You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2004/08/04 23:15:10 UTC

Re: question: role accounts at the ASF? 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Justin Erenkrantz writes:
> --On Wednesday, August 4, 2004 11:52 AM -0700 Justin Mason <jm...@jmason.org> 
> wrote:
> 
> > Is the "release role account" concept used in the ASF at all?
> > What would you all suggest?
> 
> What httpd does is to have a set of roll scripts in httpd-dist.  With the 
> exception of the autoconf and libtool versions, it produces the 'standard' 
> release package.  All of the environmental logic is handled by the script - so 
> as long as you run these script, you should produce equivalent releases. 
> releasecheck.sh enforces particular versions of autoconf and libtool that are 
> known to work - however, this still doesn't resolve the problem of distros 
> custom-patching their libtool - which almost everyone does.  *sigh*  The RM 
> just needs to use the 'vanilla' GNU libtool distribution.  (SA doesn't have 
> that problem, IIRC.)
> 
> See:  <http://cvs.apache.org/viewcvs.cgi/httpd-dist/tools/>

Where do those get run?  on an ASF machine, or on a developer's home
machine, then the resulting tarballs get checked in?

> I will also note that Subversion has gone a little bit farther and is starting 
> to dictate specific package creation utilities to avoid known problems (i.e. 
> pax instead of tar).   But, the philosophy is the same: code all assumptions 
> into the shell script to allow anyone to do a release at any time that is 
> equivalent.

OK -- well, there's one diff between this and what SpamAssassin requires,
which is that SpamAssassin requires a perl interpreter that's up-to-date
enough to run "make".   Due to how Perl's ExtUtils::MakeMaker packaging
code works, that means it has to also include the SpamAssassin required
modules (Digest::SHA1, HTML::Parser, DB_File et al) and be up-to-date
with SpamAssassin's perl requirements (5.6.x or higher).

Right now, minotaur at least doesn't have that; and that's quite a
heavyweight requirement -- in terms of disk space at least.  Getting
all those installed is also pretty heavyweight.

I think we have these options:

  - role account, with those built in ~/buildtools or similar

  - those installed by root in /usr/local/sarel/buildtools or similar,
    so normal users can use them to build the distro

  - those installed by SpamAssassin users in /home/sarel/buildtools or
    similar, so normal users can use them to build the distro
    (/home/sarel being a shared, group-writable dir or similar, that's
    guaranteed to not disappear if a user leaves or so on.)

  - those installed in a location such as ~jm/buildtools, reliant
    on ~jm always being around to build a release.  seems fragile.

  - those compiled, installed into ~/buildtools, and that dir checked into
    SVN as a big honking tarball, and the build instructions changed to
    note that the user needs to tar xvfz that tarball into ~/buildtools.
    seems messy/wasteful!   but OTOH, it does mean that the build
    requirements are versioned.

  - those up on the SpamAssassin website as a big honking tarball, as
    per above.

My preference is the role account FWIW ;)  But I'm not too pushed about
it if we can agree that one of the others works OK.

> So, no, we haven't typically done a role account.  However, if you guys
> really wanted one, we could probably arrange it.  But, on what machine?
> ;-)

I'd guess minotaur seems most appropriate? ;)

- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFBEVHeQTcbUG5Y7woRAhjPAJ43u1q/T0pwwEPJIh4R/37BJLA8dQCfRn6V
4s/c7HNWhutBiKA9WOSHWvw=
=+BXo
-----END PGP SIGNATURE-----