Bug 1324863 - Review Request: varnish-modules - A collection of modules extending varnish VCL
Review Request: varnish-modules - A collection of modules extending varnish VCL
Status: ASSIGNED
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Athmane Madjoudj
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-04-07 09:11 EDT by Ingvar Hagelund
Modified: 2016-09-26 10:22 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
athmanem: fedora‑review+


Attachments (Terms of Use)

  None (edit)
Description Ingvar Hagelund 2016-04-07 09:11:27 EDT
Spec URL: https://ingvar.fedorapeople.org/varnish/varnish-modules.spec
SRPM URL: https://ingvar.fedorapeople.org/varnish/varnish-modules-0.9.0-1.fc23.src.rpm

Description:
This is a collection of modules ("vmods") extending Varnish VCL used
for describing HTTP request/response policies with additional
capabilities. This collection contains the following vmods (previously
kept individually): cookie, vsthrottle, header, saintmode, softpurge,
tcp, var, xkey

Fedora Account System Username: ingvar

copr builds for epel: https://copr.fedorainfracloud.org/coprs/ingvar/varnish41/


Review remarks predefended

* License check lists some files lacking a proper license header.
  I have checked with upstream that all source files are BSD.
  I have requested that a license header is added to all source
  files. Upstream issue #9

* BuildRoot header is added. This is for epel backwards compatibility.

* Package does run rm -rf %{buildroot}. This is for epel backwards
  compatibility.

Ingvar
Comment 1 Athmane Madjoudj 2016-08-08 17:30:34 EDT

Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated


Result:
=======

APPROVED

Issues: (Not blocker)
=======

1) You should package the latest version: 0.9.1

2) Patch varnish-modules-0.9.0-add_missing_TCP_CONGESTION_on_el5.patch should be upstreamed if possible

3) The license seems OK, since only build system is GPL.


GPL (v2 or later)
-----------------
varnish-modules-0.9.0/ltmain.sh

MIT/X11 (BSD like)
------------------
varnish-modules-0.9.0/install-sh





===== MUST items =====

C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: Development (unversioned) .so files in -devel subpackage, if present.
    .so are only used by varnish
[-]: Header files in -devel subpackage, if present.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[!]: License field in the package spec file matches the actual license.
[x]: License file installed when any subpackage combination is installed.
[x]: %build honors applicable compiler flags or justifies otherwise.
[-]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[-]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: needed for EPEL5 compatibility
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

===== SHOULD items =====

Generic:
[-]: Buildroot is not present
     Note: Needed for EPEL5 compatibility
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane 
[-]: Fully versioned dependency in subpackages if applicable.
[x]: Package functions as described.
[!]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[!]: Patches link to upstream bugs/comments/lists or are otherwise
     justified.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[?]: Package should compile and build into binary rpms on all supported
     architectures.
[x]: %check is present and all tests pass.
[?]: Packages should try to preserve timestamps of original installed
     files.
[x]: Reviewer should test that the package builds in mock.
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Uses parallel make %{?_smp_mflags} macro.
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on debuginfo package(s).
[x]: Rpmlint is run on all installed packages.
[x]: Large data in /usr/share should live in a noarch subpackage if package
     is arched.
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: varnish-modules-0.9.0-1.fc24.x86_64.rpm
          varnish-modules-debuginfo-0.9.0-1.fc24.x86_64.rpm
          varnish-modules-0.9.0-1.fc24.src.rpm
varnish-modules.x86_64: W: spelling-error %description -l en_US vsthrottle -> vs throttle, vs-throttle, throttle
varnish-modules.x86_64: W: spelling-error %description -l en_US saintmode -> saint mode, saint-mode, sainthood
varnish-modules.x86_64: W: spelling-error %description -l en_US softpurge -> soft purge, soft-purge, Sourceforge
varnish-modules.x86_64: W: spelling-error %description -l en_US tcp -> pct, tsp, tip
varnish-modules.x86_64: W: spelling-error %description -l en_US xkey -> key, x key, Key
varnish-modules.src: W: spelling-error Summary(en_US) vmods -> mods, v mods, moods
varnish-modules.src: W: spelling-error %description -l en_US vmods -> mods, v mods, moods
varnish-modules.src: W: spelling-error %description -l en_US vsthrottle -> vs throttle, vs-throttle, throttle
varnish-modules.src: W: spelling-error %description -l en_US saintmode -> saint mode, saint-mode, sainthood
varnish-modules.src: W: spelling-error %description -l en_US softpurge -> soft purge, soft-purge, Sourceforge
varnish-modules.src: W: spelling-error %description -l en_US tcp -> pct, tsp, tip
varnish-modules.src: W: spelling-error %description -l en_US xkey -> key, x key, Key
3 packages and 0 specfiles checked; 0 errors, 12 warnings.




Rpmlint (debuginfo)
-------------------
Checking: varnish-modules-debuginfo-0.9.0-1.fc24.x86_64.rpm
1 packages and 0 specfiles checked; 0 errors, 0 warnings.





Rpmlint (installed packages)
----------------------------
sh: /usr/bin/python: No such file or directory
varnish-modules.x86_64: W: spelling-error %description -l en_US vsthrottle -> vs throttle, vs-throttle, throttle
varnish-modules.x86_64: W: spelling-error %description -l en_US saintmode -> saint mode, saint-mode, sainthood
varnish-modules.x86_64: W: spelling-error %description -l en_US softpurge -> soft purge, soft-purge, Sourceforge
varnish-modules.x86_64: W: spelling-error %description -l en_US tcp -> pct, tsp, tip
varnish-modules.x86_64: W: spelling-error %description -l en_US xkey -> key, x key, Key
2 packages and 0 specfiles checked; 0 errors, 5 warnings.



Requires
--------
varnish-modules-debuginfo (rpmlib, GLIBC filtered):

varnish-modules (rpmlib, GLIBC filtered):
    libc.so.6()(64bit)
    rtld(GNU_HASH)
    varnish



Provides
--------
varnish-modules-debuginfo:
    varnish-modules-debuginfo
    varnish-modules-debuginfo(x86-64)

varnish-modules:
    libvmod_cookie.so()(64bit)
    libvmod_header.so()(64bit)
    libvmod_saintmode.so()(64bit)
    libvmod_softpurge.so()(64bit)
    libvmod_tcp.so()(64bit)
    libvmod_var.so()(64bit)
    libvmod_vsthrottle.so()(64bit)
    libvmod_xkey.so()(64bit)
    varnish-modules
    varnish-modules(x86-64)



Unversioned so-files
--------------------
varnish-modules: /usr/lib64/varnish/vmods/libvmod_cookie.so
varnish-modules: /usr/lib64/varnish/vmods/libvmod_header.so
varnish-modules: /usr/lib64/varnish/vmods/libvmod_saintmode.so
varnish-modules: /usr/lib64/varnish/vmods/libvmod_softpurge.so
varnish-modules: /usr/lib64/varnish/vmods/libvmod_tcp.so
varnish-modules: /usr/lib64/varnish/vmods/libvmod_var.so
varnish-modules: /usr/lib64/varnish/vmods/libvmod_vsthrottle.so
varnish-modules: /usr/lib64/varnish/vmods/libvmod_xkey.so

Source checksums
----------------
http://files.varnish-software.com/vmod/varnish-modules-0.9.0.tar.gz :
  CHECKSUM(SHA256) this package     : c531708d05117dff36b885bad162f4faad231229369e2f5326fd4c07f78554ed
  CHECKSUM(SHA256) upstream package : c531708d05117dff36b885bad162f4faad231229369e2f5326fd4c07f78554ed
Comment 2 Ingvar Hagelund 2016-08-10 07:57:55 EDT
Updated specfile: https://ingvar.fedorapeople.org/varnish/varnish-modules.spec
Updated src.rpm:  https://ingvar.fedorapeople.org/varnish/varnish-modules-0.9.1-1.fc24.src.rpm

* Fri Aug 05 2016 Ingvar Hagelund <ingvar@redpill-linpro.com> 0.9.1-1
- New upstream release
- Build man pages, buildrequires python-docutils
- Added a patch for tests/cookie/08-overflow.vtc, upping workspace_client,
  the default is too small on 32bit
- Removed extra cflags for el5, fixed with patch from upstream
- Force readable docs and debug files, they tend to end up with mode 600

Tested build on, aarch64, armv7l, i386, and x86_64
Comment 3 Ingvar Hagelund 2016-08-10 08:12:19 EDT
Copr builds for el5, el6, el7: https://copr.fedorainfracloud.org/coprs/ingvar/varnish41/build/440152/
Comment 4 Ingvar Hagelund 2016-08-11 07:54:21 EDT
I think this update addresses all issues reported in Athmane's review. The latest version also have fixed the license issue.

As a bonus, it will build nicely on el5 as well, given it has rst2man, as for instance found in the rpmforge package  of python-docutils-0.6-1.

Ingvar
Comment 5 Dridi Boukelmoune 2016-09-26 03:53:53 EDT
May I suggest per-module virtual provides?

So that a user could `dnf install vmod-cookie` for instance. With this package and my own submission in bug 1379174 I think we should also aim for vmod-specific packaging guidelines. I had already briefly touched on this topic, regarding Varnish's own virtual provides in bug 1303543.

Dridi
Comment 6 Ingvar Hagelund 2016-09-26 04:16:24 EDT
(In reply to Dridi Boukelmoune from comment #5)
> May I suggest per-module virtual provides?

Please :-)
 
> So that a user could `dnf install vmod-cookie` for instance. With this
> package and my own submission in bug 1379174 I think we should also aim for
> vmod-specific packaging guidelines. I had already briefly touched on this
> topic, regarding Varnish's own virtual provides in bug 1303543.

Sure! Could you provide an updated spec?

Ingvar
Comment 7 Gwyn Ciesla 2016-09-26 08:53:23 EDT
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/varnish-modules
Comment 9 Ingvar Hagelund 2016-09-26 09:04:19 EDT
(In reply to Ingvar Hagelund from comment #8)
> Something like this?
> 
> https://ingvar.fedorapeople.org/varnish/varnish-modules.spec
> https://ingvar.fedorapeople.org/varnish/varnish-modules-0.9.2-0.1.
> 20160924gitdaa4f1d.fc24.src.rpm

Changes:

- Upstream git checkout with support for varnish-5.0
- Removed patches that are included upstream
- Virtual provides per module
- el5 build fix
Comment 10 Dridi Boukelmoune 2016-09-26 09:12:46 EDT
I'm certainly against the varnish ABI dependency, I will submit a patch as you requested. In the mean time please remove:

    Requires: varnishabi-5.0

For the virtual provides, I would add the %{release}-%{version} but it's not a must in the packaging guidelines IIRC.

    Provides: vmod-cookie = %{release}-%{version}

Cheers
Comment 11 Ingvar Hagelund 2016-09-26 09:54:53 EDT
(In reply to Dridi Boukelmoune from comment #10)
> I'm certainly against the varnish ABI dependency, I will submit a patch as
> you requested. In the mean time please remove:
> 
>     Requires: varnishabi-5.0

Well, that certainly is interesting. I've been trying to get scn (upstream) to explain what how I can ensure compatibilty among versions of varnish and vmods, but I've never got a 100% clear answer. (Perhaps there is none :-)

This last version of varnish-modules is built against varnish-5.0, and probably won't work with earlier versions. We could add a dependency fo varnish >= 5.0, but then, that may or may not add problems when/if varnish-5.1 or 6.0 is released. We could add a hard dependency on the exact varnish version, but that would require a recompile on minor releases, that may not be necessary.

Using the varnish-abi version string seems a fairly reasonable choice to avoid these kinds of problems. So if that is wrong, I'm very interested in why.

> For the virtual provides, I would add the %{release}-%{version} but it's not
> a must in the packaging guidelines IIRC.
> 
>     Provides: vmod-cookie = %{release}-%{version}

Yep, that's a good idea :-)

br
Ingvar
Comment 12 Dridi Boukelmoune 2016-09-26 10:22:54 EDT
> I've never got a 100% clear answer. (Perhaps there is none :-)

I can share the dirty secrets of varnish ABI rules, but let's do that in a dedicated ticket against the varnish package when I have something ready to submit to you.

Incidentally, I think many things can be simplified in the current spec, and I'm not fond of pulling pkg-varnish-cache in. Upstream doesn't follow our packaging guidelines and has recently reduced RPM packaging down to varnish and varnish-devel (which I don't disagree with). That incidentally dropped the -docs package that our guidelines recommend.

I think Fedora packaging of Varnish should be independent of upstream's own packaging.

> This last version of varnish-modules is built against varnish-5.0

That's a good point, I was the one who fixed varnish-modules so that vmod-xkey and vmod-softpurge would build against 5.0. I'm still against the aforementioned requires. Please be patient until I have time to submit something ;-)

Note You need to log in before you can comment on or make changes to this bug.