Re: Security updates and batched pushes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 01/09/2018 12:57 PM, Kevin Kofler wrote:
> Kevin Fenzi wrote:
>> You also don't want updates-testing to even exist right?
> 
> That is not true. I want to leave the decision whether and for how long an 
> update needs to be tested to the package maintainer instead of enforcing 
> minimum testing requirements in the software, because the software can never 
> understand the exact context. Removing updates-testing entirely is not what 
> I want! But this is unrelated to the current issue of artificially delaying 
> updates that satisfy all the criteria for being pushed to stable.

Agreed. Thanks for clarifying.

>> To save all the Fedora users in the world from having to update metadata
>> for minor changes. Since there's a hourly dnf makecache every user in
>> the world pulls down new metadata ever time we update a repo.
> 
> So to save people the download, you make a change that totally defeats the 
> point of dnf checking for updates every hour to begin with?

It doesn't do that though. dnf wants the latest metadata so it can let
users use that cache for things like searching for packages or listing
them or the like.
> 
>> If we update a repo for some minor enhancements it means everyone in the
>> world has to pay for that. If we just push all those out every tuesday and
>> don't update those unless there's something urgent we save everyone a
>> lot of bandwith and us computing time/resources.
> 
> This does not work in practice because there are always updates that are not 
> batched.

I... have seen updates pushes that do not take place when I have been
pushing updates, so I assert you are incorrect. True, it doesn't happen
as often as I was hoping, but it does and has happened.
> 
>> There are definitely more days when there are no updates for a
>> particular repo now. Of course there would be even more if you (or those
>> who do likewise) wouldn't skip batched, but probibly we need to explain
>> why more clearly.
> 
> Are there really? The last couple days, there were basically daily pushes 
> with around 2 updates each.

At least one of those cases was me pushing firefox, right after a
f27-updates push just finished, so yeah, it only had 2 updates in it.
> 
> The batching only makes the daily pushes smaller and not empty, which does 
> not help at all for reducing repodata download size, because there are still 
> no repodata deltas implemented.
> 
>> because it would be a ton more infrastructure and resources.
> 
> Really? Bodhi composes (or triggers the compose of, let's please not discuss 
> the technical details down to that level)
...snip...

but the technical details are what matters here. ;) Making another repo,
building drpms, and doing all the compose will take time, disk space and
cpu cycles and slow all other updates pushes down.

Anyhow, I don't want this to be a back and forth between just us, I'd
like to hear some other opinions and proposals and have FESCo decide on
some adjustment ehre.

I agree the current setup is not ideal and personally I'm open to
adjusting/changing it, but I don't know that I think we should just drop
batched entirely. We should come up with something that balances all the
various needs (you want updates as soon as they are tested, I want not
to update metadata on people all the time, etc).

kevin


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux