ToDo for jenkins.debian.net =========================== :Author: Holger Levsen :Authorinitials: holger :EMail: holger@layer-acht.org :Status: working, in progress :lang: en :Doctype: article :Licence: GPLv2 == About jenkins.debian.net See link:https://jenkins.debian.net/userContent/about.html["about jenkins.debian.net"] for a general description of the setup. Below is the current TODO list, which is long and probably incomplete too. The links:https://jenkins.debian.net/userContent/contributing.html[the preferred form of contributions] are patches via pull requests. == Fix user submitted bugs * There are link:https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=jenkins;users=qa.debian.org%40packages.debian.org["bugs filed against the pseudopackage 'qa.debian.org' with usertag 'jenkins'"] in the BTS which would be nice to be fixed soon, as some people actually care. == General ToDo * rename maintainance jobs into maintenance jobs * replace amd64 in scripts with $HOSTARCH * put kgb-client.conf in git and sed passwords from filesystem into it... * move this setup to jenkins.d.o ** needs replacement of all chroot jobs with schroot * build packages using jenkins-debian-glue and not my hacks * move /srv/jenkins.debian.net-scm-sync.git somewhere public? * *backup*: ** '/var/lib/jenkins/jobs' (the results - the configs are in .git) ** '/var/lib/munin' ** '/var/log' ** '/root/' (contains etckeeper.git) ** '/var/lib/jenkins/reproducible.db' (is backed up manually) ** '/srv/jenkins.debian.net-scm-sync.git' (is backed up manually) ** '/var/lib/jenkins/plugins/*.jpi' (can be derived from jdn-scm-sync.git) === To be done once jenkins.d.n runs jessie * replace with bin/setsid.py workaround with setsid from the util-linux package from jessie * etc/pbuilderrc: remove /run/shm bindmount once we are running jessie - this is a workaround for #700591 * bin/g-i-installation: use lvcreate without --virtualsize * check if the sudo workaround in bin/g-i-installation is still needed: 'guestmount -o uid=$(id -u) -o gid=$(id -g)' would be nicer, but it doesnt work: as root, the files seem to belong to jenkins, but as jenkins they cannot be accessed. * reproducible: let the scheduler use the xz-compressed file instead of the gzip one. This is because of missing lzma module in wheezy's python. === To be done once bugs are fixed * bin/d-i_build.sh includes a workaround for #767260 (console-setup doesn't support parallel build) * etc/munin/plugins/munin_stats includes the proposed fix for #767032 * etc/munin/plugins/cpu includes work in progress for #767100 * etc/munin/plugins/iostat_ios includes work in progress for #767018 === jenkins-job-builder related * use jessie version plus my patches from kali * change of syntax: ---- properties: - priority-sorter: priority: 150 ---- * this seems to be helpful: http://en.wikipedia.org/wiki/YAML#References (pyyaml which jenkins-job-builder uses supports them) * cleanup my patches (eg add documentation) and send pull requests on github: ** publisher:logparse ** publisher:htmlpublisher ** svn:scm ** wrappers:live-screenshot === livescreenshot plugin * publish forked livescreenshot plugin and send pull request for my bugfix == lvc, work in progress, just started * put this on debian isos too: config/chroot_local-includes/lib/live/config/9999-autotest * re-read the docs! ** http://live.debian.net/manual/stable/html/live-manual.en.html#321 * generate feature files from templates? to cope with sub-products? -> no. detect desktop type and set variables accordingly -> simpler: pass an environment variable with the type * get iso * tables for looping through features: see tails/iuk.git/features/download_target_file/Download_Target_File.feature * to debug cucumber: --verbose --backtrace --expand * drop / remove * can probably go: dhcp.rb firewall_leaks.rb dhcp.feature firewall_leaks.feature * more occurances of "the computer boots Tails" * @source (only keep product tests) * disabled stuff in common_steps.rb ** #if @vm.execute("service tor status").success? * "I set sudo password" not needed for debianlive nor debian(edu): ** #@screen.wait("TailsGreeterAdminPassword.png", 20) * $misc_files_dir needed? * def sort_isos_by_creation_date Dir.glob("#{Dir.pwd}/*.iso").sort_by {|f| tails_iso_creation_date(f)} -> useless for us, purpose is to automatically select the latest iso if none is given * search case-in-sensitive for tails+tor+amnesia * put in update_jdn.sh: ---- addgroup tcpdump dpkg-statoverride --update --add root tcpdump 754 /usr/sbin/tcpdump setcap CAP_NET_RAW+eip /usr/sbin/tcpdump adduser $USER tcpdump adduser $USER libvirt adduser $USER libvirt-qemu ---- == Improve existing tests === reproducible * misc ** reproducible: dont delete userContent/$pkg on build begin.. ** move all content into /var/lib/userContent/reproducible/ ** more graphs: graph average build duration by day ** show package status (briefly) on https://reproducible.debian.net/issues/*html ** turn job-cfg/g-i.yaml into .yaml.py ** meld bin/reproducible_setup_schroot.sh into bin/schroot-create.sh and alias the former to the latter ** "fork" etc/schroot/default into etc/schroot/reproducible ** include no js header in the css ** use one css for all, not two minimally different ones ** restore the "find packages which have been removed from sid" part of reproducible_maintainance.sh ** re-enable the IRC notification for status changes, once the Pod::Man issue with timezone is fixed * pkg sets related: ** new package set: kde/plasma ** here is a weekly updated list of the transitively build-essential source packages in Sid: http://bootstrap.debian.net/source/stats_min.json *** curl http://bootstrap.debian.net/source/stats_min.json | sed -s "s#,#\n#g" |grep src:|cut -d ":" -f2|tr -d \" | sort -u ** for all pkg sets: only display FTBR+FTBFS and reproducible packages with notes by default, provide a way to show them all... *** actually those links to packages are broken atm... ** replace bin/reproducible_installed_on_debian.org with a proper data provider from DSA * db schema 2.0 ** add support for the save_artifacts field in the schedule table, so we can manually schedule packages, which provide the binary packages somewhere for inspection ** move "untested" field in stats table too? (as in csv output...) * missing tests: variation in kernel and date ** http://www.bstern.org/libuname/ - add "-ldl" to the linker flags... ** lunar suggests to use qemu with -r and -cpu and -rtc flags ** https://wiki.debian.org/qemubuilder - part of cowdancer < Lunar^> I would rather say we do not do full uname and CPU variation that use an unreliable LD_PRELOAD < Lunar^> because as soon as the package unset or reset the variable it won't be there anymore * | h01ger nods. its also ok to leave some variations for when we go "for real" (aka rebuilds in the field) | Lunar^: if that happens. if that doesnt we still get some more variations | so i'd say such an LD_PRELOAD would be useful, even though it wouldnt be complete | but we will find more problems "before going into the fields" * | h01ger guesstimates that we would go from 300-600 builds per day to 100-200 with qemubuilder | but those qemubuilders would only get 4 or 8gb ram... maybe 6. and that will have a huge impact * enable people to upload test packages, to be built in jenkins: h01ger: another wild future request by me: allowing us to upload something and let jenkins test it. rationale: I sent (another) patch for debian-keyring, to fix a timestamp issue in debian control files (due to not_using_dh-builddeb), but there is also a umask issue. I don't want to bother me to setup the very same things jenkins tests locally (I already did too much in this regards, imho), but really people can't tests everything jenkins tests. mapreri: please add the feature request to the todo. i'm thinking now that it maybe should just be a jenkins job not integrated into the rp.d.n webui, but... maybe we find a nice way to do it h01ger: I'm instead thinking about a repo defining a reproducible-specific suite or something on that line, that integrates well with the current setup. but this is really something wild. well, and everybody in debian-keyring from sid can uplood? :) that would be wonderful. === qa.debian.org* * turn off notifications on unstable results for udd-versionskew * turn off notifications on unstable results for orphaned-without-a-bug * turn udd-versionskew packages names into tracker.d.o links and provide version numbers in output too === d-i_manual* * svn:trunk/manual/po triggers the full build, should trigger language specific builds. * svn:trunk/manual is all thats needed, not whole svn:trunk === d-i_build* * run scripts/digress/ ? * bubulle wrote: "Another interesting target would be d-i builds *including non uploaded packages* (something like "d-i from git repositories" images). That would in some way require to create a quite specific image, with all udebs (while netboot only has udebs needed before one gets a working network setup). === chroot-installation_* * use schroot for chroot-installation, stop using plain chroot everywhere * split etc/schroot/default * inform debian-devel@l.d.o or -qa@? * warn about transitional packages installed (on non-upgrades only) * install all the tasks "instead", thats rather easy nowadays as all task packages are called "task*". ** make sure this includes blends === g-i-installation_* Development of these tests has stopped. In future the 'lvc*' tests should replace them. These small changes are probably still worth doing anyway: * g-i: replace '--' with '---' as param delimiter. see #776763 / 5df5b95908 in d-e-c * download .isos once in central place * g-i_presentation: use preseeding files on jenkins.d.n and not hands.com The following ideas should really only be implemented for the new 'lvc*' tests.... (but are kept here for now) * pick LANG from predefined list at random - if last build was not successful or unstable fall back to English ** these jobs would not need to do an install, just booting them in rescue mode is probably enough * for edu mainservers running as servers for workstations etc: "d-i partman-auto/choose_recipe select atomic" to be able to use smaller disk images ** same usecase: -monitor none -nographic -serial stdio == Further ideas... === Test them all * build packages from all team repos on alioth with jenkins-debian-glue on team request (eg, via a .txt file in a git.repo) for specific branches (which shall also be automated, eg. to be able to only have squeeze+sid branches build, but not all other branches.) == Debian Packaging related This setup should come as a Debian source package... * /usr/sbin/jenkins.debian.net-setup needs to be written * what update-j.d.n.sh does, needs to be put elsewhere... * debian/copyright is incorrect about some licenses: ** the profitbricks+debian+jenkins logos ** the preseeding files ** ./feature/ is gpl3 // vim: set filetype=asciidoc: