16:00:20 <jlaska> #startmeeting Fedora QA Meeting
16:00:20 <zodbot> Meeting started Mon Nov 30 16:00:20 2009 UTC.  The chair is jlaska. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:20 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
16:00:27 <jlaska> #meetingname qa
16:00:27 <zodbot> The meeting name has been set to 'qa'
16:00:44 <jlaska> #topic Gathering in the lobby
16:00:50 <adamw> yo
16:01:00 * kparal 
16:01:04 * tk009 is kinda here
16:01:21 <jlaska> adamw: kparal: tk009 Howdy folks
16:01:39 <tk009> good morning
16:02:07 * jlaska notes ... folks in the US might still be a bit sleepy from consuming too much turkey
16:03:37 <jlaska> wwoods should be around, might just be gathering a few breadths after a near-miss of a system failure
16:04:05 * wwoods is indeed around
16:04:24 <jlaska> anyone else ... Viking-Ice: poelcat: Oxf13?
16:04:47 * poelcat here
16:05:01 <jlaska> poelcat: greetings
16:05:09 <poelcat> hi, thanks for the reminder
16:05:15 <jlaska> okay, let's dive in ... don't want to go too long (for a change)
16:05:27 <jlaska> #link https://www.redhat.com/archives/fedora-test-list/2009-November/msg01223.html
16:05:33 <jlaska> ^^^ the proposed agenda for today
16:05:41 <jlaska> #topic Previous meeting follow-up
16:05:52 <jlaska> * adamw - initiate security policy discussion on fedora-{devel,security}-list (see http://spot.livejournal.com/312216.html)
16:06:02 <jlaska> that's a [X], that's for kicking that off adamw
16:06:05 <adamw> so, i did it
16:06:16 <jlaska> I've got a spot in the agenda to talk about progress  there
16:06:22 <adamw> ok
16:06:39 <jlaska> anything else high-level to discuss there?
16:07:01 <jlaska> * jlaska to send request for retrospective feedback to fedora-test-list@
16:07:20 <jlaska> same for me ... this was sent, folks have contributed already (thank you) ... and will do a status updates later in the meeting
16:07:29 <jlaska> that's all I have from last week's action items
16:07:39 <jlaska> anything I missed?
16:08:36 <jlaska> okay ... let's move on then
16:08:42 <jlaska> #topic Enhancing release criteria
16:09:09 <jlaska> poelcat introduced this topic and we discussed it from a high-level last week
16:09:26 <poelcat> thanks to everyone who gave feedback on the list and talk pages
16:09:41 * jlaska notes ... poelcat beat me too it :)
16:10:03 <poelcat> what do you think of next step of taking all that feedback and working it into the pages
16:10:22 <poelcat> and then send another reminder to the list by say tomorrow
16:10:25 <adamw> i think it would be a great job for someone whose irc nick is poelcat ;)
16:10:46 <poelcat> and then do an in person review/finalize this weekend!
16:10:52 <poelcat> at FUDCon :)
16:10:52 <jlaska> I've been adjusting the pages for the Talk feedback so far
16:11:08 <poelcat> jlaska: excellent
16:11:24 <jlaska> A hackfest session @ FUDCon?
16:11:27 <poelcat> i'll touch base w/ you after the meeting to see if there are any holes
16:11:40 <poelcat> jlaska: that was my thought
16:11:43 <jlaska> I'm still unclear on how best to account for what adamw raised
16:11:50 <poelcat> seems too specialized for barcamp
16:12:05 <poelcat> jlaska: what is that?
16:12:08 <adamw> which bit?
16:12:10 <jlaska> the impact on severity of hardware and local configuration issues
16:12:21 <jlaska> we all know it exists, but unclear on how best to put that into words
16:12:50 <adamw> i can write up a paragraph for that if you like
16:13:22 <jlaska> no objections here ... it's better than the empty string I've got
16:13:23 * poelcat wonders if there is still a possiblity of some quantificapability?
16:13:34 <jlaska> infrastructuralization?
16:13:35 <jlaska> :)
16:13:39 <poelcat> e.g. "5 or more systems" ?
16:13:51 * Viking-Ice joins late inn..
16:13:56 <jlaska> Viking-Ice: welcome!
16:13:59 <adamw> poelcat: it's hard to do even that
16:14:13 <poelcat> adamw: true
16:14:29 <jlaska> we definitely want bugs filed ... but perhaps this data is used to facilitate the blocker bug decision
16:14:30 * poelcat was thinking of the easy cases
16:14:43 <adamw> poelcat: you could find five systems that hit virtually any kernel bug, from kerneloops.org
16:14:44 <poelcat> we can move on
16:14:56 <jlaska> yeah sorry, rat hole
16:15:01 <adamw> on the contrary, there are some issues you might be hard-pressed to get five reporters for in beta stage but which many would hit in final
16:15:06 <adamw> so, yeah, i'd prefer to keep it general.
16:15:27 <jlaska> #info next step ... of taking all that feedback and working it into the pages
16:15:34 <jlaska> #info send another reminder to the list by say tomorrow
16:15:38 <adamw> can you #action me?
16:15:49 <jlaska> #info hackfest session at FUDCon to finalize
16:16:11 <jlaska> #action adamw to offer some guidance on how to handle hardware/local_configuration specific bugs
16:16:27 <jlaska> poelcat: thanks for the update, anything else?
16:16:41 <poelcat> jlaska: that's all
16:17:00 <jlaska> #topic Security Policy/Test_Plan
16:17:17 <jlaska> adamw: do you have a few minutes to talk about where that stands, issues/roadblocks etc... ?
16:17:33 <jlaska> #link https://www.redhat.com/archives/fedora-devel-list/2009-November/msg01745.html
16:18:18 <adamw> well
16:18:27 <adamw> the discussion has done a classic fedora peter-out
16:19:01 <adamw> it seems like there's vague consensus that we should have package defaults that are 'very secure' and then per-spin customization for less security (if desired)
16:19:11 <adamw> though that would seem to have lots of holes in it as an idea
16:19:22 <adamw> no-one has really stepped up and said 'yeah there's a plan and we're doing it here'
16:19:30 <adamw> so i may need to give it another poke
16:19:53 <poelcat> adamw: is FESCo tracking this issue?
16:20:01 <adamw> poelcat: I don't know.
16:20:11 * poelcat would hope/think they have a ticket open and are discussing
16:20:29 <adamw> we could ask...
16:20:42 <adamw> nirik: ping?
16:20:48 <Oxf13> hey, I'm here, just running late.
16:20:59 <Oxf13> kid decided to wake up at 5am and have a meltdown.
16:21:02 <nirik> adamw: whats up?
16:21:07 <jlaska> Oxf13: welcome!
16:21:13 <adamw> nirik: is FESco tracking the security policy question?
16:21:25 <adamw> nirik: see discussion about (since xx:17:17)
16:21:28 <adamw> s/about/above/
16:21:48 <skvidal> adamw: I wrote a draft of the significant change policy
16:21:55 <skvidal> and I sent it to the fesco mailing list last week
16:21:56 * nirik was just typing that...
16:22:02 <skvidal> I've, as yet, received no comment At all
16:22:10 <skvidal> which makes me sad
16:22:22 <skvidal> I can send it to fedora-devel-list if that would help conversation
16:22:35 <nirik> skvidal: sorry, I was busy friday and didn't feel like answering over the weekend. It's in my mailbox to reply to today...
16:22:52 <skvidal> nirik: so folks did GET it
16:22:54 <skvidal> that's good
16:23:01 <nirik> yes, I got it. Just haven't had a chance to reply yet
16:23:03 <jlaska> #info there's vague consensus that we should have package defaults that are 'very secure' and then per-spin  customization for less security (if desired)
16:23:06 <skvidal> b/c I couldn't tell if it had been held for approval or something
16:23:17 <jlaska> #info no-one has really stepped up and said 'yeah there's a plan and we're doing it here'
16:23:26 <nirik> with thanksgiving and the long weekend, I suspect many people were away from email.
16:23:26 <adamw> skvidal: do you think the 'significant change policy' is going to be enough to act as a 'security policy'?
16:23:37 <Viking-Ice> One question is there any security certification we can get on Fedora ( some one mentioned something NIST/DISA thingy ) if so is that something we would like to have ( for example a security certified workstation/server spin )
16:23:42 <jlaska> #info skvidal drafted a change policy and sent to fesco mailing list last week
16:23:43 <skvidal> adamw: no - but it should help us not get caught out in the cold on changes
16:24:39 <nirik> We may want to also look at a 'secure by default, spins/etc can relax for their needs' policy... (since we don't have such a thing right now)
16:24:47 <adamw> that's kinda what I thought. i still feel like there's a need for security policy (policies) / packaging guidelines. so fesco doesn't have anything going on that front?
16:25:31 <nirik> adamw: not currently, but concrete proposals welcome.
16:25:36 <adamw> nirik: that involves defining what 'secure' means, also runs into the 'desktop spin' border issue, and at least one security team member has posted to the thread that he isn't happy with the idea of spin SIGs having complete control over security policy in their spins.
16:25:39 <adamw> nirik: OK, thanks.
16:26:00 * nirik nods.
16:26:09 <Viking-Ice> Well I do belive we should allow spins to have complete control over their own security
16:26:17 <adamw> Viking-Ice: we don't really need to debate it here
16:26:20 <adamw> Viking-Ice: just flagging up the issues
16:26:33 <adamw> it's not qa group's job to decide the answers
16:26:44 <Viking-Ice> They just need to document how the deviate from the uber secure policy ;)
16:27:05 <adamw> skvidal: um, where is the fesco mailing list? is it private? it doesn't seem to be listed on the fesco wiki page
16:27:06 <Oxf13> if anything, it'd be QAs job to ensure the security policy as defined by the project and/or the spin matches reality
16:27:12 <adamw> Oxf13: right.
16:27:21 <skvidal> adamw: 'fedora-extras-steering'
16:27:30 <skvidal> adamw: it's private, I believe
16:27:30 <adamw> Oxf13: that's where we came into this issue: if we want to do testing we need a policy to test against.
16:27:37 <adamw> skvidal: ah, k.
16:27:39 <skvidal> adamw: it's mostly so we can talk trash about you. :)
16:27:52 <adamw> skvidal: that's what i figured =)
16:27:54 <jlaska> okay, so help me capture next steps here
16:28:05 <jlaska> is profit one of them yet?
16:28:10 <adamw> i guess i should file a ticket with fesco
16:28:13 <adamw> and profit is ALWAYS one of the steps
16:28:26 <nirik> yeah, a ticket with a proposed policy would be great.
16:28:46 <nirik> or a post to devel with it, wait for flames to subside, then a ticket. ;)
16:29:16 <adamw> i'm not sure i'm the guy to propose a policy
16:29:19 <poelcat> nirik: fesco is expecting someone else to propose a policy?
16:29:23 <adamw> given that i have precisely zero security qualifications
16:29:34 <nirik> poelcat: expecting? probibly not, just hoping. ;)
16:29:36 <adamw> i was thinking more along the lines of a ticket asking fesco to look into the issue, flagging up the problematic areas
16:29:41 <jlaska> adamw: nirik: and the ticket is to just get this on FESCO's radar?
16:29:44 * nirik can try and do something if nothing appears soon.
16:29:51 <nirik> adamw: thats fine too.
16:29:59 <adamw> if it'd be preferred, i could ask the security team to work with me to come up with a proposed policy
16:30:10 <Viking-Ice> +1
16:30:30 * poelcat hoping to say this is the nicest way, but would expect that creating/reviewing/make sure a security policy happens is FESCo's job
16:30:57 * poelcat realizes we are off topic for this meeting
16:31:03 <Viking-Ice> I do believe having the sec xperts on board and preferable defining the sec policy is the way to go.. .
16:31:47 <jlaska> #info next step ... file a FESCO ticket asking fesco to look into the issue and help us move towards a security policy
16:31:48 <nirik> poelcat: sure, agreed.
16:31:52 <Oxf13> poelcat: while that is true, you don't have to be in FESCo to create the policy or any proposal.
16:31:55 <adamw> just #action me to do a fesco ticket and i'll figure it out
16:32:14 <Oxf13> poelcat: in fact, a subject matter expert may be a better choice to create such a policy, rather than the members of FESCo
16:32:48 * adamw is talking to security team now
16:32:53 <jlaska> #action adamw will reach out to FESCO for guidance on defining a security policy
16:33:24 <poelcat> Oxf13: yep, that is part of "make sure a security policy happens"
16:33:32 <jlaska> adamw: okay ... anything else I missed or need to capture?
16:34:06 <Oxf13> poelcat: that also assumes that FESCo or the Fedora Board has determined that a security policy is even necessary.
16:34:27 <poelcat> we're off topic, let's move on :)
16:34:38 <adamw> jlaska: i think that's okay.
16:34:58 <jlaska> adamw: alright, thank you
16:35:05 <jlaska> #topic F-12 QA retrospective
16:35:12 <jlaska> #link https://www.redhat.com/archives/fedora-test-list/2009-November/msg01126.html
16:35:28 <jlaska> lots of good feedback on the wiki and mailing list already, so thanks to all who contributed so far
16:35:56 <jlaska> I'm still migrating mailing list feedback into the wiki page, I expect to wrap that up today
16:36:11 <jlaska> #link https://fedoraproject.org/wiki/Fedora_12_QA_Retrospective
16:37:02 <jlaska> As for next steps ... I plan to organize the feedback into related groups to make it easier to see trends/problem_areas
16:37:37 <jlaska> I'd like to then see some discussion around what the group wants to focus on for F-13 testing
16:38:03 <jlaska> I'm still uncertain on the most effective forum for that ... I'm guessing a mix of mailing list and a FUDCon break-out
16:38:39 <jlaska> this shouldn't be anything new ... we informally did this for F-12
16:39:21 <jlaska> all I'm trying to do now is make this process a bit more repeatable+transparent ... and hopefully help interested participants take part in our objectives for F-13
16:39:57 <jlaska> #info Next steps ... I plan to organize the feedback into related groups to make it easier to see trends/problem_areas
16:40:12 <jlaska> anyone else have questions or concerns on this topic?
16:41:06 <adamw> nothing really
16:41:36 <Oxf13> nope
16:41:38 * Viking-Ice nothing from me..
16:41:42 <jlaska> alrighty ... let's move on then
16:41:49 <jlaska> #topic AutoQA Updates
16:42:17 <jlaska> Just our usual check-in to see how things are progressing on the wwoods and kparal autoqa front
16:42:21 <jlaska> who wants to go first?
16:42:44 <kparal> ok, a few words from me :)
16:42:45 <wwoods> er, I'll go real quick
16:42:48 <kparal> heh
16:42:49 <wwoods> or.. yes
16:42:54 <wwoods> kparal: you go first
16:43:04 <kparal> alright
16:43:12 <jlaska> hehe, sorry guys ... I'll pick one of you first to avoid confusion next time
16:43:34 <kparal> there are a few patches in the autoqa mailing from me, maybe you have seen them
16:43:51 <kparal> the purpose is to make test development even easier
16:44:05 <wwoods> kparal: ooh, I didn't see the optparse patch for the watchers
16:44:17 <kparal> so all the watchers should have now (after accepting the patches) --help and --dry-run standardized
16:44:49 * wwoods was out of the office and off the VPN Nov. 25 until now, still catching up
16:44:54 <kparal> so now it could improve the expectations that people have when trying out the code
16:45:24 <kparal> I will start documenting the 'Getting started' stuff after it's in master
16:45:32 <jlaska> #info kparal has a few autoqa patches out for review - adding --help and --dry-run options to all watchers
16:45:51 <kparal> and I also worked a little bit on integrating rpmguard into autoqa, but not finished yet
16:46:03 <jlaska> #info kparal plans to contribute to the 'Getting started' use case once changes are in
16:46:18 * jlaska going crazy with meetbot tags ... sorry for annoyance
16:46:49 <kparal> wwoods, you may go on now :)
16:47:06 <wwoods> heh - thanks, kparal
16:47:24 <jlaska> #info kparal some progress on integrating rpmguard, more work remains
16:47:37 <wwoods> So last week I adapted kparal's patch for the autoqa harness to add the --local flag
16:47:47 <wwoods> so tests can be launched on your local system, to help with test development
16:48:02 <wwoods> it also supports the --dry-run flag, like the watchers
16:48:11 <kparal> already tried that, works perfect
16:48:16 <wwoods> kparal: great!
16:49:18 <wwoods> let's see - there were some fixes to the watchers
16:49:30 <jlaska> #info Wwoods accepted kparal's local autoqa harness patch ... tests can now be launched on your local system to facilitate test development/integration
16:49:47 <wwoods> they should be running autoqa only once for each repo/build that's updated, regardless of which (or how many) arches the build/tree/repo is available for
16:50:20 <wwoods> this is going to be important when we start working with more 'noarch' tests - tests like rpmlint, which don't need to run on the same arch as the target package/tree
16:51:04 <wwoods> also watch-repos.py was running tests too often, that was fixed
16:51:16 <wwoods> and I updated repoinfo to reflect the fact that there's no ppc rawhide anymore
16:51:24 * jlaska makes a note to ensure we're tracking the documentation needed for autotest system tagging
16:51:30 <wwoods> with the new repoinfo library that's just a simple config file change, so that's nice
16:52:12 <wwoods> in preparation for FUDCon I'm planning to write up some notes on AutoQA for Fedora developers
16:52:18 * jlaska was impressed with the repoinfo config file
16:52:33 <wwoods> and hopefully I'll be helping kparal get rpmguard running and sending emails and stuff
16:53:18 <wwoods> that's all from me.
16:53:28 <jlaska> wwoods: great stuff
16:53:31 * jlaska info's ...
