Make the RPMs more rpmlint compliant.

[ajf8]

We have started running our RPM packages through rpmlint, and it flagged up a few issues with the RPMs produced by maven for NCM components.

I guess some discussion will be needed about which ones we actually care about, and how/if to fix them, but I've made a few changes to the build-profile pom.xml which addresses some of them.

Do we even need the libuser dependency? Maybe some RPM needs it, but I doubt it should be a dependency of every RPM built. In any case, RPM packaging guidelines say autodetecting libraries is preferred to explicitly putting them in.

Before:

ncm-ccm.noarch: E: explicit-lib-dependency libuser ncm-ccm.noarch: W: summary-not-capitalized C ncm-ccm ncm-ccm.noarch: W: name-repeated-in-summary C ncm-ccm ncm-ccm.noarch: W: non-standard-group Quattor ncm-ccm.noarch: E: no-changelogname-tag ncm-ccm.noarch: W: invalid-license c ncm-ccm.noarch: W: invalid-license Quattor ncm-ccm.noarch: W: invalid-url URL: http://quattor.org/cfg-modules/ccm/ HTTP Error 404: Not Found ncm-ccm.noarch: E: useless-provides ncm-ccm ncm-ccm.noarch: E: script-without-shebang /usr/lib/perl/NCM/Component/ccm.pm 1 packages and 0 specfiles checked; 4 errors, 6 warnings.

After:

ncm-ccm.noarch: W: non-standard-group Quattor ncm-ccm.noarch: E: no-changelogname-tag ncm-ccm.noarch: E: script-without-shebang /usr/lib/perl/NCM/Component/ccm.pm 1 packages and 0 specfiles checked; 2 errors, 1 warnings.

The script-without-shebang one seems bogus, obviously we don't put that in .pm files, so we'll probably just ignore it.

[gombasg]

The script-without-shebang warning does not necessarily mean the shebang is missing - it can also mean a file was marked as executable by mistake. That is true for ccm.pm in the source code, so it is likely valid in the RPM too (I did not check).

[stdweird]

I'm in favour of getting rid of all explicit dependencies, incl ncm-ncd (which should be picked up by a perl(NCM::Component) requirement. however, the el5 rpms need to be checked carefully (although the el5 ones are built on el6, so it might be ok).

[stdweird]

@ajf8 also can you share the rpmlint script (or commandline to use). we currently test the rpms using https://github.com/quattor/release/blob/master/src/scripts/build_all_repos.sh if the rpmlint step can be integrated, we will be certain that rpms comply.

[ajf8]

You can find rpmlint here: https://github.com/rpm-software-management/rpmlint

It seems to be packaged by Red Hat. It is run against all packages distributed by Red Hat and Fedora. While these checks are great for enforcing consistency across a big distribution, maybe some are not so useful for us and we can disable them.

For example, the RPM group. I don't really see any value in changing this from Quattor.

On the shebang one, should I create a PR which does a sweep of executable permissions on *.pm in configuration-modules-core?

Finally, the changelog error. Not sure this is worth the effort. The changelogs we install into /usr/share/doc seem quite out of date, so I guess we would need to come up with some way of autogenerating useful changelogs first and then feeding them into the maven RPM plugin. Or maybe we just remove the ChangeLog files completely, if they aren't going to be maintained.

[stdweird]

@ajf8 any details how you run this? i opened https://github.com/quattor/release/issues/243 to track this.

wrt exectable bits, sure why not. should be easy to merge in.

wrt the changelog, @jrha creates the releasenotes, maybe we can integrate that as ChangeLog somehow?

[ned21]

re: ChangeLog. ISTR this file is required to exist by pom.xml but given they are never updated, we should just delete them all, or auto-generate them from the commit log.

[stdweird]

@ajf8 wrt the executable bits, it is probably because of the settings in the pom.xml file. All perl modules are added with 755 permission bits, and th eonly reason is that any subdirectories would have the correct bits set.

[ajf8]

You're right, it was because of the pom.xml settings, should be fixed now.

I found we can just set default{Filemode,Dirmode,Groupname,Username} in the top level rpm-build-plugin config and then delete all those settings from the mappings.

http://www.mojohaus.org/rpm-maven-plugin/rpm-mojo.html#defaultFilemode

[stdweird]

nice!

[ajf8]

Regarding running rpmlint, you just run rpmlint rpm_path and check the status code

[jrha]

I'm not sure we can do anything useful with the Changelog other than replacing it with a link to the release notes...

[ned21]

"Discuss at workshop" label added to resolve the future of ChangeLog.

[jrha]

Discussed at 21st workshop: no-one wants the Changelog so we will try to ship nothing or an empty one.

[jrha]

LGTM. @ajf8 can you nuke the Changelog and see if rpmlint complains?

[stdweird]

@ajf8 ping

[stdweird]

@jrha @ned21 i opened https://github.com/ajf8/maven-tools/pull/1 to fix the changelog error. it includes a changelog template. the only remaining warning is the following (but gives exitcode 0)

[stdweird@gastn039a1 CAF (fix_rpmlint *+%)]$ rpmlint /home/stdweird/.git/quattor/CAF/target/rpm/perl-CAF/RPMS/noarch/perl-CAF-*rpm
perl-CAF.noarch: W: non-standard-group Quattor   
1 packages and 0 specfiles checked; 0 errors, 1 warnings. 
[stdweird@gastn039a1 CAF (fix_rpmlint *+%)]$ echo $? 
0  

(if @ajf8 is too busy, i can open a PR to master and that will auto-merge this one upon merge)

[jrha]

@stdweird either is fine by me!

[jrha]

Merged in #81.

[ned21]

Thanks, sorry for radio silence.