[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

incoming.d.o/debian-buildd, usage polivy/advice

tl;dr:

  Who is supposed/allowed to use
     https://incoming.debian.org/debian-buildd
  and when?  In particular, is it OK for Debian downstreams to access
  it to obtain source files that the archive has accepted but which
  aren't yet availabe on mirrors?

Hi.

We have a question about when it is appropriate or not to use
https://incoming.debian.org/debian-buildd.  I'm not sure I'm asking in
the right place.  Please feel free to redirect me.

The background is tag2upload, and specifically #1111728.  When making
a source package from git, the tag2upload service needs the orig
tarballs.  Sometimes, the -1 upload is very recent, and the orig
tarballs for a -2 aren't available from the mirror network.  So in
#1111728 one of our users suggested that in this situation, tag2upload
should try getting the tarball from incoming.

We don't want the tag2upload service to have special powers, partly
because we want users to be able to reproduce locally any failures
that occur on the service.  So we have implemented a "try incoming"
option for dgit, which we'll enable when the tag2upload service is
fetching orig tarballs (and when a user is running the same code).

We're not sure whether we should have dgit try incoming in more
situations.  For example, "dgit clone" sometimes has to present the
user with an earlier version than the most recent, because the most
recent isn't on the mirror.  I think we could improve this if we made
it try incoming.

Also, this has an impact on the naming of the dgit option.
Specifically, how discouraging to make it.  Currently in our draft MR
itf's `--mirror-fallback-internal`, with `internal` intending to
indicate that it should be used only *within* Debian.  If using it
more widely is OK we could call it `--mirror-fallback`.

My personal guess is that we probably don't want to expose
incoming.debian.org to the potential level of traffic from all
downstream users of `dgit clone`.  But maybe that's an OK risk to
take, and we could plan to scale up incoming.d.o's capacity if it
turns out to be a problem.

Thanks for any opinions/information you can provide.

Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.  

Pronouns: they/he.  If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.
Reply to: