1 |
W dniu wto, 24.10.2017 o godzinie 17∶57 -0400, użytkownik Michael |
2 |
Orlitzky napisał: |
3 |
> On 10/17/2017 02:12 PM, Michał Górny wrote: |
4 |
> > |
5 |
> > Abstract |
6 |
> > ======== |
7 |
> > |
8 |
> > ... |
9 |
> > The QA checks can inspect the installation image or live system respectively, |
10 |
> |
11 |
> Respective to what? |
12 |
|
13 |
To the type of check, as explained later? If you want to help, then |
14 |
please be specific instead of asking questions and expecting me to |
15 |
figure out how should I change it. |
16 |
|
17 |
> > output and store both user- and machine-oriented QA warning logs, manipulate |
18 |
> > the files and abort the install, as necessary. |
19 |
> > |
20 |
> |
21 |
> An oxford comma would make that easier to read: "files, and abort the |
22 |
> install as necessary." |
23 |
|
24 |
Wouldn't that change the meaning? The point is it can do all those |
25 |
things as necessary, not just the last. |
26 |
|
27 |
> |
28 |
> |
29 |
> > Motivation |
30 |
> > ========== |
31 |
> > |
32 |
> > ... |
33 |
> > |
34 |
> > Over time, many different QA checks have been added to Portage. That includes |
35 |
> > checks corresponding to generic Gentoo rules (like filesystem hierarchy, |
36 |
> > security requirements), checks enforcing Gentoo team policies and correct |
37 |
> > eclass uses. |
38 |
> |
39 |
> Another weird comma issue, maybe try: "policies, and checks enforcing |
40 |
> correct eclass usage." |
41 |
|
42 |
Done. |
43 |
|
44 |
> > There are two kinds of QA checks defined in this specification: |
45 |
> > |
46 |
> > 1. Post-install QA checks (``install-qa-check.d``), |
47 |
> > |
48 |
> > 2. Post-merge (postinst) QA checks (``postinst-qa-check.d``). |
49 |
> > |
50 |
> |
51 |
> It's a bit sadistic to have something called a "post-install check" but |
52 |
> then have "postinst check" refer to the other thing. |
53 |
|
54 |
Switched to using only post-merge. |
55 |
|
56 |
> > In case of severe QA issues, the checks are allowed to alter the contents of |
57 |
> > the installation image in order to sanitize them, or call the ``die`` function |
58 |
> > to abort the build. |
59 |
> |
60 |
> I'm not sure that having the image silently modified is a good idea. It |
61 |
> seems like everyone would benefit more if the QA check crashed, and let |
62 |
> the maintainer fix his ebuild. Is this already possible with the Portage |
63 |
> checks, or is it new in the repository-based checks? |
64 |
|
65 |
I'm pretty sure this was used somewhere in Portage internally. Anyway, |
66 |
if you want to change it, then convince people it's fine to add a new |
67 |
check that is going to cause random packages to suddenly explode for |
68 |
stable users when the problem can be fixed trivially. |
69 |
|
70 |
> > The post-merge QA checks are executed after the ``pkg_postinst`` ebuild phase |
71 |
> > finishes. They can use the same commands as are permitted in ``pkg_postinst``, |
72 |
> > and access the installed system location ``${ROOT}`` and the temporary |
73 |
> > directory ``${T}``. |
74 |
> > |
75 |
> > The checks are allowed to alter the contents of the filesystem to the same |
76 |
> > degree as ``pkg_postinst`` phase is. They must not call ``die``. |
77 |
> |
78 |
> Ditto re: filesystem modification. |
79 |
|
80 |
This is technically needed for the checks to work. If you don't update |
81 |
outdated caches, then every single next postinst check will trigger. |
82 |
> |
83 |
> > Aside to the standard PMS function |
84 |
> > |
85 |
> |
86 |
> Aside from |
87 |
|
88 |
Fixed. |
89 |
|
90 |
> > eqatag |
91 |
> > ~~~~~~ |
92 |
> > Synopsis |
93 |
> > ``eqatag [-v] <tag> [<key>=<value>...] [<file>...]`` |
94 |
> > |
95 |
> > Tag the package with specific QA issues. The *tag* parameter is |
96 |
> > a well-defined name identifying specific QA issue. The tag can be additionally |
97 |
> > associated with some data in key-value form and/or one or more *files*. |
98 |
> > The file paths are relative to installation image (``${D}``), and need to |
99 |
> > start with a leading slash. |
100 |
> |
101 |
> If this is used in a post-merge check, isn't it conceivable that you |
102 |
> would want to tag a path outside of $D? For example, if your src_install |
103 |
> creates ${D}/bin/foo and then your pkg_postinst phase gives ownership of |
104 |
> /bin/foo to the "foo" user, I might want to tag /bin/foo (and not |
105 |
> ${D}/bin/foo) with a bad-owner tag. |
106 |
|
107 |
It's a wording issue. The point is, path is the same as you would pass |
108 |
to do* etc. Fixed. |
109 |
|
110 |
> > QA check script format |
111 |
> > ---------------------- |
112 |
> > |
113 |
> |
114 |
> This is the second appearance of a "QA check script format" section. |
115 |
> |
116 |
> |
117 |
> > |
118 |
> > Function specification |
119 |
> > ---------------------- |
120 |
> |
121 |
> |
122 |
> Also appears twice. |
123 |
|
124 |
How is that a problem? It appears twice because it strictly corresponds |
125 |
to the same section in specification. |
126 |
|
127 |
-- |
128 |
Best regards, |
129 |
Michał Górny |