Re: [Popcon-developers] popularity-repository on salsa

To: debian-popcon@lists.debian.org
Subject: Re: [Popcon-developers] popularity-repository on salsa
From: Paul Wise <pabs@debian.org>
Date: Thu, 15 Feb 2018 08:00:06 +0800
Message-id: <[🔎] 1518652806.27241.39.camel@debian.org>
In-reply-to: <[🔎] 20180214170139.GA5805@yellowpig>
References: <20171226215857.GC4803@yellowpig> <108931514326182@web46j.yandex.ru> <20180127193925.GD7666@yellowpig> <483021517089437@web12o.yandex.ru> <20180209155542.GC19646@yellowpig> <CAKTje6Gg+vnY_KL_0k-m0x6Tm43oXJbN20UwpEiQ5S6En7D3Gw@mail.gmail.com> <[🔎] 20180214170139.GA5805@yellowpig>

On Wed, 2018-02-14 at 18:01 +0100, Bill Allombert wrote:

> The automatically generated tarballs do not include files generated by
> autotools and similar, that the real source tarballs include. Also they
> are not GPG-signed. All in all, they are useless.

The autotools files can be generated by people building the code, you
could also ship an extra tarball containing just the autotools files,
but I would lean towards requiring folks to run autoreconf.

The generated tarballs are bit-for-bit reproducible from the git repo
using git archive. So you can generate them locally, sign them locally
and upload the signatures and associate them with the tags.

> In the case of popcon, I do not want to include the popcon public
> submission key in GIT.  Yet it should be in the source tarball.

Is there a reason why you don't want it in the source tarball.

You could include a second tarball containing just the key in the
Debian source package, dpkg-source v3 format supports multiple tarballs.

> Also, release tags are only a small subset of tags. It is inconvenient to mix
> the two.

I've never used git tags for anything other than releases,
what else are you using them for?

> How to do this and whether salsa support it is very unclear from this link.

I guess you go into the web interface and click around.

> <https://wiki.debian.org/Alioth#Deprecation_of_Alioth> says:
> Releases and downloads
> Git tags are the basic interface to create releases in ?GitLab. this
> creates a tarball and allows extra files to be attached to the tag.

I assume this means that Salsa supports it.

> However I did not see how I can attach a file to a tag.

I personally gave up on the GitLab interface, it requires too much
JavaScript to operate. I do things only via git or the API.
Since there is limited support for the API, I am mostly ignoring salsa.

> This starts to be off-topic on this list. Is there a debian salsa list ?

Just the #alioth IRC channel at this point:

https://wiki.debian.org/Salsa#Maintenance

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

References:
- Re: [Popcon-developers] popularity-repository on salsa
  - From: Bill Allombert <ballombe@debian.org>

Prev by Date: upcoming release of popcon 1.66
Next by Date: Processing of popularity-contest_1.66_amd64.changes
Previous by thread: Re: [Popcon-developers] popularity-repository on salsa
Next by thread: Re: Popcon time-series data points
Index(es):
- Date
- Thread