From Fedora Project Wiki

Revision as of 16:34, 31 October 2013 by Toshio (talk | contribs) (scl retirement updates; shorten secruity window and write up something on general scl packages not in the back compat guarantee)

Software Collections (SCLs) give rpm packagers a means of packaging multiple versions of software for a single distribution. The version from the software collection does not interact with the system version. SCLs can provide backwards and forwards compat versions of a package compared to what's on the system.


Definitions

Term Definition
SCL A Software Collection
SCL Metapackage (SRPM) SRPM package that defines the SCL.
SCL Metapackage (RPM) RPM built from the SCL Metapackage SRPM. Defines the essential packages you get when you install the scl.
SCL Runtime Package Built from the SCL Metapackage SRPM. Contains the SCL filesystem and essential scripts (usually just enable) used to work with this SCL.
SCL Build Package Built from the SCL Metapackage SRPM. Contains macro definitions needed to build packages for the collection.
General SCL Package Any binary RPM built for an SCL.
Mainstream Package Package containing the software in Fedora that is not part of an SCL.

SCL Approval

SCLs need to be approved on several levels:

  • The SCL itself needs approval. At the moment we're rather strict about what can be an SCL so that we limit the number and types of SCLs. At least in this phase of getting SCLs into Fedora we want to avoid a proliferation of SCLs with only minor differences. This may be relaxed in the future.
  • Each SCL Package needs to be approved so that it meets the packaging guidelines.

SCLs are approved by the FPC for now but we may move it to some other body in the future. This is pending discussion by FPC, FESCo, and possibly the Environments and Stacks Working Group. General SCL Packages are approved by packagers just like any other rpm package.

There's currently not much will within either FESCo or FPC to look into the "other body" question so we'll keep this in FPC and look at another body if it becomes a problem in the future.
Toshio envisions the SCL Criteria section being broken off into its own section if we create a new group that handles SCL approval

SCL Criteria

There can be only one

For any given version of a software environment that satisfies the other requirements listed below there shall only be one SCL that provides the environment within Fedora. The version may overlap with the version provided by the mainstream Fedora package. Please remember to read the SCL Criteria: Version section to understand how version is being used here.

Size

The software ecosystem that an SCL targets must be of a moderate to large size. A language interpreter would satisfy this. A web framework would as well. In general, a single library would not. Use the standard backwards/forwards-compat packaging standards for those. (An exception to this would be alternate libc implementation, older boost versions and similar, very basic libraries).

In some cases, an application may also be deemed large enough to satisfy this requirement when the application itself is the major portion of an ecosystem. Servers like apache httpd which has an ecosystem of loadable modules and postgres which has programs linked against its client libraries are examples of this.

Version

SCLs are used to allow parallel versions of a software environment to be installed and used on the system. In Fedora we choose not to allow all versions to be parallel installed. Only when there is a compatibility break between versions do we have a new version packaged. As an example, we might allow an httpd2.4 scl and an httpd2.5 scl as modules written for httpd2.4 may need intrusive code changes to run with httpd2.5. We would not have an httpd2.5.0 scl and an httpd2.5.1 scl as httpd2.5.1 was intended as a bugfix release that does not require code changes (or even a recompile) in order for modules built for httpd2.5.0 to run on them.

Conflicts with non-SCLs and other SCLs

Portions of this may belong in the SCL Package section. Re-evaluate once we have more of the guideline revised

SCLs must not conflict with other packages on a filesystem level. They must follow the Conflicts Guidelines for use of the rpm Conflicts tag. They may Conflict with other packages in other ways but be sure to read the rest of this section to understand what you must do in those cases.

Conflicts between tcp and udp ports, plugins that provides a non-version-protected API (different versions of apache modules, for instance), and other non-filesystem conflicts may occur. These should not be marked using the rpm Conflicts tag as the person installing the packages can usually configure the packages to coexist with a bit of manual effort. A service in an SCL must not override a service started from a mainstream package. This is so that an already installed mainstream package gets disabled by installing an SCL. Unfortunately we do not make the same protection in the opposite direction at this time.

For standalone services like httpd, we implement this by not allowing those services to start by default. If a service should start by default when it is installed, it must be packaged as a mainstream package.

For add on modules (like mod_php), the service must either be configured to only load if the mainstream package is not installed or configured to not load at all without the user configuring it to do so.

Expand this
Are there other things that SCLs should be allowed to conflict with than ports? If so, please list them here. Debug packages are conflicting. It's the way how are debug packages automatically created.
Change Conflicts Guidelines
FPC should change the Conflicts guidelines to mention how to deal with Conflicting ports there. Conflicting ports were seen in case of mysql. The new mysql must be configured first, both can't run and be enabled by default.

Only for packages that aren't parallel installable

Some packages have accepted methods of being parallel installed. These packages must not be packaged as SCLs. Use the standard guidelines for parallel installing the packages instead. Taking a look at upstream, if and how other packages multiple versions of the software, existing Packaging Guidelines, and similar existing packages within the distribution can guide you in determining whether the package is parallel installable or not.

SCL Approval Process

Need to write the template for this

SCLs need to create a web page similar to that used for Fedora Changes. The page needs to document what the purpose of the SCL is including the main package/stack that is being enabled by the SCL. SCLs must not target more than one main package/stack. (ie: rails3 and ruby1.9.3 would be separate SCLs). Use inter-SCL dependencies for this.

Compatibility Guarantees

Each SCL can make compatibility guarantees. These set expectations for the user about what things they can expect to remain backwards compatible for the life of an SCL and what things they should use only if they are prepared to update their code if needed. The Compatibility Guarantees should list a set of the packages or libraries being provided by the SCL as things that won't change in a backwards incompatible manner. Compatibility Guarantees are per-SCL so an individual SCL may choose to list everything that they provide or or very little as having guaranteed backwards compat. At a minimum, the SCL must list a backwards compat guarantee that encompasses the version information encoded in the SCL metapackage's name. SCLs must also mention whether they are supporting the backwards compat guarantees that SCL's they depend on are making or if the SCL could change that. (For instance, if scl-rails3 depends on scl-ruby1.9.3 it must mention whether the SCL will always use ruby1.9.3 or if it could be targeted against a different version of ruby in the future.)

The SCL may choose to say they are going to maintain backwards compat even if that means backporting code or merely that they'll follow upstream's lead. For instance, an scl named scl-httpd2.4 may choose to write the following guarantee:

  • httpd -- follow upstream's 2.4.x releases

which would allow the SCL to ship new 2.4.x releases even if upstream makes minor changes to the API. OTOH:

  • httpd -- maintain backwards compatibility with 2.4.0

means the SCL maintainer should evaluate whether a new httpd-2.4.x release has made any changes that would be backwards incompatible before rebasing to a new upstream minor release. The important thing here is that the Compatibility Guarantees set the user's expectations and then the SCL maintainer follows them.

SCL maintainers should make every attempt to balance their ability to keep up with evaluating and pushing changes while maintaining a stable platform for people developing on top of their SCL when writing what guarantees they are willing to make.

Security trumps compatibility
If a security issue needs to be fixed but that breaks backwards compatibility, the security issue must be fixed despite violating the guarantee. The SCL Request must be updated to tell the Fedora versions and the version of the relevant packages from the SCL which needed a backwards incompatible change to fix the issue).

The Guarantees are written down in two places: The SCL Request form has a section that needs to list the guarantees being made. The SCL metapackage's %description also needs to list the guarantees so that a user can query the information from their system.

May change from %description
There needs to be something associated with the SCL metapackage that lets the user discover what is guaranteed and what is not. Although %description is used here, we may be able to reimplement this as a virtual Provide or another tag at a later date.
Notes for the SCL Request template
It needs to have a Compatibility Guarantees section. The template should contain boilerplate about security updates sometimes breaking compatibility and that guarantees may be changed (see the next section)
Changing a Guarantee

Compatiblity guarantees can be changed but it is discouraged. This can happen, for instance, if the maintainer of an SCL wants to orphan it and someone else steps in to take over. The new maintainer may want to either make a larger or a smaller compatibility promise when they take over. Within a Fedora release, compatibility guarantees can be changed to cover more packages but you cannot make the guarantees cover less packages or change what versions the compatibility guarantee is made against. Those changes can only occur between Fedora releases.

Changing the compatibility guarantee requires:

  1. Changing the SCL Request to list the new compatibility guarantee. The document must continue to document what the old compatibility guarantee was and the Fedora version and SCL metapackage version at which the compatibility guarantee changed.
  2. Updating the SCL metapackage with the new compatibility guarantee in its %description
  3. These changes must go through a re-review of the SCL.
  4. The changes need to be published in the release notes for the fedora release that they are introduced in.

SCL Retirement

Draft
These are a few things that were discussed on IRC. I still need to improve the language.

If an SCL has open security bugs that apply to the SCL version in rawhide and have been open for 6 months or more than the SCL will be retired. For the purposes of this requirement, a bug against the SCL the bug is defined as a bug against one of the packages that is mentioned in the compatibility guarantee or one of the packages that those packages depend upon.

Shorten security window
geppetto suggested shortening the window for unfixed security issues to 2 months
Clarify general scl packages not in the compat guarantee
My suggestion -- retire just that package

SCL Maintainers need to commit to supporting an SCL explicitly every cycle. This must be done by the Change Proposals Submission Deadline. If an SCL does not have a commitment to be maintained, the SCL will be retired and not branched for the next release. This gives people who depend on an SCL from 9 months to a year (depending on when the Change Proposal Submission Deadline is in relation to the previous Fedora release's EOL date) to port their software away from the old SCL.


When an SCL is no longer going to be supported, the fact that it is no longer available needs to be in the release notes for the Fedora Release where it no longer appears. We also need to notify people that the SCLs are being retired. Typically, this will happen in an email to announce@lists.fedoraproject.org right after the Change Proposal Submission Deadline.

Timing
Is the timing right? If we want to give people more time to port, we can choose another date (like Fn-1 Release or even Fn-1 branch).
EPEL
Should EPEL choose to allow SCLS, it will need to heavily modify this section as they don't have the natural 6 month boundaries to deprecate and retire things on. Might make sense for EPEL to consider creating cycles based on RHEL point releases or just pick some annual dates for themselves. Creating cycles could also be leveraged by EPEL to address the backwards-incompatibilities-in-the-main-repository problem that EPEL has traditionally suffered from.

Naming the SCL

The SCL and the SCL metapackage are known by the same name. This name must make it unique from non-scl packages. Thus it carries a prefix of scl-. Following the prefix, the SCL must carry the name and version of the primary package being packaged. For instance, if this to be ruby at version 1.9.3 then the SCL metapackage would be named scl-ruby1.9.3. All SCL packages within the SCL must carry the SCL metapackage base name as a prefix. So, for instance, the ruby interpreter package contained within the metapackage would be named scl-ruby1.9.3-ruby.

Choosing the version in the SCL name
The version in the SCL metapackage name should be decided upon based on some sort of backwards compatibility guarantee. Some upstreams will use a $MAJOR.$MINOR convention for backwards compatibility and should use just the $MAJOR.$MINOR components of the version in the name. Others, like the ruby example, make backwards compatibility guarantees at a different level and the version should reflect that upstream policy.
Prefix
Toshio is a little bit flexible about what prefix is used. If we end up putting the SCLs into a vendor directory, he could see prefixing the scls with the same vendor string, for instance. Unknown how the rest of the FPC would feel about using different prefixes.
Prefix
marcela doesn't understand the reason for scl prefix before the name. Is it the prefix there because of our build system? I believe I already proved koji can build without the prefix. http://miroslav.suchy.cz/blog/archives/2013/10/09/how_to_set_up_koji_for_scl/index.html Also are the dots in name of package mandatory? No-one is using dots in existing collections.

Version and Release String

The SCL metapackage should use a simple integer starting with 1 as its version. SCL metapackages must use %{?dist} in their release string. There are no other special rules about how the version and release should be determined. As these strings are purely Fedora creations (there's no "upstream tarball" for the SCL), please use common sense when deciding how to increment these strings.

SCL Metapackage

Every SCL must have an SRPM-level metapackage. This metapackage must build three binary rpm packages:

  • One which has the same name as the SRPM metapackage. This RPM contains Requires to pull in the packages essential to this SCL.
  • An $SCLNAME-runtime subpackage. This package needs to be installed if an end user intends to use the scl.
Requirement to help the end user install the scl
since the -runtime subpackage contains the things needed for the end user to use the SCL, why doesn't the main package have a dep on the -runtime subpackage? Why is there a separation between the main binary rpm and the -runtime subpackage?
explanation of the above
slavek: Installing the main binary RPM should install the "whole collection" (including the -runtime package), whereas installing the -runtime package itself shouldn't. This is because you may not want to install the whole collection, but only specific packages - the packages depend on -runtime, not the main package. E.g. if you install "ruby193", it should install the whole collection, but if you install only ruby193-foo, it will only install "ruby193-foo" and "ruby193-runtime"
  • An $SCLNAME-build subpackage. This package contains rpm macros needed for building packages into the SCL. This subpackage is needed for Koji builds, but may be left out for local builds).
I'm not certain I understand the above. Is it really only needed for building in koji? Since it includes an rpm macros file, it seems more like it's needed for building the SCL whether locally or in koji. maybe it's trying to say that it may (must?) be left out for building a non-SCL version?
marcela: $SCLNAME-build is a build requirement. It's not a good idea to install it on workstation, because it might produce unexpected results after builds. It's recommended to install it into virtual machine or mock, where are builds done in clean build environment and scl non-scl builds can't be mixed.
scl_prefix
Need to decide on scl_prefix - /opt with pieces in /var and /etc?  %{_libdir}/scls (with pieces in /var and /etc?)
marcela: List of things installed outside of /opt.

/etc/logrotate.d/*

/etc/rc.d/init.d/*

/etc/rpm/macros.*-config

/etc/scl/prefixes/*

/var/lib/mysql

/var/log/mariadb55-mysqld.log

/usr/lib/rpm/*

An example SCL metapackage follows:

%global scl ruby1.9.3
%scl_package %scl
%_scl_prefix /opt/fedoraproject/scls

%global install_scl 1

Summary: Package that installs ruby1.9.3
Name: %scl_name
Version: 1
Release: 1%{?dist}
License: GPLv2+
Requires: %{scl_prefix}js
Requires: %{scl_prefix}rubygem-sqlite3
BuildRequires: scl-utils-build

%description
This is the main package for the ruby1.9.3 Software Collection.

[Provide some useful info about this SCL.]

[List the Compatibility Guarantees being made here]


%package runtime
Summary: Package that handles %scl Software Collection
Requires: scl-utils

%description runtime
Package shipping essential scripts to work with the ruby1.9.3 Software Collection.

%package build
Summary: Package shipping basic build configuration
Requires: scl-utils-build

%description build
Package shipping essential configuration macros to build packages for the ruby1.9.3 Software Collection.

%prep
%setup -T -c

%build

%install
rm -rf %{buildroot}
mkdir -p %{buildroot}%{_scl_scripts}/root
cat >> %{buildroot}%{_scl_scripts}/enable << EOF
export PATH=%{_bindir}\${PATH:+:\${PATH}}
export LD_LIBRARY_PATH=%{_libdir}\${LD_LIBRARY_PATH:+:\${LD_LIBRARY_PATH}}
export MANPATH=%{_mandir}:\${MANPATH}
EOF
%scl_install

%files

%files runtime
%scl_files

%files build
%{_root_sysconfdir}/rpm/macros.%{scl}-config

%changelog
* Fri Mar 30 2012 Bohuslav Kabrda <bkabrda@redhat.com> - 1-1
- Initial package.
Needs more info
This section needs to explain everything that is non-standard in the template. For instance, we need either explain all the scl macros used here or point to another section that explains them. We need to list all the standard macros whose meaning is changed by making this an SCL package. Probably need to have someone who hasn't gotten to know SCLs to review this and make sure there's nothing that we haven't left unexplained.

Things to note here:

  • The -build subpackage should include Requires: scl-utils-build.
Why is this a should and not a must?
marcela: it's needed in the main package, why it should be again in -build sub-package?
  • The enable script contains certain environment variable overrides so that programs and CLI interaction will use the files provided by the SCL. These are commonly overridden variables:
    • PATH=%{_bindir}\${PATH:+:\${PATH}} to run SCL binaries
    • LD_LIBRARY_PATH=%{_libdir}\${LD_LIBRARY_PATH:+:\${LD_LIBRARY_PATH}} to properly link against SCL shared objects
    • MANPATH=%{_mandir}:\${MANPATH} to be able to diplay manpages present in the SCL
    • PKG_CONFIG_PATH=%{_libdir}/pkgconfig\${PKG_CONFIG_PATH:+:\${PKG_CONFIG_PATH}} or PKG_CONFIG_PATH=%{_datadir}/pkgconfig\${PKG_CONFIG_PATH:+:\${PKG_CONFIG_PATH}} to enable using pkg-config files
    • XDG_DATA_PATH=%{_datadir}\${XDG_DATA_PATH:+:\${XDG_DATA_PATH}} to use systemtap tapsets from the SCL
  • SCL metapackages must not be noarch. The filesystem directories contained in the metapackage may contain arch-specific paths.
  • Among other things, the %scl_install macro creates a macro file macros.%{scl}-config (that ends up in the %{scl}-build package). This file is always located at %{buildroot}%{_root_sysconfdir}/rpm/macros.%{scl}-config. If you need to add some more macros specific for this SCL, add them into this file.
This needs to be expanded upon. how do you pre-create the file? How do you stop scl_install from creating it?
  • Unlike in specfiles of normal SCL packages (see below), the metapackage doesn't need to conditionalize SCL specific macros, as it can only be used as a part of SCL (for example, instead of Requires: %{?scl_prefix}foo, use just Requires: %{scl_prefix}foo - notice the missing questionmark, that makes the first macro conditional).
  • When user runs yum install ruby193, he expects that the whole SCL with all dependencies gets installed. Because of that, it should have Requires on all packages of that SCL, that are needed for the SCL to fulfil its purpose. E.g. yum install ruby193 definitely has to install Ruby 1.9.3, but it needn't install collection packages that were used to build the interpreter (and that are not needed at Ruby runtime).

SCL Prefix (proposal - not part of draft)

Proposal 1

  • Use /opt/$vendor/scls/$sclname/ for the main part of the scl package. This loosely replace /usr/ in a mainstream package
    • /var/opt/$vendor/scls/$sclname/ for the variable state. This replaces /var/ (thus, there would be /var/opt/$vendor/scls/log, /var/opt/$vendor/lib, and so on)
    • /etc/opt/$vendor/scls/$sclname/ for config files. This replaces /etc/
  • Have spot register fedoraproject or fdr with the Linux Assigned Names and Numbers Authority and use that as $vendor http://www.lanana.org/lsbreg/providers/index.html
  • Third party scls go in /var/opt/$vendor2/scls

Proposal 2

  • Use %{_libdir}/scls/$sclname/
    • /var/lib/scls/$sclname/
    • /etc/scls/$sclname/
  • SCL names must contain a vendor string. So rht-ruby1.9.3 for a ruby package provided by Red hat. fdr-ruby1.9.3 for one provided by the fedoraproject.
  • Have spot register fdr with the Linux Assigned Names and Numbers Authority and use that as vendor in the package name http://www.lanana.org/lsbreg/providers/index.html
  • Third party scls end up in %{_libdir}/scls/$sclname but we're willing to accept that since collisions are protected against by good vendors putting the vendor string in the package name.

Proposal 3

  • Use %{_prefix}/scls/$sclname/
    • /var/lib/scls/$sclname/
    • /etc/scls/$sclname/
  • SCL names must contain a vendor string. So rht-ruby1.9.3 for a ruby package provided by Red Hat. fdr-ruby1.9.3 for one provided by the fedoraproject.
  • Third party scls end up in %{_libdir}/scls/$sclname but we're willing to accept that since collisions are protected against by good vendors putting the vendor string in the package name.

General SCL Package

This section sums up the steps needed to take in order to convert a normal specfile to SCL specfile step by step. The resulting package should be buildable even without SCL - that means both without %{scl}-build in the buildroot and with it. Advantage of this approach is, that both non-SCL packages like rubygem-foo and SCL packages %{scl_prefix}rubygem_foo (depending on the SCL) can be built from the same SRPM, depending on the buildroot.

Automation
spec2scl was written to automate the task of converting specfiles to scl-enabled specfiles as much as possible. Install it by yum install spec2scl or use upstream version from https://bitbucket.org/bkabrda/spec2scl.
Hardcoded Paths
If the package you're converting for SCL contains hardcoded paths in upstream code, you will need to do some patching. Typical places to look for hardcoded paths are shebangs and configure scripts.

Converting Tags and Macro Definitions

Every SCL specfile must have %scl_package macro specified (like any other macro, it should be conditionalized). This macro does this:

  • Rewrites the standard path macros by prefixing them with %{_scl_prefix}/%{scl}/root/. E.g. %{_datadir} changes (depending on value of %_scl_prefix) from /usr/share to e.g. /opt/fedora/myscl/root/usr/share.
  • Introduces some SCL specific macros (like %pkg_name, %scl_prefix or %_root_* set of macros, that contain values of the original RPM macros (e.g. %_root_datadir contains /usr/share).

One of the important macros is %pkg_name, which represents the original package name - the %name macro stands for the name with SCL prefix during SCL build. Therefore it is a good practice to also define %pkg_name macro for non-SCL builds, to be able to use it consistently throughout the whole specfile.

So here is what the first two lines should look like:

%{?scl:%scl_package foo}
%{!?scl:%global pkg_name %{name}}

Usual steps to adapt tag definitions for SCL builds are these:

  • Name must be modified like this:
-Name:           foo
+Name:           %{?scl_prefix}foo
  • Requires and BuildRequires have to be considered carefully. These depend on what you are building/linking with and it is your decision as a packager. The only rule here is, that if building/linking with other SCL packages, their names must be also prefixed with conditionalized macro %{?scl_prefix} like this:
-Requires:       bar
+Requires:       %{?scl_prefix}bar
  • For example, since ifconfig is a binary, we're going to use its system version, which means not using %scl_prefix with it. rubygem-foo, on the other hand, has to be in the path of the Ruby interpreter which will be part of this SCL, therefore it needs to be used with %scl_prefix. When depending on system packages, you should be very general in your requirements (avoid using versioned Requires on specific versions) and if you need a package that might be updated, you have to either add it to your SCL or be willing to rebuild the SCL when the system package updates.
 Requires        ifconfig
-Requires:       rubygem-foo = 1.0.0
+Requires:       %{?scl_prefix}rubygem-foo = 1.0.0
 BuildRequires:  ifconfig
-BuildRequires:  rubygem-foo = 1.0.0
+BuildRequires:  %{?scl_prefix}rubygem-foo = 1.0.0
  • Obsoletes, Conflicts and BuildConflicts must always be prefixed with %{?scl_prefix}. This is extremely important, as the SCLs are often used for deploying new packages on older systems (that may contain old packages, now obsoleted by the new ones), but they shouldn't Obsolete or Conflict with the non-SCL RPMs installed on the system (that's the idea of SCL :) ). For example:
-Obsoletes:      foobar < 1.0
+Obsoletes:      %{?scl_prefix}foobar < 1.0
  • Provides tag must always be prefixed with %{?scl_prefix}. For example:
-Provides:       foo(bar)
+Provides:       %{?scl_prefix}foo(bar)
  • All the other tag definitions should be unchanged, unless they contain %{name} macro, which may need to be substituted for %pkg_name (for example in SourceN tag, where it may be a part of URL).
  • There are some additional tags you should add. The package must require %{scl}-runtime, unless it depends on another package that requires %{scl}-runtime.
    • Here is a rule of thumb: If packaging SCL with a language interpreter, like Ruby or Python, typically all other packages in the SCL depend on the interpreter. Therefore it is sufficient when only the interpreter runtime package requires %{scl}-runtime. Generally, every SCL package that can be installed on its own (without other packages from this SCL) should require the %{scl}-runtime package.
    • The line to add is:
%{?scl:Requires %{scl}-runtime}

Subpackages

The same rules as for normal tags apply for subpackages tags. The only thing needs to be changed:

If (and only if) a package define its name with -n, the name must be prefixed with %{?scl_prefix} like this:

-%package -n foo
+%package -n %{?scl_prefix}foo

This applies not only to %package macro, but also for %description and %files.


Inter-SCL Dependencies

Available from scl-utils version 20120613.

There are situations where packages from an SCL have to depend on packages from another SCL. While using simple [Build]Requires: rails323-rubygem-rails is possible, it is not the wisest thing to do, since it hardcodes the information about how %{?scl_prefix} gets expanded. If the expansion of this macro was changed (for example from rails323- to scl-rails-323, all the packages using such dependencies would need to be manually altered and rebuilt.

The scl-utils package therefore provides two ways of inter-SCL dependencies using macros. Note that both of them are in fact functions, so they need to be invoked without the curly braces to work properly:

  • %scl_require foo macro is used to depend on the whole SCL. This is used if you want to use a functionality of an SCL, no matter what packages that SCL will install along the way. For example, the rails323 SCL contains the whole Ruby on Rails stack in version 3.2.3. If packaging an SCL that requires the whole Rails stack, you can simply use %{?scl:Requires: %scl_require rails323}.
  • %scl_require_package foo pkg provides the ability to depend on a specific package from another SCL. For example, if your package needs rubygem-minitest package from rails323 SCL, you can simply use %{?scl:BuildRequires: %scl_require_package rails323 rubygem-minitest}. Installing the whole Rails stack in this case would be useless (and since rubygem-minitest is only a build dependency, it's not drawn in by default).

You can specify versioned Requires like this: %{?scl:BuildRequires: %{scl_require_package rails323 rubygem-minitest} = 1.0.0}

Note that both of these macros abstract from the way that %{?scl_prefix} expands. Therefore, if any changes were made, a simple rebuild with new versions of SCL utils would be sufficient.

When specifying inter-SCL dependencies, these macros must be used.

Inside RPM Scripts

It is not possible to describe the general process of rewriting %prep, %build, %install, %check and the %pre* and %post* scripts. There are however some general rules:

  • Substitute all occurencies of %name for %pkg_name. Most importantly, the %setup macro will need the -n argument for SCL builds (thanks to %pkg_name, we can use the same for non-SCL builds). Due to this, the %setup macro must always be used:
-%setup
+%setup -n %{pkg_name}-%{version}
  • If using a %_root_* macro to point to the original filesystem, you must conditionalize it, so that the package can be rebuilt for non-SCL use:
-mkdir -p %{_sysconfdir}
+mkdir -p %{?scl:%_root_sysconfdir}%{?!scl:%_sysconfdir}
  • If building SCL packages that depend on other SCL packages, you might need the scl enable functionality to link properly/run proper binaries, etc. It is not generally possible to say where this will be needed, but an example might be compiling against an SCL library or running an interpreted script with the interpreter in SCL:
+%{?scl:scl enable %scl - << \EOF}
 ruby foo.rb
 RUBYOPT="-Ilib" ruby bar.rb
 # more stuff
+%{?scl:EOF}
  • All hardcoded paths (such as /usr/share) must be replaced with proper macros (%{_datadir} in this case).

Files

The files section is usually OK as it is. The only adjustments needed are for the names of subpackages (see Subpackages) and possible of some path macros with their %_root_* alternatives (this is determined by what you do in the scripts, see Inside RPM Scripts.


Dealing With Automatic Provides/Requires and Filtering

RPM has some automatic Provides/Requires searching capabilities as well as filtering capabilities. For example all Python libraries have an automatically added Requires: python(abi) = (version) (and in SCL, the proper way to have this is Requires: %{?scl_prefix}python(abi) = (version)). The scripts that search for these dependencies must sometimes be rewritten for SCL, as the original RPM ones are not extensible enough (and in some cases, filtering is not usable). This is the example of rewriting Python provides and requires (the following lines can be placed into the macros.%{scl}-config):

%__python_provides /usr/lib/rpm/pythondeps-scl.sh --provides %{_scl_root} %{scl_prefix}
%__python_requires /usr/lib/rpm/pythondeps-scl.sh --requires %{_scl_root} %{scl_prefix}

The pythondeps-scl.sh is a file created from pythondeps.sh by adjusting some search paths.

If there are some Provides/Requires, that you need to alter (for example pkg_config provides), there are two ways to do it.

  • Either with the following lines in macros.%{scl}-config (this will then apply to all packages built in the SCL):
%_use_internal_dependency_generator 0
%__deploop() while read FILE; do /usr/lib/rpm/rpmdeps -%{1} ${FILE}; done | /bin/sort -u
%__find_provides /bin/sh -c "%{?__filter_prov_cmd} %{__deploop P} %{?__filter_from_prov}"
%__find_requires /bin/sh -c "%{?__filter_req_cmd}  %{__deploop R} %{?__filter_from_req}"

# Handle pkgconfig virtual [provides/requires].
%__filter_from_req | %{__sed} -e 's|pkgconfig|%{?scl_prefix}pkgconfig|g'
%__filter_from_prov | %{__sed} -e 's|pkgconfig|%{?scl_prefix}pkgconfig|g'
  • Or in every single specfile that you want to filter Provides/Requires in, place following lines after tag definitions:
%{?scl:%filter_from_provides s|pkgconfig|%{?scl_prefix}pkgconfig|g}
%{?scl:%filter_from_requires s|pkgconfig|%{?scl_prefix}pkgconfig|g}
%{?scl:%filter_setup}
Filter your dependencies carefully
When using filters, you should consider carefully what automatic dependencies you actually want to change. For example, if the original package Requires: pkgconfig(foo) and Requires: pkgconfig(bar), and only foo is in the SCL, you don't want to filter the Requires for bar.

Filters don't work in EL-6, because rpm is using different filter mechanism, as mentioned in RHBZ#1001674. Consult EPEL:Packaging_Autoprovides_and_Requires_Filtering if you need to do dependency filtering in EPEL.

Dealing With Macro Files

Sometimes the package ships with macro files, that go into /etc/rpm (in SCL terms, they go into %{?scl:%{_root_sysconfdir}}%{!?scl:%{_sysconfdir}}). This is fine, if two conditions are met:

  • The macro files must be renamed by appending .%{scl} to their name, so that they don't conflict with system files.
  • The defined macros must be present in a form, that doesn't break any macros from non-SCL packages (with exception of macros from %{scl}-build subpackage, as mentioned below).

