Re: Standardizing the layout of git packaging repositories

To: debian-devel@lists.debian.org
Subject: Re: Standardizing the layout of git packaging repositories
From: Raphael Hertzog <hertzog@debian.org>
Date: Sat, 16 Aug 2014 10:18:29 +0200
Message-id: <[🔎] 20140816081829.GB13596@x230-buxy.home.ouaza.com>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20140815161051.GA25928@kronk>
References: <[🔎] 20140815141601.GA11454@x230-buxy.home.ouaza.com> <[🔎] 20140815161051.GA25928@kronk>

Hi,

On Fri, 15 Aug 2014, Alessandro Ghedini wrote:
> Additionally, using the <vendor>/<version> scheme would allow for very simple
> enumeration of debian vs. ubuntu vs. other with something like "git tag | grep
> ^<vendor>/" without the need to actually parse debian/changelog or the specific
> version of the tag (dunno if this would actually be useful for anything, but
> it's a possibiliy).

Right, it also means we can more safely differentiate uploads from each
vendors in the case where we want to act on those... for example if a
signed git tag could trigger a server-side build & upload.

So I agree with the various commenters that pkg/<version> was a bad idea
and that we should use the vendor prefix for uploads too.

> Also, does every downstream distribution actually embed the distribution name
> in the upload version or is it just ubuntu? Do they use the same scheme? Would
> it be ok for this policy to "depend" on this?

We do this for Kali Linux too but there are always cases where some
contributors forget about the suffix (in particular when we package stuff
not yet in Debian, or new upstream releases of packages that lag behind in
Debian).

> > - where should the HEAD point to in the public repository?
> 
> Not sure what you mean by this.

This is the default branch that you get when you do "git clone" without
specifiying "-b something". It's usually master but one can update it to
point somewhere else.

> > - the above layout is for the traditional case of non-native packages,
> >   what would be the layout for native packages? how can be differentiate
> >   between native/non-native layout?
> 
> I've never maintained a native package so I don't really know what are the
> common practices, but AFAICT the only difference would be missing "upstream/..."
> tags. Would that be enough for differentiating them?

Well native = debian is the upstream. So there is no upstream tags created
by Debian but there might be such tags created by downstreams distros that
use the Debian tarballs as upstream tarballs (although I have never seen
this in practice).

Possibly the best way to notice debian is the upstream is to detect the
lack of debian/master branch (i.e. we use directly master which is usually
for the upstream developers).

> > - are there other important things to standardize?
> 
> GPG signatures for tags? Although, I'm not sure if mandating signing tags would
> be a good idea.

We can certainly recommend it but I don't see the point to mandate it.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Discover the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/

Reply to:

Follow-Ups:
- Re: Standardizing the layout of git packaging repositories
  - From: Guido Günther <agx@sigxcpu.org>
- Re: Standardizing the layout of git packaging repositories
  - From: Thomas Goirand <zigo@debian.org>

References:
- Standardizing the layout of git packaging repositories
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: Standardizing the layout of git packaging repositories
  - From: Alessandro Ghedini <ghedo@debian.org>

Prev by Date: Re: Python 3.4
Next by Date: Re: Standardizing the layout of git packaging repositories
Previous by thread: Re: Standardizing the layout of git packaging repositories
Next by thread: Re: Standardizing the layout of git packaging repositories
Index(es):
- Date
- Thread