Bodhi

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
m (moved Bodhi Guide to Bodhi: This is a very useful article that describes Bodhi in depth, and we have no better candidate for a "Bodhi" article)
(Fix our statuses, and elaborate on the karma system)
Line 8: Line 8:
  
 
This document is targeted towards end users and people part of the engineering team.  
 
This document is targeted towards end users and people part of the engineering team.  
 
  
 
= What is Bodhi =
 
= What is Bodhi =
Line 27: Line 26:
 
* Automated testing can be done on updates before they are released.
 
* Automated testing can be done on updates before they are released.
 
* End users and QA folks who wish to can test updates before they are released.
 
* End users and QA folks who wish to can test updates before they are released.
 
  
 
= Workflow =
 
= Workflow =
Line 42: Line 40:
 
Once submitted to Bodhi, packages move through the following states:
 
Once submitted to Bodhi, packages move through the following states:
  
* '''NEW''' - This is when your update request is being submitted.
+
* '''PENDING''' - Your update has not yet been pushed to the testing or stable repositories.
* '''PENDING''' - Your update has not yet been submitted to the [[ReleaseEngineering|RelEng team]] for pushing.
+
 
* '''TESTING''' - Your package is in the updates-testing repository for people to test.
 
* '''TESTING''' - Your package is in the updates-testing repository for people to test.
 
* '''STABLE''' - Your package has been released to the main updates repository.
 
* '''STABLE''' - Your package has been released to the main updates repository.
 
* '''OBSOLETE''' - Your package has been obsoleted by a different update
 
* '''OBSOLETE''' - Your package has been obsoleted by a different update
  
=== New ===
+
=== Pending ===
  
Once built, a package will enter the ''New'' state once it is submitted to Bodhi in one of two ways:
+
Once your update is submitted to bodhi, it will enter the ''Pending'' state.  You can submit updates to Bodhi in the following ways:
 +
 
 +
* The [https://admin.fedoraproject.org/updates bodhi web interface]
  
 
* The [https://fedorahosted.org/bodhi/wiki/CLI bodhi-client] command line interface
 
* The [https://fedorahosted.org/bodhi/wiki/CLI bodhi-client] command line interface
  
<code>$ bodhi -n -r F7 -t bugfix bodhi-0.4.2-1.fc7</code>
+
<code>$ bodhi --new --release F7 --type bugfix bodhi-0.4.2-1.fc7</code>
  
* The [https://admin.fedoraproject.org/updates bodhi web interface]
+
or, you can run the following from the CVS branch of your package:
 +
 
 +
<code>$ make update</code>
  
 
You can see a menu on the left:
 
You can see a menu on the left:
Line 63: Line 64:
  
 
Bodhi will perform some sanity checks on your update request. Is your package built and available in koji? Is it tagged as an updates candidate for the release you wish to make it available for? The update path for your package will also be checked at this point to make sure you don't release a newer version of a package on an older release. Your update must not break the upgrade path or it will be rejected.
 
Bodhi will perform some sanity checks on your update request. Is your package built and available in koji? Is it tagged as an updates candidate for the release you wish to make it available for? The update path for your package will also be checked at this point to make sure you don't release a newer version of a package on an older release. Your update must not break the upgrade path or it will be rejected.
 
Your packages is now in the ''New'' state until you proceed.
 
 
=== Pending ===
 
  
 
When you are satisfied with the details of your update, you then choose "Push to Testing". Alternatively "Push to Stable" may be selected to skip the testing state.
 
When you are satisfied with the details of your update, you then choose "Push to Testing". Alternatively "Push to Stable" may be selected to skip the testing state.
Line 74: Line 71:
 
=== Testing ===
 
=== Testing ===
  
While in the updates-testing repository you may get feedback, both positive and negative. Once enough feedback is generated, you can use the bodhi interface to release your update by clicking 'Mark as Stable', or to remove it click 'Delete'.  If your update achieves a karma of 3, it will automatically be pushed to stable, and will be unpushed if it reaches -3.
+
While in the updates-testing repository you may get feedback, both positive and negative. Once enough feedback is generated, you can use the bodhi interface to release your update by clicking 'Mark as Stable', or to remove it click 'Delete'.   
 +
 
 +
If you chose to use the 'karma automatism' feature when submitting your update, it will automatically be pushed or unpushed based on the feedback from testers.
 +
This feature can be disabled if you wish to push your update to the stable repository manually.  By default, for non-critical path updates,
 +
if your update achieves a karma of 3, it will automatically be pushed to stable, and will be unpushed if it reaches -3.
 
   
 
   
 
=== Stable ===
 
=== Stable ===
Line 82: Line 83:
 
=== Obsolete ===
 
=== Obsolete ===
  
Your update must be unpushed before it can be removed from the system. Only updates in the pending state may be deleted from the updates system. Removal will be done by an admin as time permits.
+
When submitting a new version of a package, bodhi will automatically obsolete any pending or testing updates that do not have an active push request.  Once obsoleted, your new update will inherit the old updates Bugs and Notes.
 +
 
 +
= Karma =
 +
 
 +
Bodhi Karma is a simple +1/-1 voting system that allows for testers/users
 +
to provide feedback as to whether a given update works or not.
 +
The karma of an update is the sum of all of it's comments.
 +
 
 +
== Karma requirements for Critical Path updates ==
 +
 
 +
Bodhi has begun implementing the new [https://fedoraproject.org/wiki/Package_update_acceptance_criteria Package Update Acceptance Criteria], and currently applies karma-based policy to [https://fedoraproject.org/wiki/Critical_Path_Packages Critical Path] updates within Fedora releases.
 +
   
 +
    Critical path package updates now require a net karma of +2, including
 +
    positive karma from 1 [[Proventester]], and a single +1 from one other
 +
    authenticated community member.
 +
 
 +
== Possible workflows with the karma system ==
 +
 
 +
=== Karma Automatism ===
 +
When submitting an update, you can tell bodhi to automatically push it to stable once it has reached a given threshold.
 +
 
 +
=== Manual intervention ===
 +
Maintainers can disable the automatic pushing and manually submit their update to the stable repository once they deem it appropriate.
 +
How to help test critical updates in Fedora
 +
 
 +
 
 +
= How to help test important updates using Bodhi =
 +
 
 +
== Using the bodhi web interface ==
 +
 
 +
https://admin.fedoraproject.org/updates/critpath?release=F13
 +
 
 +
You can optionally pass in a specific 'release' or an 'untested' flag,
 +
which will return a list of critical path updates that have yet to be  
 +
approved.
 +
 
 +
== Using the bodhi command-line client ==
 +
 
 +
<code>bodhi --testable --critpath --type=security</code>
 +
<code>bodhi --testable --type=security</code>
 +
 
 +
== Using the Fedora Community dashboard ==
 +
 
 +
https://admin.fedoraproject.org/community/#package_maintenance/updates/testing_updates
 +
 
 +
== Using the fedora-easy-karma tool ==
 +
https://fedoraproject.org/wiki/Fedora_Easy_Karma
 +
 
 +
 
  
 
= Questions and Answers =
 
= Questions and Answers =
Line 100: Line 149:
  
 
5. Q: I want to push my package directly out, bypassing testing.
 
5. Q: I want to push my package directly out, bypassing testing.
A: Then once you submit your update, press "Push to Stable".  Simple as that.
+
A: Then once you submit your update, press "Push to Stable".  Simple as that.  This can only be done for non-critical path packages.
  
 
6. Q: What do I put in the "Notes" section of an update?
 
6. Q: What do I put in the "Notes" section of an update?
Line 137: Line 186:
 
If the package has a dependency on another package maintained by someone else one
 
If the package has a dependency on another package maintained by someone else one
 
still make a bundle.
 
still make a bundle.
 +
 +
== Ideas for improving the Karma System ==
 +
* http://bochecha.fedorapeople.org/bodhi_karma_revamped

Revision as of 18:08, 13 July 2010

Warning (medium size).png
This page is a draft only
It is still under construction and content may change. Do not rely on the information on this page.

Contents

Scope of this document

This document gives an introduction on what Bodhi is and its uses in real-time.This is a work in progress and hence the document currently targets end-users, however this document would be updated periodically to target everyone.


Targeted Audience

This document is targeted towards end users and people part of the engineering team.

What is Bodhi

Bodhi pronounced as bo-dee is a buddhist term for the wisdom by which one attains enlightenment. Bodhi is a modular web based system that facilitates the process of publishing package updates for fedora-based software distribution. Bodhi is currently used to send out package updates for Fedora. Bodhi is a system internal to Red Hat.It maintains a single stage of repositories by adding/updating/removing packages.

Advantages of Bodhi

  • Provides an intuitive interface for developers and release engineers to manage pushing out package updates for multiple version releases.
  • Helps in delivering quality packages and repository sustainment with automated testing.
  • Helps Community testers to get involved in testing of the package updates and provide quality feedback which would reach the packagers/developers.
  • Provides a modular framework that will allow future integrations to various other QA and developer tools.
  • New packages entering the collection can be announced to users.
  • The reasons for an update can be communicated to end users.
  • Bodhi generates extended update metadata which is parsed client-side by yum.
  • Security updates can be seen by users as a separate channel, with links to the security advisories.
  • Automated testing can be done on updates before they are released.
  • End users and QA folks who wish to can test updates before they are released.

Workflow

First you must build your package in the Koji buildsystem. See the relative guide.

It is always recommended that you test your package locally to the best of your ability before pushing it into a release.

Packages must then move through the following states in Bodhi. Koji.

Package States

Once submitted to Bodhi, packages move through the following states:

  • PENDING - Your update has not yet been pushed to the testing or stable repositories.
  • TESTING - Your package is in the updates-testing repository for people to test.
  • STABLE - Your package has been released to the main updates repository.
  • OBSOLETE - Your package has been obsoleted by a different update

Pending

Once your update is submitted to bodhi, it will enter the Pending state. You can submit updates to Bodhi in the following ways:

$ bodhi --new --release F7 --type bugfix bodhi-0.4.2-1.fc7

or, you can run the following from the CVS branch of your package:

$ make update

You can see a menu on the left:

Select New Update for the appropriate release and type the name of the package that you would like to update. A list should appear with all of the possible builds for this package, if not then you can type the full name-version-release manually. Select the build that is going to be a potential update. You will be able to specify if the package is bugfix, an enhancement, or a security update. You can also specify any bugzilla bugs related to this update and provide any end user notes. By default, bodhi will close all associated bugs when the update is marked as stable, which can be toggled upon creation.

Bodhi will perform some sanity checks on your update request. Is your package built and available in koji? Is it tagged as an updates candidate for the release you wish to make it available for? The update path for your package will also be checked at this point to make sure you don't release a newer version of a package on an older release. Your update must not break the upgrade path or it will be rejected.

When you are satisfied with the details of your update, you then choose "Push to Testing". Alternatively "Push to Stable" may be selected to skip the testing state.

The signing process is currently done by a human, so you will be notified by email when your update has been signed and pushed, and a package update notification will also be sent to fedora-package-announce or fedora-test-list depending on its status.

Testing

While in the updates-testing repository you may get feedback, both positive and negative. Once enough feedback is generated, you can use the bodhi interface to release your update by clicking 'Mark as Stable', or to remove it click 'Delete'.

If you chose to use the 'karma automatism' feature when submitting your update, it will automatically be pushed or unpushed based on the feedback from testers. This feature can be disabled if you wish to push your update to the stable repository manually. By default, for non-critical path updates, if your update achieves a karma of 3, it will automatically be pushed to stable, and will be unpushed if it reaches -3.

Stable

After your package is marked as stable, a request will get sent to the RelEng team and it will be signed and pushed out to the main released updates repository. Note that signing is a manual process and is done as time permits. Upon completion bodhi will optionally close all associated bugs, send out update notices to the appropriate mailing lists, and will notify everyone associated with the update.

Obsolete

When submitting a new version of a package, bodhi will automatically obsolete any pending or testing updates that do not have an active push request. Once obsoleted, your new update will inherit the old updates Bugs and Notes.

Karma

Bodhi Karma is a simple +1/-1 voting system that allows for testers/users to provide feedback as to whether a given update works or not. The karma of an update is the sum of all of it's comments.

Karma requirements for Critical Path updates

Bodhi has begun implementing the new Package Update Acceptance Criteria, and currently applies karma-based policy to Critical Path updates within Fedora releases.

   Critical path package updates now require a net karma of +2, including
   positive karma from 1 Proventester, and a single +1 from one other 
   authenticated community member.

Possible workflows with the karma system

Karma Automatism

When submitting an update, you can tell bodhi to automatically push it to stable once it has reached a given threshold.

Manual intervention

Maintainers can disable the automatic pushing and manually submit their update to the stable repository once they deem it appropriate. How to help test critical updates in Fedora


How to help test important updates using Bodhi

Using the bodhi web interface

https://admin.fedoraproject.org/updates/critpath?release=F13

You can optionally pass in a specific 'release' or an 'untested' flag, which will return a list of critical path updates that have yet to be approved.

Using the bodhi command-line client

bodhi --testable --critpath --type=security bodhi --testable --type=security

Using the Fedora Community dashboard

https://admin.fedoraproject.org/community/#package_maintenance/updates/testing_updates

Using the fedora-easy-karma tool

https://fedoraproject.org/wiki/Fedora_Easy_Karma


Questions and Answers

1. Q: What versions of Fedora and EPEL use or will use Bodhi? A: Fedora utilizes Bodhi as of Fedora 7. EPEL now utilizes Koji and Bodhi.

2. Q: Won't this slow down development / rawhide packages? A: bodhi will NOT be used for development / rawhide. Package builds there will (usually) be available in the next rawhide push. The exception being periods where there is a freeze in effect.

3. Q: Why do we need bodhi? What was wrong with just always pushing updates right out? A: There are lots of advantages to an updates system like bodhi, see Advantages of Bodhi.

4. Q: Is there a command line interface to bodhi? Do I have to have web access? A: The bodhi-client package is available.

5. Q: I want to push my package directly out, bypassing testing. A: Then once you submit your update, press "Push to Stable". Simple as that. This can only be done for non-critical path packages.

6. Q: What do I put in the "Notes" section of an update? A: It's up to you as maintainer. Consider that end users would like to know why they just downloaded this update. Does it add anything? Fix a bug? If it's a new package, consider adding in a copy of the description so end users will know what it is.

7. Q: Are we going to have any rule for how long things should be in updates-testing? How much QA? How many good/bad? A: Right now bodhi will automatically stabalize updates once they reach a karma of 3. Releng and security team members have full control of the updates, as well as the person that submits them.

Outstanding Questions

Enhancement suggestions

Proposed addition to New on the need and steps for ensuring that a package and its dependencies are pushed together as one unit.

There are cases where a package depends on one or more other packages and one must ensure that the package along with the packages it depends on are pushed to stable, or testing, as one unit. If the dependent package gets pushed ahead of the others this would cause unresolved dependencies at update time.

To give a concrete example: nss was split into three stand-alone packages, nss, nss-softokn, and nss-util. nss depends on nss-softokn and both nss and nss-soktokn depend on nss-util. They all in turn depend on nspr. nss-softokn is updated independently of, and less frequently than, nss whereas the nss-util package is usually updated in synchrony with nss. If several of these are updated they must be pushed as a unit.

Via the Bodhi Web interface: At the point of adding our package build to the update, add also any rebuilds of packages this one depends on. This ensures that the package and its dependencies are submitted as one unit.

Via the command line interface: it is not clear from the documentation how to accomplish an update as a unit or that one can do it at all.

If the package has a dependency on another package maintained by someone else one still make a bundle.

Ideas for improving the Karma System

* http://bochecha.fedorapeople.org/bodhi_karma_revamped