[Bug 2033294] Review Request: keylime-agent-rust - Rust agent for Keylime

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=2033294



--- Comment #5 from Fabio Valentini <decathorpe@xxxxxxxxx> ---
(In reply to Daiki Ueno from comment #4)

Follow-ups:

> > The preferred format in Fedora seems to be something like
> > 0.1.0~20211216.gitgd5a31912.
> 
> I picked 0.1.0^20211110gd5a3191 as this is a pre-release snapshot.

No, you got this wrong:

- caret "^" makes RPM sort the version *higher*, this is used for post-release
snapshots
- tilde "~" makes RPM sort version *lower*, this is used for pre-releases and
pre-release snapshots

> Updated and added comment how to generate the .crate file from the
> downloaded source.

Why are you generating a .crate file at all? Why not use an archive from GitHub
directly?
That would make it much easier to update the .crate, and not require custom
commands, at least not for Source0.
This should do what you want:

Source0: %{url}/archive/%{commit}/rust-keylime-%{shortcommit}.tar.gz

===

Some new comments:

9. "# RHEL: Use bundled deps as we don't ship all the required rust libraries"

This is misleading. RHEL ships *no* rust libraries at all.

10. Why did you disable %check?

Either enable it or provide justification for disabling it.

11. "once the new tss-esapi crate is available on crates.io, update the
revision to the latest"

What does this mean? Does keylime-rust depend on a snapshot of tss-esapi that's
not been published yet?
You will need to rewrite the "git" dependency for tss-esapi to a version-based
dependency anyway, "git" sources are (obviously) not supported for builds in
Fedora.

12. You need to specify the effective license of keylime-agent-rust.

Right now, you only specify the upstream version (ASL 2.0). But since this
package statically links all its dependencies, you will need to collect all
License strings of all Rust dependencies, and unify those into an effective
license.

I use a script like this one inside the mock chroot to get the list of Rust
package licenses needed for the build:

for i in $(rpm -qa | grep "rust-.*-devel"); do
   rpm -q $i --qf "%{LICENSE}\n";
done | sort | uniq

13. "%license license-header.tpl"

Drop this file. It seems to be a template used for upstream development.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
https://bugzilla.redhat.com/show_bug.cgi?id=2033294
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux