Process for aliases, auto-connections and tracks

jdstrand 2017-05-01 20:38:39 UTC #1

Definitions

Reviewers are listed in https://launchpad.net/~myapps-reviewers
Architects are those responsible for the design of snapd.
Votes are in favor (+1), against (-1), abstain (+0)
Voting period is one week
Voting period extension is 3 days

Process

Requester creates a forum post in the store category and makes case for change. To disambiguate snaps, the requester should either give the store URL for the snap or give the name and publisher of the snap. Voting period starts at time of request.
Requester may not vote on his/her own snap.
Reviewers and/or architects vote using the voting procedure (see below). Each vote should include a short rationale for the cast vote.
If after voting period there are not enough votes based on voting procedure, a voting period extension should be requested by a reviewer/architect. The extension starts the day of the request for extension
At the end of the voting period, a reviewer/architects tallies the results from the voting period (and extension), summarizes in the forum post and performs any necessary actions.

Voting procedure

The voting procedure is the same for granting and revoking auto-connections, auto-aliases and track requests.
If reviewers and up to at most one architect voted: simple majority with at least 2 votes in favor at end of voting period/extension: perform requested action.
If two or more votes in favor/against from architects: reviewers votes are not tallied. If have only in favor votes from architects at end of voting period/extension: perform requested action, otherwise architects discuss until no against votes and at least one vote in favor from architects. If clear direction from architects, an architect may request the vote be tallied early.

Executing ping within a snap

Track request for subiquity: artful

[Help] Changing the snap name causes a failure in execution

Auto connecting removable media

Documentation outline

Classic confinement for yarn

Get a list of user-defined aliases of a snap

Store assertions alias for vscode

Automatic aliases for ldc2 snap

Sanitisation of snaps' requested interfaces

Docker snap tracks request

Simplified track request process for snaps with predictable cadence

Kubernetes 1.9 snap tracks

Snapping CUPS Printing Stack: Avahi support, system users/groups

Classic confinement for ubports installer

Request aliases for torxakis

Use of home and network plugs

Track request for OpenStack gnocchi and cinder snaps

Track request for prometheus

Track request for OpenStack projects

Automatic alias for bluez snap (btmgmt command)

Auto-connecting interfaces for easy-openvpn snap

Request tracks for u1test-snap-with-tracks

Snapping CUPS Printing Stack: Avahi support, system users/groups

Track request: new 1.4 track for ldc2 snap package

Track requests for dmd snap package

Which snaps should be supported by canonical

Auto-connecting interfaces for bcc

Request automatic alias for ubuntu-make

How to load Iptable rules on startup, what plugs are needed?

Publish snap with classic confinement

The snapd roadmap

Requesting tracks for 'node' snap: 6, 8, 10

New track "cali" for edgexfoundry-core snap

Multi tracks for Apache Drill

jdstrand 2017-05-01 20:48:12 UTC #2

OTOH, I suggest that snappy architects and store reviewers get a vote such that:

if >= 2 +1s, grant after 1 week of initial request (to give architects, et al a chance to read)
if >= 2 +1s from architects, grant immediately regardless of number of reviewers’ -1s
if architects disagree, do nothing until they agree
reviewer may not vote on his/her own snap. An architect may vote on his/her own snap.

This should allow things to move ahead without needless red tape. If architects disagree at a later time, that is cause for re-discussion with the same voting procedure as above for revocation.

jdstrand 2017-05-02 12:37:15 UTC #3

After giving some thought on corner cases last night, here is a more formalized proposal:

reviewers are https://launchpad.net/~myapps-reviewers
snappy architects are Mark, Gustavo, etc
votes are in favor (+1), against (-1), abstain (+0)
voting period is one week
voting period extension is 3 days

Process:

a requester creates a forum post with the ‘store’ tag and makes case for change. To disambiguate snaps, the requester should either give the store URL for the snap or give the name and publisher of the snap. Voting period starts at time of request
a requester (reviewer or architect) may not vote on his/her own snap
reviewers and/or architects vote using the voting procedure (see below)
if after voting period there are not enough votes based on voting procedure, a voting period extension should be requested by a reviewer/architect. The extension starts the day of the request for extension
at the end of the voting period, a reviewer/architects tallies the results from the voting period (and extension), summarizes in the forum post and performs any necessary actions

Voting procedure:

the voting procedure is the same for granting and revoking auto-connections and auto-aliases
if reviewers and up to at most one architect voted: simple majority with at least 2 votes in favor at end of voting period/extension: perform requested action
if two or more votes in favor/against from architects: reviewers votes are not tallied. If have only in favor votes from architects at end of voting period/extension: perform requested action, otherwise architects discuss until no against votes and at least one vote in favor from architects. If clear direction from architects (eg, no abstain votes), an architect may request the vote be tallied early.

niemeyer 2017-05-04 18:50:34 UTC #4

Rationale and proposed process sounds like a great start, thanks for putting it in place Jamie.

As a minor addition, might be good to request the inclusion of a short rationale to back any positive or negative votes, so that others can comprehend the reason and correlate or not.

Then, as a trivial detail, store is actually a category in the forum rather than a tag.

jdstrand 2017-05-05 15:19:03 UTC #5

Thanks @niemeyer

Based on that, here are the approved procedures:

Alias and Auto-Connection request and approval process

Definitions

reviewers are https://launchpad.net/~myapps-reviewers
snappy architects are Mark, Gustavo, etc
votes are in favor (+1), against (-1), abstain (+0)
voting period is one week
voting period extension is 3 days

Process

a requester creates a forum post with the ‘store’ category and makes case for change. To disambiguate snaps, the requester should either give the store URL for the snap or give the name and publisher of the snap. Voting period starts at time of request
a requester (reviewer or architect) may not vote on his/her own snap
reviewers and/or architects vote using the voting procedure (see below). Each vote should include a short rationale for the cast vote
if after voting period there are not enough votes based on voting procedure, a voting period extension should be requested by a reviewer/architect. The extension starts the day of the request for extension
at the end of the voting period, a reviewer/architects tallies the results from the voting period (and extension), summarizes in the forum post and performs any necessary actions

Voting procedure

the voting procedure is the same for granting and revoking auto-connections and auto-aliases
if reviewers and up to at most one architect voted: simple majority with at least 2 votes in favor at end of voting period/extension: perform requested action
if two or more votes in favor/against from architects: reviewers votes are not tallied. If have only in favor votes from architects at end of voting period/extension: perform requested action, otherwise architects discuss until no against votes and at least one vote in favor from architects. If clear direction from architects (eg, no abstain votes), an architect may request the vote be tallied early.

How to get several direct-access wrappers from one snap?

Store assertions alias for vscode

Auto-connecting interfaces for bcc

Set up auto-alias for gofmt in go snap

Automatic aliases for ldc2 snap

niemeyer 2017-05-05 16:06:13 UTC #6

@jdstrand Thanks for formatting it nicely. Would be nice to have that process as the first message of this topic, so people getting into it will see the actual approved process upfront.

jdstrand 2017-05-05 16:17:10 UTC #7

I’ve done this just now.

roadmr 2017-07-19 12:07:35 UTC #8

One more request. Could the first message be updated to reflect the fact that this process also applies to track requests? So far I’ve been informally pointing people to this post and just saying “this also applies to tracks despite what the process specifies” but it’d be nice for that to be formalized.

Thanks!

jdstrand 2017-07-25 17:09:42 UTC #9

FYI, I did this yesterday.

morphis 2017-09-13 10:37:56 UTC #10

@jdstrand @niemeyer Is it possible that we can one or two people from CE into the list of reviewers to speed up reviews for certain commercial things?

jdstrand 2017-09-13 17:54:49 UTC #11

It is of course possible; I’ll leave the decision to @niemeyer if we want to do this.

