flock2016
LOGS
13:30:53 <bkm> #startmeeting Testing bleeding edge kernels
13:30:53 <zodbot> Meeting started Wed Aug  3 13:30:53 2016 UTC.  The chair is bkm. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:30:53 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
13:30:53 <zodbot> The meeting name has been set to 'testing_bleeding_edge_kernels'
13:31:02 <bkm> speaker Paul Moore
13:31:10 <michalrud> #meetingname flock2016
13:31:10 <zodbot> The meeting name has been set to 'flock2016'
13:31:20 <bkm> #topic introduction
13:31:41 <bkm> pmoore@redhat.com or paul@paul-moore.com
13:32:00 <bkm> SELinux, audit, labeled networking kernel maintainer
13:32:13 <bkm> Created and maintain libseccomp project
13:32:43 <bkm> Talk about kernel testing problems and improvements
13:33:30 <bkm> How do we make leading edge changes accessible?
13:33:42 <bkm> #topic kernel development cycle
13:34:17 <bkm> * Create patch
13:34:32 <bkm> * get it reviewed and changes made
13:34:47 <bkm> * Patches merged into a subsystem next branch
13:35:09 <bkm> this varies by subsystem
13:35:53 <bkm> * Linus pulls the next branches into tree
13:36:19 <bkm> 2 week merge window after each kernel is released
13:37:07 <bkm> Approximately 8 week of testing before release
13:37:42 <bkm> #topic Kernel testing today
13:38:32 <bkm> * Kernel releases packaged for Fedora Rawhide
13:39:38 <bkm> * linux-next repository merges 'next' branches daily
13:39:59 <bkm> * Primarily focused on exposing merge conflicts
13:40:43 <bkm> * Coverage unclear
13:41:01 <bkm> * General user testing rare
13:41:27 <bkm> * As such does not find subsystem interaction problems
13:41:41 <bkm> #topic Problems with current approach
13:42:22 <bkm> Less than 8 weeks to find and solve problems
13:44:00 <bkm> 'Next' branches based on stable/old code
13:44:50 <bkm> Software development problem
13:45:25 <bkm> No way to easily test subsystem interaction
13:46:03 <bkm> #topic Kernel testing aspirations
13:46:36 <bkm> Regular testing of the latest upstream developments
13:47:40 <bkm> Make test kernels more accessible to users - not all users are comfortable building kernels, but can test out rpms
13:48:06 <bkm> Needs to be cheap, easy and portable
13:49:05 <bkm> * Automated build and test processes
13:49:50 <bkm> #topic continuous integration as a solution
13:50:25 <bkm> Connect development with test and deployment
13:50:56 <bkm> Constant stream of new, verified releases
13:51:12 <bkm> #topic Continuous integration problems
13:51:38 <bkm> Many CI frameworks require infrastructure
13:52:51 <bkm> Does not appear well suited to kernel testing
13:53:07 <bkm> #topic Simplified CI for kernel developers
13:54:27 <bkm> Create/find a set of easily run regression tests: self contained, can isolate individual tests
13:54:50 <bkm> Automate patching of Fedora kernel source rpm
13:54:57 <bkm> Automate building
13:55:12 <bkm> Automate ROM distribution to public repository
13:55:50 <bkm> Automate testing via virtual machines
13:56:13 <bkm> #topic Progress so far
13:56:38 <bkm> Useable test suite for SELinux and audit
13:57:01 <bkm> * updated selinux-testsuite project
13:57:16 <bkm> * created audit-testsuite since no suitable existing one
13:57:27 <bkm> Codes on github
13:57:51 <bkm> Fedora kernel patching automation
13:58:04 <bkm> Copr repository for kernel build and distribution
13:58:26 <bkm> Highly recommend Copr
13:58:41 <bkm> * Weekly builds and test runs for the past year
13:58:55 <bkm> #topic Lessons learned
13:59:15 <bkm> Regular regression testing works - if you do it!
13:59:42 <bkm> * Catches problems early
13:59:55 <bkm> * Minimizes time looking through git log
14:00:33 <bkm> * Less stress during merge window and RC cycle
14:01:15 <bkm> Automated patching works better than expected
14:01:29 <bkm> * Looking at automating further
14:01:59 <bkm> Copr great tool, but has reliability issues
14:02:12 <bkm> * Expect this to improve
14:02:19 <bkm> #topic Future improvements
14:02:39 <bkm> Automate more
14:02:47 <bkm> * VM test execution
14:03:02 <bkm> * Automatic build and test triggers
14:03:26 <bkm> Increase test coverage
14:04:03 <bkm> * Tests need to be easily and quickly run
14:04:28 <bkm> * Not comprehensive tests, aim to catch simple mistakes early
14:04:52 <bkm> Additional security subsystems beyond SELinux and audit
14:05:12 <bkm> #topic PRoject links
14:05:41 <bkm> #link https://github.com/SELinuxProject/selinux-testsuite
14:06:03 <bkm> #link https://github.com/linux-audit/audit-testsuite
14:06:13 <bkm> Bash scripts
14:06:44 <bkm> #link https://github.com/pcmoore/copr-pkg_scripts
14:07:21 <bkm> #link https://copr.fedoraincloud.org/coprs/pcmoore/kernel-secnext
14:07:59 <bkm> #topic Questions
14:08:05 <bkm> Blog post coming
14:08:40 <bkm> #topic Example installing and running
14:09:08 <bkm> see readme at pcmore
14:09:37 <bkm> Install and configure Copr client - makes hosting repository
14:10:02 <bkm> Clone github repository pcmoore/copr-pkg
14:11:19 <bkm> Create and configure new Copr project directory
14:11:31 <bkm> Clone the upstream project and add any remotes
14:11:43 <bkm> Clone the fedora package repository
14:12:33 <bkm> Welcomes contributions - email, pull requests etc
14:12:55 <bkm> Then run scripts
14:13:06 <bkm> * Generate patches from upstream
14:13:34 <bkm> * Create a patched SRPM and submit to Copr
14:14:15 <bkm> Read the documentation, more configuration options there
14:15:28 <bkm> #topic Questions
14:16:08 <bkm> Want to extend to architectures other than x86_64
14:17:20 <bkm> Power and ARM also of interest
14:17:41 <bkm> Could use Koji as well
14:17:53 <bkm> #endmeeting