:01 UTC
custodia-0.1.0-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update custodia'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-b1069b9da9

Comment 11 Fedora Update System 2015-11-04 20:55:14 UTC
custodia-0.1.0-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.