My question is what in the existing process is causing trouble? You asked on this thread and I saw in another thread you wanted to speed up the one week waiting period. The one week waiting period is in place so reviewers have a chance to vote (ie, we want to support the case where 2 quick ‘yea’ votes are cast and then a ‘nay’ vote later). There is also a process for architects to waive the waiting period. Is this not sufficient for your needs?

niemeyer 2017-09-13 18:02:07 UTC #12

@morphis @jdstrand Everybody is welcome to review, but we need at least two reviews from people that are sitting here all the time and reviewing things all the time and that remain aware of current practices. Having someone sporadically reviewing and mainly when they want things in quickly feels like a recipe for bad reviews.

Requesting automatic alias for dotnet

jdstrand 2017-10-06 21:06:48 UTC #13

I’ve been meaning to investigate/document this for a while-- reviewers need not worry about granting an alias that is used by other snaps or an alias that is the name of a snap. snapd will prevent inconsistencies:

if a snap is installed with an alias, then installing a snap with the name of the alias (ie snap install <alias>) results in the snap being uninstallable until the alias is removed with snap unalias <alias>
if a snap is installed that has an automatic alias that matches the name of an already installed snap, then installing the snap with the alias results in the snap being uninstallable (this may be a bug, but it is safe)
if two snaps have an automatic alias with the same name, the second snap is not installable until the first’s alias is removed with snap unalias <alias>

niemeyer 2018-01-31 21:19:17 UTC #15

I have polished a bit the topic and moved it into the documentation category.

In the process, I’ve also removed @jdstrand’s historical problem description from the post itself.

Here is the content for posterity:

jdstrand:

Problem description from original posting

As a store reviewer, I have the ability to grant auto aliases and auto-connections, but the process for approving those is undefined. The story was quite nebulous for a while with reviewers just trying to make the best decision in the moment. Today developers are being asked to make their requests via the forum (great!), but it isn’t clear (to me) when I may grant the request.

I can say a few criteria I consider before expressing my opinion in the forum (but I’m not asking to define all the criteria now; we probably need to work with the process for a while to see what falls out of the discussions before codifying the criteria):

For auto-connections:

for the public store, I look for the ‘officialness’ of the publisher of the snap because granting an auto-connection means that the public store is vouching for the publisher’s intent (maintenance, security updates, etc) and snap implementation (it does what it advertises, works well, etc) to the degree that we remove the user’s initial choice on connection at install time (the user may of course disconnect the interface after installation, but the snap may have already taken advantage of the connection, which is an important consideration (and why we don’t auto-connect everything in the first place!))

for the public store, I look for the ‘reasonableness’ of the request. Eg, a ‘top-like’ program will necessarily need the ‘system-observe’ interface but not ‘network-manager’

Similarly for auto-aliases:

for the public store, I look for the ‘officialness’ of the publisher of the snap since putting the aliased commands into the user’s PATH implies a certain level of trust in that command (and the publisher)

for the public store, I look for the ‘reasonableness’ of the request. Eg, do these commands make sense for the snap (eg, auto-aliasing a ‘mysql’ command in a LAMP stack snap is probably not great considering there is an official ‘mysql’ snap that provides this command)? do these commands exists elsewhere? Are they overly broad (eg, ‘editor’)?

To that end, I’ve expressed my opinion in a few forum requests and have waited on people’s opinions in others. Thus far, I’ve only acted on a few where there was a discussion with clear outcome. What I’d like to see from this post is:

who is allowed to vote on the request?

how many votes are needed to grant the request?

should the vote be unanimous? if not, what majority percentage wins?

is there ‘veto’ power? if so, who has veto power?

what is the process for revoking a granted auto-alias or auto-connection?

anything else?

niemeyer 2018-01-31 21:45:40 UTC #16