Mailinglist Archive: opensuse-features (291 mails)

< Previous Next >
[openFATE 308268] Allow to easy check what sources was unmodified -show cheksum and url of tarball
  • From: fate_noreply@xxxxxxx
  • Date: Wed, 19 May 2010 11:43:29 +0200 (CEST)
  • Message-id: <feature-308268-10@xxxxxxxxxxxxxx>
Feature changed by: Adrian Schröter (adrianSuSE)
Feature #308268, revision 10
Title: Allow to easy check what sources was unmodified -show cheksum
and url of tarball

- Buildservice: Evaluation
+ Buildservice: Done
Priority
Requester: Important
Projectmanager: Mandatory

Requested by: Alex Savin (alexqwesa)
Developer: (Novell)

Description:
Allow to easy check what source tarball was not modified:
1) add field for url to official project download page  (url where
packager got source)
2) show checksum for tarball generated by Buildservice
Often source tarball already have checksum (in project download page or
in VCS(version control systems), 
and all what needed to check is sources modified:
1) see checksum in Buildservice
2) see checksum in official project download page, or in VCS, or etc...
3) just compare it))
This is important, because some people want to use additional software
(for example: from
http://download.opensuse.org/repositories/home:/  repos), but don't
trust these packagers


References:
http://en.opensuse.org/Build_Service/Concepts/SourceService

Discussion:
#1: Michal Vyskocil (mvyskocil) (2010-01-22 10:06:44)
In fact this feature should means that Build Service will be able to
download the upstream tarball automatically. But in a real world, there
are many cases we need to distribute a modified tarball, so it also
needs to
1) Repack the tarball to tar.bz2
2) Remove files from it (mainly from legal reasons) - there'd be a list
of files needs to be removed from a tarball


#2: Michal Vyskocil (mvyskocil) (2010-01-22 10:08:48) (reply to #1)
Oh and I forgot - in this mode, BuildService needs to warn if the URL
changes a lot (for instance a hostname).

#4: Adrian Schröter (adriansuse) (2010-02-19 10:42:08) (reply to #2)
well, you either say OBS that it shall download or not. In the (rare)
cases where we have to modify the tar ball, you just can't use this
feature.

#5: Michal Vyskocil (mvyskocil) (2010-02-19 11:14:47) (reply to #4)
Well, to make implementation straightforward it makes a sense to not
solve all cases and focus only on common ones.
But I'm still think that URL change detection is needed.

#6: Adrian Schröter (adriansuse) (2010-02-19 11:27:29) (reply to #5)
Yes, you can see this as diff in the _service file than. Btw, the host
and the path have been seperated into own rows to see also a server
switch (eg. ftp.trusthost.org to ftp.trusth0st.org )

#3: Adrian Schröter (adriansuse) (2010-01-22 10:15:19)
This is half implemented via source services. File download by url
service exists (but is not yet active on our official instances). An
verify_source service is still to be written.
A vcs import service can get written easily, but we need a concept not
to flood our source storage server via that.
the first two items will get implemented ASAP (but this situation stays
since several month already :/) Anyway, it is already on our 1.8
roadmap, so I make this mandatory for it.
Also osc integration to support this (to avoid dealing with _service
file syntax) is missing

+ #7: Adrian Schröter (adriansuse) (2010-05-19 11:43:33)
+ osc add $URL
+ is working now and tarball gets downloaded by the server, sha256 sum
+ for verification gets also added by osc.
+ We need to enforce the usage of this a bit more, but technically it is
+ implemented.



--
openSUSE Feature:
https://features.opensuse.org/308268

< Previous Next >
This Thread
  • No further messages