GNU bug report logs - #74542
[PATCH 00/11] Improved tooling for package updates

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Tue, 26 Nov 2024 10:33:01 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Suhail Singh <suhailsingh247 <at> gmail.com>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: Josselin Poiret <dev <at> jpoiret.xyz>, Simon Tournier <zimon.toutoune <at> gmail.com>, Mathieu Othacehe <othacehe <at> gnu.org>, Tobias Geerinckx-Rice <me <at> tobias.gr>, 74542 <at> debbugs.gnu.org, Christopher Baines <guix <at> cbaines.net>
Subject: [bug#74542] [PATCH 00/11] Improved tooling for package updates
Date: Tue, 26 Nov 2024 11:32:12 -0500

Ludovic Courtès <ludo <at> gnu.org> writes:

> The goal is to use this upgrade manifest for a new jobset on ci.guix.
> The idea is that when someone tries to upgrade one of these things,
> chances are it will have been built already.
>
> ...
>
> According to a recent discussion with Nix hackers on Mastodon¹, mere
> substitute availability is not perceived as a key factor in what
> enables them to keep Nixpkgs up-to-date; the primary factor appears
> to be the bot that sends patches updating packages.
>
> Food for thought!
>
> Ludo’.
>
> ¹ https://toot.aquilenet.fr/@civodul/113527656544893427

If the goal is to improve how up-to-date a distro Guix is, then the
below would help.  In no particular order (the numbers are only to
provide named references):

1. Ensure a periodic process (let's say alice-bot) that runs on the CI
   server that submits patches for updates.
2. alice-bot could, in fact, be part of the "new jobset on ci.guix" that
   would be updating the substitutes.  If the substitute building is
   deemed successful it could result in the corresponding upgrade patch
   being submitted.
3. Having a trusted (i.e., trusted by guix authenticate), review bot
   (let's say bob-bot), whose job is to review alice-bot submissions and
   determine whether desirable invariants are being upheld.  If they
   are, bob-bot merges the patch.  If not, it requests human
   intervention.  It would help for bob-bot to add/remove usertags on
   the debbugs issue (and for those state-changes to be visible on
   <https://issues.guix.gnu.org/>) to ensure the attention of human
   reviewers is not wasted.

Having bob-bot be distinct from alice-bot would help keep the process
transparent and reduce bob-bot's code size (thus aiding auditability).
Additionally, it would also allow for bob-bot to be used to provide
automated lint/style checks for patch submissions by people.

The patch series in #74542 provides some necessary tooling to help keep
the distro up-to-date.  However, we still need alice-bot and bob-bot as
described above to get to sufficiency.

--
Suhail
This bug report was last modified 169 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.