The second rule means, that macros in macro files must be unexpanded or be properly conditionalized. This is fine:

# the %gem_docdir macro depends on a macro that may be redefined by a collection and thus is ok
%gem_docdir %{gem_dir}/docs

# the %python2_sitelib macro evaluates depending on whether we build for collection or not and thus is ok
%python2_sitelib %(%{?scl:scl enable %scl '}%{__python2} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())"%{?scl:'})

and this is not fine:

# the %gem_dir macro hardcodes collection path and thus would break non-SCL builds, which is not ok
%gem_dir /opt/fedora/ruby193/root/usr/share/gems

# the %python2_sitelib macro would run "scl enable" everytime, so if the collection would redefine %__python2, this would not work for non-SCL builds
%python2_sitelib %(scl enable %scl '%{__python2} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())"')

Macros and Depending Collections

Now consider a situation where you need to create collection mypython that depends on python26 collection that defines macro %{__python2} in a way shown above. The macro will evaluate to /opt/<provider>/mycollection/root/usr/bin/python2, but the python2 binary is not in your collection, but in python26 - this means nothing can be built in depending collection now. When you need to follow this use-case, here is what you need to do:

  • In macros.python.python26 (part of python26-python-devel), define
%__python26_python2 /opt/<provider>/python26/root/usr/bin/python2
  • And in macros file in python26-build and any depending collection's %{scl}-build use:
%scl_package_override() {%global __python2 %__python26_python2}

This will redefine the %{__python2} macro only if such %{scl}-build package is present (which usually means that you want to build for the collection and don't mind breaking the macro for local non-SCL builds).

Macro %scl_package_override
This macro function is called at the end of %scl_package function. It is not defined in scl-utils-build, it is rather left to be defined by SCL packagers in %{scl}-build, so that they can override arbitrary macros only during collection package build. Due to the fact that %scl_package is always called from specfile, macros (re)defined by this function effectively override any macro defined in RPM macro files.

Dealing With Shebangs

Shebangs have two important aspects: they are processed by the automatic dependency processor and they point to a certain (possibly non-SCL location).

As one of its functions, the automatic dependency processor goes through the shebangs. And adds dependencies according to the binaries they point to. From the SCL point of view, there two types of shebangs:

  • /usr/bin/env foo
    • 'auto-dependency generation' point of view: The resulting package will depend on /usr/bin/env, which is not a problem.
    • 'pointing to non-SCL location' point of view: If the $PATH is redefined properly in the enable scriptlet, the foo binary is found in the SCL hierarchy, so not a problem either.
    • But you generally should avoid this. Packages that belong into collection should make sure that they invoke collection binaries, so they should hardcore full path to them in shebangs.
  • /usr/bin/foo
    • 'auto-dependency generation' point of view: The resulting package will depend on /usr/bin/foo (part of non-SCL package), but we may have wanted to depend on %{?_scl_root}/usr/bin/foo when building for SCL.
    • 'pointing to non-SCL location' point of view: The $PATH redefinition has no effect, the /usr/bin/foo binary is still used (which is probably not what was intended).
    • If you have some shebangs like this in the specfile and the should point to SCL locations when built for SCLs, you can use similar command to adapt them:
find %{buildroot} -type f | \
  xargs sed -i -e '1 s"^#!/usr/bin/foo"#!%{?_scl_root}/usr/bin/foo"'

Building Packages

The converted packages should be buildable both in SCL and non-SCL buildroots. This means, that after correct conversion of the specfile, build in non-SCL buildroot will produce standard system RPMs and build in buildroot containing %{scl}-build will produce SCL packages.

Before building in mock, you will want to create SRPMs. The process here is standard - if the SCL macroes are properly conditionalized, everything will work even without the SCL metapackage and scl-utils-build installed locally. However, for the build of the metapackage itself, you will need scl-utils-build, otherwise rpmbuild will be unable to parse the macros inside it.

For testing the SCL builds in mock (you will get the same environment in BREW), you have to create a standard config file with few adjustments (let's say that you are building SCL named ruby193):

  • Use 'install @build scl-utils-build ruby193-build' for config_opts['chroot_setup_cmd'].
  • Add a local repo with your builds of the SCL packages to the mock config file:
[ruby193]
name=ruby193
enabled=1
baseurl=file:///home/bkabrda/ruby193/repo
cost=0
metadata_expire=0

Testing non-SCL builds is done in normal mock configurations (obviously :) ).