16:53:49 <jlaska> #info wwoods improved support for running 'noarch' tests - tests like rpmlint, which don't need to run on  the same arch as the target package/tree
16:54:01 <jlaska> #info wwoods updated repoinfo to reflect the fact that there's no ppc rawhide anymore
16:54:42 <jlaska> #info wwoods plans ... some FUDCon prep work and helping kparal integrate rpmguard
16:54:53 <jlaska> I think that gets it ... shout if I've missed anything
16:54:55 <wwoods> to be fair, the current support for 'noarch' tests is kind of a gross hack
16:55:03 <jlaska> we like hacks
16:55:10 <wwoods> but I laid some of the groundwork to make it work sanely later
16:55:17 * jlaska makes a note to head to cafepress after meeting :)
16:55:22 <skvidal> wwoods: repoinfo is in autoqa?
16:55:29 <wwoods> skvidal: yes
16:55:36 <skvidal> wwoods: thanks
16:56:07 <jlaska> Just a few updates on some of my autoqa action items ...
16:56:40 <jlaska> #info thanks to help from abadger1999, autoqa-israwhidebroken is now packaged.  I sent a link to the branch to autoqa-devel.  If folks are happy, I can merge that into master
16:57:30 <jlaska> having this packaged highlighted a few next steps for having this service run as http://admin.fedoraproject.org/israwhidebroken
16:57:56 <jlaska> I don't think I'll be able to knock those out before FUDCon, so might look for guidance from abadger1999 and/or mmcgrath if they have the time
16:58:19 <jlaska> wwoods: kparal: anything else on the autoqa front?
16:58:36 <kparal> not from me
16:59:04 <jlaska> kparal: okay ... oh, wwoods said he was good earlier ... alright, next up ...
16:59:08 <jlaska> #topic Open Discussion - <your topic here>
16:59:30 <adamw> FINALLY time for the week's most important topic
16:59:31 <jlaska> any topics not yet mentioned people would like to discuss?
16:59:35 <jlaska> adamw: hit it!
16:59:39 <adamw> i move that glogg be adopted as the new official drink of QA
16:59:40 <adamw> http://loupgaroublond.blogspot.com/2009/11/glogg.html
16:59:58 <adamw> it involves wine, port and whiskey, and has an awesome name. i see no drawbacks.
17:00:07 <jlaska> #topic Open Discussion - Glögg as the official drink of QA
17:00:15 <wwoods> glogg!!
17:00:24 <wwoods> I have a bottle of that in my house right now
17:00:24 <jlaska> adamw: if we drink too much, side affects?
17:00:34 <Oxf13> adamw: I was thinking more 'Magic Hobo Gravy'  http://hijinksensue.com/2009/11/27/the-special-sauce/
17:00:34 <jlaska> "Best code I ever wrote!"
17:00:37 <kparal> I want pictures! :)
17:00:39 <adamw> i do not understand what you mean by 'too much'
17:00:47 <adamw> this seems a nonsensical concept
17:01:05 <jlaska> the first images.google.com result for grogg is not what I'd expect
17:01:08 <jlaska> adamw: :)
17:01:19 <jlaska> http://www.mostphotos.com/preview/150009/grogg-drink-ice-glas-red.jpg ?
17:01:30 <adamw> iced grogg?
17:01:42 <jlaska> http://www.drunkenblog.com/drunkenblog-archives/i/oh_glogg_youdevil.jpg
17:01:43 <Oxf13> jlaska: "grogg" vs "glogg"
17:01:57 <wwoods> yeah I think maybe Glögg and grog(g) are different things
17:01:59 <adamw> http://www.acatinthekitchen.com/photo/advent/glogg.jpg
17:02:13 <jlaska> indeed they are ... never trust "Maybe you meant grogg" :)
17:02:25 <jlaska> kparal: I've seen this a lot http://www.saturnus.se/images/produkter/glogg_export.jpg
17:02:48 <jlaska> okay ... anything else on the radar we need to discuss?
17:02:49 <kparal> never seen that in czech republic
17:03:09 <Oxf13> yeah, who is going to be on the bus?
17:03:12 <jlaska> kparal: You've got some of the best stuff on earth right in your back yard :)
17:03:36 <jlaska> #topic Open Discussion - FUDCon travel plans
17:04:45 <jlaska> #topic Open Discussion - FUDCon travel plans
17:04:51 <jlaska> nirik: thanks!
17:04:56 <wwoods> jlaska and I will be flying into Toronto on Friday. Remember yer passports, USians.
17:05:37 * jlaska wonders when the next EMEA FUDCon is
17:06:04 <jlaska> okay ... I'll close out the meeting in 2 minutes unless any urgent items come up
17:08:06 <jlaska> alright folks ... I think we can close it out
17:08:12 <jlaska> thanks for your time
17:08:23 <jlaska> As always, minutes will be sent to the list
17:08:26 <jlaska> #endmeeting