summaryrefslogtreecommitdiff
path: root/doc/release_policy.rfc.txt
blob: fd411874277972de70c16fb30964b1a612425739 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
***********************************************************************
********************* Release Policy (RFC) ****************************
***********************************************************************

We suggest this structure of the proposal document as part of a tiny
social process in order to find a decision in a cooperativ and common
way.


I. Driver 
=========
(What is the problem and what solution did we find?)

The problem for the GNUnet community stated here is how to evolve the
GNUnet team and code organization, so that developing code gets
attractive again and using GNUnet for testing purposes or even for some
little usecases becomes easier. In the current organizational model
bugs tend to accumulate until they are not managable or overwhelming,
however, it's clear, that every release candidate should be free from
known bugs. There is more. Devs and user need to feel progress to have
"Erfolgserlebnisse" (roughly: "sense of achievement") and recognition,
like a new release, a "product" they have contributed to, listing new
features with short description of amazing privacy preserving use cases.

A possible solution to this problem might be a new and lightweighted
release model with git. 

Release Models with git:

Option 1:
  * code organization and branching
    * master branch is release branch, tagged with different version
      numbers development occurs in little side branches
    * mature code resides in a staging branch for testing and quality
      management 
  * release process
    * development in little side branches
    * if code is mature, merge with staging branch and do testing,
    * static/dynamic analysis and code audits if checks are okay, merge
      with release branch and tag with new version number

Option 2:
  * code organization and branching
    * master branch is development branch
    * further development task can be done in other side branches
      for every release candidate exists a new branch called after the
      version number 
  * release process
    * development in master and side branches
    * if code of side branches is mature merge with master branch
    * if code in master branch is mature, create if not existant a new
    * release branch called after the new version number and merge with
      master 
    * in the release branch do testing, static/dynamic analysis
      and code audits 
    * if checks are okay, tag as release candidate


Option 3: (What we really do right now)
* changes that are not expected/known to break anything go into master;
  we may be wrong, better CI may allow us to detect breaking changes
  before merges in the future (but we shall never fault anybody for
  breaking stuff in master in non-obvious ways);
* experimental development happens in branches, created by individuals
  or groups as they see fit. They are encouraged to merge often (if that
  would not break anything) to avoid divergence and to detect issues from
  a merge/rebase early.
* actual _release policy_:
  - tests must pass
  - no compiler warnings for -Wall
  - acceptance tests (manual feature test) must succeed
  - no known "release critical" bugs (where RC has no formal definition,
    mostly we rather explicitly declare certain bugs as "not critical")
  o buildbots are happy (if running)
  o static analysis is happy (if available, false-positives => ignore)
  o documentation is reasonably up-to-date
  + reasonable test coverage (if too terrible => move subsystem to experimental?)
  + texinfo (HTML+PDF) and doxygen happy? Ideally without warnings!
  + nobody screaming bloody murder because of almost-completed features/bugfixes
    almost ready to be merged?
  Legend: -: absolutely mandatory; o: important; +: nice to have

...

Option 1 and 2 are two flavours describe in 
https://trunkbaseddevelopment.com/

II. Evaluation Criteria 
=======================
(what are criterias to interprete the results as success if we review
the problem and solution after a year or so)

III. Concerns (of team members)
===============================
(if there are concerns of team members, write them down here to later
review)

I disagree that "bugs tend to accumulate until they are not managable".
The real issue is that neither writing testcases nor fixing bugs are
fun tasks volunteers like to do. As you write yourself: you want a
sense of achievement, recognition, "new features".  So as long as that
is what you are motivated to do, you will not get stable, well-tested
code. I don't have a magic bullet to motivate you to write more tests,
or to improve existing tests. -CG

I also disagree that releases have to be 'known bug free'.  That bar is
way too high. However, there are obviously 'critical' bugs, but what
they are is another debate.  But not all bugs are critical. Also,
I would distinguish between 'standard' and 'experimental' subsystems.
Experimental subsystems should build. They don't have to run, or do
anything useful. Not even tests have to pass for a release IMO. -CG

Git is also not a "release model".  Git is a software development
tool.  But introducing branches in Git won't fix bugs. It also won't
improve test coverage. It won't test the code on a broad range of
platforms.  It also doubt it will give you the recognition you crave.
More importantly, what you describe is already happening, and
partially has contributed to the problems. Bart kept his own CADET
hacks in his personal branch for years, hence without much feedback or
review.  The SecuShare team kept their patches in their own branch,
hence revealing interesting failure modes when it was finally merged.
Martin kept some of his ABE-logic in his own branch (that one was
merged without me noticing major problems).  Anyway, what you propose
as Option 1 is already largely done, except that certain CI tasks
simply cannot be productively done pre-merge right now (and I'm all
for improving that situation). -CG

Finally, there is one last elephant with respect to branches and
merging that I would like you to consider. Given that GNUnet is highly
modular, you have largely benefited from the modular architecture and
been able to hack in your respective corners, unaffected by other
modules (modulo bugs in dependencies).  That is great, and the desired
development mode.  It has the critical advantage that bugs in modules
that nobody depends upon (auction, rps, social) can be in 'master' and
won't disturb anything. As most new development usually happens on the
leaves of the dependency graph, that is great.  However, occasionally
there are architectural changes. Not of the type where the graph
changes, but where key API assumptions change. We recently had one for
the GNU Name System with the dropping of ".gnu".  Before, CADET
changed the semantics and paramter for 'port'.  In the future, CORE
will introduce protocol versioning.  Whenever such a change happens,
it usually falls upon the person making that change to update
dependencies as well (or at least to work with people who hack on the
dependencies to coordinate the adjustments).  That way, changing an
API for in-tree dependencies is a minor nuisance.  However, if
branches exist, making sure that API changes do not break _any_ branch
somewhere is impractical.  So at least at times where "major" API
rewrites are happening, it is important to minimize the number of
branches. -CG


IV. Doing
=========
(who does what within which time frame?)

Let me list what I think needs doing:

1) Better CI setup: build on multiple platforms, build of
   "arbitrary" branches, reporting of regressions with
   decent diagnostics (!) to developers (not the crap
   Gitlab gives where I don't even easily get a stack
   trace on a core dump).
2) A culture of fixing "other people"'s bugs: test case failures,
   portability issues, Mantis reports, all the non-sexy
   stuff.  Not the 'psycstore' was written by tg, so no
   need for !tg to try to fix it, or the "I use sqlite, 
   why should I bother with postgres?"-crap I have heard
   too often.
3) Improving test cases: better code coverage, more corner
   cases, complex deployment scenarios (NAT!), etc.;
   less manual testing by hand, more writing automated
   tests.
4) There are also some bigger architectural changes ahead
   that I have mentioned in other places.  Without those,
   we won't be able to serve non-expert users.  So help
   with those would be welcome, but in terms of _process_
   I think 1-3 is what matters.

Note that none of this really adds up to a "release policy".


V. Previous Versions
====================
(if we found some flaws in the solution, and we want to change the
release policy, we document the old ones here als previous versions.
the goal is establish a learn process.)

IV. References
==============
(if there are references to paper, web pages and other sources.)