[maemo-developers] RFC: Proposal to solve multiple repository, poor QA situation
From: Andrew Flegg andrew at bleb.orgDate: Sun Jan 13 17:40:16 EET 2008
- Previous message: esound (esd) on N8xx
- Next message: RFC: Proposal to solve multiple repository, poor QA situation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, This morning[1] I think I came up with a solution to the problems that have recently been discussed on maemo-users of too many repositories and not enough QA on packages. I'd like to raise it here for discussion to polish it, and then volunteers to help implement it. PROBLEMS ~~~~~~~~ There are two main problems currently facing users: 1) There are lots of repositories available, with cross-dependencies and duplicated software.[2] 2) The Application Manager's categories are badly implemented in the UI and *very* badly implemented by developers, meaning that "All" is the only real option to find software.[3] There are a number of problems for developers which lead to this situation: 1) Uploading to extras is by invite only, requires package signing and a number of other hoops to have been jumped through. Given how easy it is to set up a new repo on a web server, why go through the pain? 2) Without proper QA, perhaps it is felt the software is too beta to be put in extras. (The creation of extras-devel will help here). 3) There are separate repositories for each version of the OS. If the software is written in Python (say), it may be compatible across a number of IT OS versions. 4) Downloads from the extras repository have no method of tracking number of users. At least with their own repository they can count the number of downloads. These problems have been discussed a number of times, with suggestions of auto-builders and a Debian/Ubuntu style of community maintainers. However, to date, the best solution to come out of it is the gronmayer.com repo database and a mass of third party repos. This isn't much of a solution at all, with conflicting software, duplicated packages etc.[4] PROPOSED SOLUTION ~~~~~~~~~~~~~~~~~ Uploading ========= An Ubuntu-style "Masters of the Universe" who act as gatekeepers for extras and extras-devel, available to be used *OPTIONALLY* by developers and package maintainers who wish to share their packages. To reduce the workload of these community volunteers, the majority of the work will be performed automatically, or with as much tooling assistance as possible. Developers/package maintainers won't *have* to upload directly to extras or extras-devel. Instead, they willbe able register a package or release for one or more IT OS versions through a website (such as http://extrasupload.bleb.org/). This will be able to source the packages to be uploaded a number of methods: * Direct upload of a series of debs (e.g. an app and its dependencies) * Monitoring a Garage project's files for new deb releases * Monitoring a web URL for new deb files. Once a release has been identified it will be auto-QAed as much as possible, with warnings or errors for these kind of things: * Section starts with "user/" (unless it's a lib or a dependency of another package) and is one of the pre-defined categories. * Name (without any punctuation) doesn't conflict with an existing package in any of the device's standard repos or the target repository. * Dependencies and versions won't prevent any other package from the standard or target repo from being installed. * Has an icon and a description. Once these checks have passed, it will be passed on to the gatekeepers' queue. Gatekeepers will be members of the community who have volunteered through the website. Any one with karma over a given threshold (say, 100 for this example) will be auto-approved to be a gatekeeper; otherwise special authority will be required (possibly through a vouched-for system from another gatekeeper reviewing the user's activity). A gatekeeper will have associated with them one or more IT OS releases corresponding to the OSes they have on their devices. When a release is made for an OS which they have, an email will go out to the gatekeepers asking for a volunteer, including basic details of the package. In the email will be a link, clicking the link will "claim" that package's release for that gatekeeper. The gatekeeper will then do further checks, including sanity checking descriptions and installing the package on a device. After basic tests to the stability of the software the gatekeeper will be able to do one of the following: * Fail the release. The maintainer will be notified of the reasons and the gatekeeper will include suggestions on improvements. * Demote the release. If the release was intended to be stable, but the gatekeeper finds too many bugs, they will be able to demote it to extras-devel, rather than extras. It will then be approved as if it was intended for extras-devel all along. * Approve the release. The gatekeeper will sign the package with their private key and upload it to extras or extras-devel as appropriate. If a gatekeeper doesn't take one of these actions within some period (say, 2 days) of claiming a package, the claim will be relinquished and another gatekeeper will be able to authorise the package. At any time, gatekeepers will be able to check the website for details of all the packages outstanding, to whom they are allocated etc. Future developments could also have the system updating downloads.maemo.org automatically - but, for the moment, I think this is outside of the scope of the project at the moment. Metrics ======= To allow developers/maintainers to track the usage of their packages, popcon[5] will be ported to Maemo and users encouraged to install it. This will also allow data to be fed into the karma system for number of users of a developers' application. Similarly, to encourage gatekeepers, a report of the number of packages they have dealt with (whatever the outcome) will be made available on the website in a machine-readable form for the karma system to use. NEXT STEPS ~~~~~~~~~~~ Assuming a consensus can be reached here on the outline of this plan, the following is what I think needs to happen: 0) Come up with a name for this overall process, the website and the gatekeepers. 1) Register a garage project to manage the development of the website to handle the package allocation and gatekeeper details. 2) Host that website somewhere. 3) Port popcon to Maemo, feeding information into the website. 4) Collaborate with the Maemo team to have the karma system read information from the website and update gatekeepers' karma and developers' karma from popcon. 5) Publicise the opportunity to possible gatekeepers, and recruit them. 6) Publicise popcon to end users, and the website and process to developers. 7) Sit back, relax and watch the users rejoice in their wide selection of software, all high-quality and inter-compatible in the extras repo. I'm happy to host the website (2) and be involved in all other stages. But it's certainly more work than I've got time, and will require the buy-in of many people to be a success. What do people think? Before we press ahead with planning detail, I'd like to iron out the kinks in the process; and technology obstacles etc. It's also only worth while if developers and package maintainers can see the benefit. Hopefully the ease of release and upload should make it worthwhile. What do you think? One thing worth bearing in mind, which is why I've CCed Quim directly: if Nokia are planning on any form of improvement to the extras process, based on the recent discussions, there is no point wasting time on this. Clarification of Nokia's position on this would be appreciated. Thanks for reading this long email. Your thoughts would be very much appreciated. Cheers, Andrew [1] ...whilst in the shower: all my best thinking's done there. It may show ;-) [2] http://lists.maemo.org/pipermail//maemo-users/2008-January/008824.html [3] http://lists.maemo.org/pipermail//maemo-users/2008-January/008840.html [4] http://lists.maemo.org/pipermail//maemo-users/2008-January/008837.html [5] http://popcon.debian.org/ -- Andrew Flegg -- mailto:andrew at bleb.org | http://www.bleb.org/
- Previous message: esound (esd) on N8xx
- Next message: RFC: Proposal to solve multiple repository, poor QA situation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]