Package Update Guide

At the time you submit the update, you will be asked for several attributes. The type of the update should be fairly self-explanatory: Either it fixes bugs, adds new features, or is a new package.

If you are asked whether you want to send the update to updates-testing or stable, this is a no-op: all updates now go through updates-testing. It does not matter what you choose.

There are several schools of thought on filling out the update description. Some would suggest you consider the target audience: for a stable release, in particular, many Fedora users will see this text, and many of them may not be particularly familiar with your package. Consider not simply describing literally the changes in the update, but explaining as if to an outsider why your are updating the package, what benefits it will bring to them (if any), and anything they may want to note in order to have a smooth update experience.

If you associate one or more bug reports with your update, Bodhi will post comments into Bugzilla to alert those following the bug reports that an update is available. If you mark your update as fixing the bug(s), Bodhi will move the report(s) through the MODIFIED, ON_QA and CLOSED ERRATA states of the bug workflow as your update reaches various points in the process. Using this mechanism can be very useful both for you and for users of your package.

You may set thresholds for automatic push to stable based on positive feedback (karma) and/or time spent in updates-testing. If your update’s total karma (items of positive feedback minus items of negative feedback) reaches the karma threshold, it will be pushed stable automatically. If your update reaches the threshold for time in updates-testing without the builds changing or the total karma going so low it is unpushed, it will be pushed stable automatically.

There are defaults for these thresholds which vary at different points in the release process.

If you choose to use the karma auto-push threshold, please carefully consider an appropriate feedback level. For a relatively obscure package which is quite stable, 1 or 2 may be an appropriate value. For a popular, sensitive and complex package such as firefox or kernel, the default may be insufficient and a choice of 5 or even 10 may be appropriate.

Fedora has the concept of using side tags for these situations, which means the builds are done "on the side" and do not affect packages out of the side tag, nor are they available for installing until the side tag is merged. Updates are never automatically created for side tag builds. Using a side tag is the best and recommended way to do multi-package updates.

Packagers can create side tags on their own, allowing them to build disruptive components in isolation and submit the builds in a side tag as one update in Bodhi, to be tested and subsequently merged into the main distribution.

Side tags are cleaned up 30 days after creation, or 14 days if they have not been used at all. Make sure and use your side tag before then.

You can also create an update with multiple packages directly in Bodhi, either with the Bodhi web application, or with the bodhi command line tool. This is usually a worse method than using a side tag, because managing the build root is more difficult and will affect packages outside of the group. It may be appropriate if the packages logically belong together as an update, but do not have any build-time interdependencies. You cannot use this method for Rawhide or early Branched updates, because of the automatic update creation system.

You can pass multiple package names to bodhi updates new command to create a new multi-package update, or use bodhi updates edit to edit an existing update.

It is possible you will run into problems with permissions when you are not the maintainer of the package you are trying to add to an update, or when you are trying to add packages to an update created by somebody else. If you encounter a situation like this, you should contact the release engineering team or a proven packager for help.

Fedora’s automated testing systems, including Fedora CI, openQA, and Fedora CoreOS CI, may run automated tests on your update.

In the Bodhi web interface, updates have an Automated Tests tab which displays the results of all automated tests. Tests with an asterisk (star) at the left-hand side of the row are "gating" tests. These are the tests which prevent your update going stable if they fail. If a test does not have an asterisk, it is not gating, and does not affect whether your update can be pushed stable. For updates in the critical path, some gating tests are always present. For updates not in the critical path, there may be gating tests if any package in the update has configured them in its package-level gating configuration. If a failed gating test is waived, the asterisk is replaced with a thumbs-up.

The tests are not all 100% accurate, but they are fairly often correct. Especially failures of openQA tests - those whose name starts with update. - should always be investigated and resolved before an update is pushed stable. If you see a failure, it is a very good idea to click on the result (which will take you to a detailed log) and investigate the issue. If you are unsure what the test indicates, you can contact the relevant team for help. When a test has failed gating, a box is shown with contact details.

The Fedora Quality team proactively investigates failed openQA tests and will usually resolve them or post a comment on the update explaining the problem and suggesting a resolution.

For Rawhide and Branched before updates-testing activation, when an update goes stable it is tagged for inclusion in the next compose. Composes are usually run daily at 05:15 UTC and take several hours. After a compose completes, it takes some more time for it to reach the public mirrors. All users will see your update when they update their systems after a successful compose containing your update has reached the mirrors.

For Branched releases after updates-testing activation, the updates-testing repository is enabled by default so most users will get your update soon after it is pushed there, but only packages that have been pushed to stable are used in building composes (both nightlies and the Beta and Final candidates and releases). The updates-testing repository is regenerated daily.

When a release is in stable state, the updates-testing repository is disabled by default, but Quality team members and others run with it enabled in order to provide testing and Bodhi feedback. The main user population will see your update only when it passes Bodhi, is marked as stable and reaches the updates repository. Both updates-testing and updates repositories are regenerated daily.

Where a package goes when it is marked as stable differs between Branched and stable releases. In Branched releases, stable packages are pushed to the base fedora repository. In stable releases, stable packages are pushed to the updates repository. However, from the point of view of the packager, this is an insignificant implementation detail. For more details, see Repositories.

For a short period before each milestone release, the stable fedora repository is frozen. These periods are shown as Milestone freezes (Post-branch Freeze, Beta Freeze, Final Freeze) on schedules. During these periods, builds will not be marked stable and pushed from updates-testing to fedora even after being submitted manually or automatically. In the normal course of events, they will be pushed after the milestone release is approved at a Go No Go Meeting. If you believe your update deserves to break a milestone freeze, a freeze exception may be granted through the freeze exception process. Accepted release blocking bugs are granted the same status through the blocker bug process.

For more on the Fedora development process, see Fedora Release Life Cycle.