[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Testing CD images (was Re: ITP seahorse)

On Wed, May 24, 2000 at 02:15:25PM +0200, J.A. Bezemer wrote:
> [Sorry, forgot to change Subj in my previous mail. Please do so in replies]
> > On 2000-05-23 at 15:00 -0400, Ben Collins wrote:
> > 
> > > I think more importantly we need criteria for what "Official" images are
> > > when we release. The last run for test cycle 1 is a joke. They were
> > > obviously not checked or tested, and we potentially have vendors out there
> > > getting ready to use them, not to mention users who take up some valuable
> > > b/w and gold platters.
> Remember this are only _testing_ images, as Mike said. If we should've gone
> though all kinds of pre-release testing procedures etc., there wouldn't have
> been any CD images at all for the first test cycle.

BS, we've been waiting for these images for over a week, and the first
test cycle is already done, and the next one starting. So right now they
are even worth anything anyway.

It takes a trivial amount of time to simply look at the build log and
mount each cd image via loopback and do a ls -lR to make sure the image
can be read. In fact, it can probably be automated. Heck, even just
looking at the stuff would have caught the m68k problem. I caught that the
first time I tried a full build for all archs just 4 days ago.

> > > 
> > > I think images need to have detached sigs in order to be considered
> > > official. Signed by the DPL, or Release Manager, either one should do. Can
> > > we get some sort of *QUICK* and *OFFICIAL* consensus on this?
> The (really) official Slink images have md5sums signed by Phil Hands, who
> produced them; that'll be done for Potato too. You can't expect DPL or RM sigs
> because they simply didn't make them and can't check them all (name one person
> who has i386, alpha, sparc, m68k, powerpc AND arm machines, and tests all CDs
> on the appropriate $ARCHes). 

This is the first time we have done test cycles. I think the test cycles
images should be considered "official" in the sense that they are produced
and used for this testing cycle. So they should be signed by a Debian
developer for the test cycle. Everything else that Debian distributes is
trusted because it is signed. Trusted that it is not from some place else
and that it has gone through some degree of checks (in the case of
packages, it must bypass dinstall). I don't see why CD's are any

> > For the test cycles, it makes no sense that vendors should commit to
> > something which has a two-week life.  They are "official" only in the
> > sense that they are identical for all testers so testing is useful.
> > 
> > If the test images are a joke, then obviously they will not become the
> > release.  Presumably, exactly what gets tested will be what gets released
> > at the conclusion of a successful test cycle?
> Not exactly, but sufficiently close. All testing images are labeled as such
> (the volume label, .disk/info and the README.{txt,html}). Once it is approved
> as "official", we'll have to rebuild the images with just those indications
> changed to "Official". Anything else on those CDs should remain the same.

IMO, the official images should be built by a Debian person anyway. That
way it can be signed and trusted. Nothing personal against you. As far as
test images, they should atleast be signed and verified by a Debian


/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins@debian.org  --  bcollins@openldap.org  --  bcollins@linux.com  '

Reply to: