kopers/personal repos

March 24, 2010

Tom asked Toshio and me to look into how to implement something like the kopers proposal that Jesse wrote up a while back. Toshio and I have been doing a bunch of research on it and have come up a bunch of issues and some questions about it. The most pressing question is this:

РIf kopers/fedora ppas make creating(and hosting) new/different variants of pkgs easier, are we just encouraging a dependency/provides explosion of incompatibility  and, ultimately, pain in debugging. OR are we just facilitating what is already happening now and lifting user frustration?

In short, does providing the technology to do what a koper is make our lives better or worse?

Let me give some examples of better:

– easier hosting of the 5 pkgs with interdependent build processes for any given use

– easier updating of repos and searching of them

– advancing the tooling in parts of our build infrastructure (mock and createrepo in particular)

Some examples of worse:

– now instead of an average user having 3-5 repos enabled (fedora, updates, rpmfusion, adobe-flash) they have a lot more

– polluting the search namespace for google and others to confuse people looking for ‘python-frazzlebutt’.

– confusing an average user as to what is a Fedora Project pkg and what is just something provided from a fedora domain by some random user.

– making every developer debugging a problem have to ask the: what pkgs do you have installed and can you give me full details of where you got them from. (to be fair, yum now records the repo a package was installed from so this information is not difficult to come by)

At the moment I’m inclined to believe that folks are making their own pkgs and repos already and we have a smaller scale of the ‘cons’. So that by making it easier we will make a larger number of them but it’s not altogether new. And I know that enhancing some of the tools will be helpful, if only to the folks using them to build local repos of their own stuff.

Anyone have any thoughts on ths subject?

Update: Toshio was kind enough to point out this blog post from fedora’s very own Adam Williamson before he came to fedora.


7 Responses to “kopers/personal repos”

  1. James Says:

    So I think we can do a few things with KoPeRs that will make them much better than random third party repos:

    1. Builds must come from Fedora build system.

    2. repoclosure/auto-QA/whatever must pass with just the repo. and a Fedora+updates.

    3. Won’t have availability problems.

    4. Have a plugin so that it’s easy to say things like: yum –enable-koper=skvidal (or do the same (semi-)permanently).

    …I also don’t expect many people to have a lot of repos. enabled (and I also expect most of those repos. to contain a very small number of packages).

    I think we already have the pkg version problem, even without –releasever and rawhide, I’ve seen more than a few people building their own SRPMS.

    • skvidal Says:

      the problem is the expressed desire of the kopers/ppas proposal is to build from arbitrary builddeps using a rough base of fedora or even rhel (for epel-ish builds)

      so the repoclosure/autoqa won’t work very well
      and builds coming from our build system falls down there, too.

  2. Toshio asked me on IRC if I thought my blog post had come true, but I missed him. I don’t really keep up with Ubuntu enough to know if all the Bad Stuff I discussed in my blog post has happened to Ubuntu. I do think it’s fairly accurate on the dangers of multiple tiny repositories, though, and it would be nice if the koper system could build in some protection against those problems.

    • skvidal Says:

      unforutnately I think the system you would like is a little like saying:

      “I want a system that allows freedom of speech, but you know, not from anyone who I don’t want to be able to speak.”

      • Rahul Sundaram Says:

        I think the risk is there but the benefit is worth it and when the new update policies come into place, some maintainers will want to exercise such a option to do their own stuff outside the official repo ones.

    • Kevin Kofler Says:

      I think not doing KoPeRs (or restricting them artificially) won’t do anything to prevent that problem. People will just continue to put up their own third-party repositories or use the OpenSUSE Build Service (which also allows to target Fedora with builds), and with the proposed restrictive update policies, we’re going to see many more third-party repositories spring up, and potentially some existing ones which previously didn’t replace Fedora packages starting to do that.

      The real way to prevent third-party repository chaos is to encourage stuff to go into Fedora itself. A liberal update policy is part of that. But unfortunately, the Board and most of FESCo refuse to consider that. They also blatantly ignore the desires of our users as shown by your poll.

  3. liangsuilong Says:

    I still believe that koper makes our lives better.

    But I have some questions about that. Does it allows kopers add another third repositories as build dependencies? If OK, some restricted package may be built on koper.

    Should all the packages in koper be under Fedora Licencing Guideline? If OK, does it means some third repository such as rpmfusion migrate to koper?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: