ToDo for jenkins.debian.net =========================== :Author: Holger Levsen :Authorinitials: holger :EMail: holger@layer-acht.org :Status: working, in progress :lang: en :Doctype: article :Licence: GPLv2 == About jenkins.debian.net See link:https://jenkins.debian.net/userContent/about.html["about jenkins.debian.net"] for a general description of the setup. Below is the current TODO list, which is long and probably incomplete too. The links:https://jenkins.debian.net/userContent/contributing.html[the preferred form of contributions] are patches via pull requests. == Fix user submitted bugs * There are link:https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=jenkins;users=qa.debian.org%40packages.debian.org["bugs filed against the pseudopackage 'qa.debian.org' with usertag 'jenkins'"] in the BTS which would be nice to be fixed soon, as some people actually care. == General ToDo * replace amd64 in scripts with $HOSTARCH * put kgb-client.conf in git and sed passwords from filesystem into it... * set up a dedicated mailinglist, or maybe even two, one for discussion and one for commits. * move this setup to jenkins.d.o ** needs replacement of all chroot jobs with schroot * build packages using jenkins-debian-glue and not my hacks * move /srv/jenkins.debian.net-scm-sync.git somewhere public? * *backup*: ** '/var/lib/jenkins/jobs' (the results - the configs are in .git) ** '/var/lib/munin' ** '/var/log' ** '/root/' (contains etckeeper.git) ** '/var/lib/jenkins/reproducible.db' (is backed up manually) ** '/srv/jenkins.debian.net-scm-sync.git' (is backed up manually) ** '/var/lib/jenkins/plugins/*.jpi' (can be derived from jdn-scm-sync.git) === To be done once jenkins.d.n runs jessie * replace with bin/setsid.py workaround with setsid from the util-linux package from jessie * etc/pbuilderrc: remove /run/shm bindmount once we are running jessie - this is a workaround for #700591 * bin/g-i-installation: use lvcreate without --virtualsize * check if the sudo workaround in bin/g-i-installation is still needed: 'guestmount -o uid=$(id -u) -o gid=$(id -g)' would be nicer, but it doesnt work: as root, the files seem to belong to jenkins, but as jenkins they cannot be accessed. === To be done once bugs are fixed * bin/d-i_build.sh includes a workaround for #767260 (console-setup doesn't support parallel build) * etc/munin/plugins/munin_stats includes the proposed fix for #767032 * etc/munin/plugins/cpu includes work in progress for #767100 * etc/munin/plugins/iostat_ios includes work in progress for #767018 === jenkins-job-builder related * use jessie version plus my patches from kali * change of syntax: ---- properties: - priority-sorter: priority: 150 ---- * this seems to be helpful: http://en.wikipedia.org/wiki/YAML#References (pyyaml which jenkins-job-builder uses supports them) * cleanup my patches (eg add documentation) and send pull requests on github: ** publisher:logparse ** publisher:htmlpublisher ** svn:scm ** wrappers:live-screenshot === livescreenshot plugin * publish forked livescreenshot plugin and send pull request for my bugfix == lvc, work in progress, just started * put this on debian isos too: config/chroot_local-includes/lib/live/config/9999-autotest * re-read the docs! ** http://live.debian.net/manual/stable/html/live-manual.en.html#321 * generate feature files from templates? to cope with sub-products? -> no. detect desktop type and set variables accordingly -> simpler: pass an environment variable with the type * get iso * tables for looping through features: see tails/iuk.git/features/download_target_file/Download_Target_File.feature * to debug cucumber: --verbose --backtrace --expand * drop / remove * can probably go: dhcp.rb firewall_leaks.rb dhcp.feature firewall_leaks.feature * more occurances of "the computer boots Tails" * @source (only keep product tests) * disabled stuff in common_steps.rb ** #if @vm.execute("service tor status").success? * "I set sudo password" not needed for debianlive nor debian(edu): ** #@screen.wait("TailsGreeterAdminPassword.png", 20) * $misc_files_dir needed? * def sort_isos_by_creation_date Dir.glob("#{Dir.pwd}/*.iso").sort_by {|f| tails_iso_creation_date(f)} -> useless for us, purpose is to automatically select the latest iso if none is given * search case-in-sensitive for tails+tor+amnesia * put in update_jdn.sh: ---- addgroup tcpdump dpkg-statoverride --update --add root tcpdump 754 /usr/sbin/tcpdump setcap CAP_NET_RAW+eip /usr/sbin/tcpdump adduser $USER tcpdump adduser $USER libvirt adduser $USER libvirt-qemu ---- == Improve existing tests === reproducible * new job+page: "packages different from sid in our toolchain", not sure yet where to link that... * run debbindiff against .changes files in current directory, instead of $LONGPATHES (due to #764459) * reproducible: dont delete userContent/$pkg on build begin.. * pkg sets related: ** new package set: kde/plasma ** here is a weekly updated list of the transitively build-essential source packages in Sid: http://bootstrap.debian.net/source/stats_min.json *** curl http://bootstrap.debian.net/source/stats_min.json | sed -s "s#,#\n#g" |grep src:|cut -d ":" -f2|tr -d \" | sort -u ** for all pkg sets: only display FTBR+FTBFS and reproducible packages with notes by default, provide a way to show them all... ** replace bin/reproducible_installed_on_debian.org with a proper data provider from DSA * db schema 2.0 ** add support for suites, we soon want to test jessie,stretch,sid,experimental ** add support for archs, one day we'll want to rebuild all the packages on all the archs too! ** extra table to record build times (forever, so we get relevant data) ** cleanup some field names (which?!?) ** add boolean field to sources_scheduled: temporarily_publish_results, so we can manually schedule packages, which provide the binary packages somewhere for inspection ** move "untested" field in stats table too? (as in csv output...) * missing tests: variation in kernel and date ** http://www.bstern.org/libuname/ - add "-ldl" to the linker flags... ** lunar suggests to use qemu with -r and -cpu and -rtc flags ** https://wiki.debian.org/qemubuilder - part of cowdancer < Lunar^> I would rather say we do not do full uname and CPU variation that use an unreliable LD_PRELOAD < Lunar^> because as soon as the package unset or reset the variable it won't be there anymore * | h01ger nods. its also ok to leave some variations for when we go "for real" (aka rebuilds in the field) | Lunar^: if that happens. if that doesnt we still get some more variations | so i'd say such an LD_PRELOAD would be useful, even though it wouldnt be complete | but we will find more problems "before going into the fields" * | h01ger guesstimates that we would go from 300-600 builds per day to 100-200 with qemubuilder | but those qemubuilders would only get 4 or 8gb ram... maybe 6. and that will have a huge impact * misc ** turn job-cfg/g-i.yaml into .yaml.py ** meld bin/reproducible_setup_schroot.sh into bin/schroot-create.sh and alias the former to the latter ** "fork" etc/schroot/default into etc/schroot/reproducible ** include no js header in the css ** use one css for all, not two minimally different ones ** graph oldest build age - in days === qa.debian.org* * turn off notifications on unstable results for udd-versionskew * turn off notifications on unstable results for orphaned-without-a-bug * turn udd-versionskew packages names into tracker.d.o links and provide version numbers in output too === d-i_manual* * svn:trunk/manual/po triggers the full build, should trigger language specific builds. * svn:trunk/manual is all thats needed, not whole svn:trunk === d-i_build* * run scripts/digress/ ? * bubulle wrote: "Another interesting target would be d-i builds *including non uploaded packages* (something like "d-i from git repositories" images). That would in some way require to create a quite specific image, with all udebs (while netboot only has udebs needed before one gets a working network setup). === chroot-installation_* * use schroot for chroot-installation, stop using plain chroot everywhere * split etc/schroot/default * inform debian-devel@l.d.o or -qa@? * warn about transitional packages installed (on non-upgrades only) * install all the tasks "instead", thats rather easy nowadays as all task packages are called "task*". ** make sure this includes blends === g-i-installation_* Development of these tests has stopped. In future the 'lvc*' tests should replace them. These small changes are probably still worth doing anyway: * g-i: replace '--' with '---' as param delimiter. see #776763 / 5df5b95908 in d-e-c * download .isos once in central place * g-i_presentation: use preseeding files on jenkins.d.n and not hands.com The following ideas should really only be implemented for the new 'lvc*' tests.... (but are kept here for now) * pick LANG from predefined list at random - if last build was not successful or unstable fall back to English ** these jobs would not need to do an install, just booting them in rescue mode is probably enough * for edu mainservers running as servers for workstations etc: "d-i partman-auto/choose_recipe select atomic" to be able to use smaller disk images ** same usecase: -monitor none -nographic -serial stdio == Further ideas... === Test them all * build packages from all team repos on alioth with jenkins-debian-glue on team request (eg, via a .txt file in a git.repo) for specific branches (which shall also be automated, eg. to be able to only have squeeze+sid branches build, but not all other branches.) == Debian Packaging related This setup should come as a Debian source package... * /usr/sbin/jenkins.debian.net-setup needs to be written * what update-j.d.n.sh does, needs to be put elsewhere... * debian/copyright is incorrect about some licenses: ** the profitbricks+debian+jenkins logos ** the preseeding files ** ./feature/ is gpl3 // vim: set filetype=asciidoc: