| 2014-01-09 09:34:19 |
James Page |
bug |
|
|
added bug |
| 2014-01-09 09:34:30 |
James Page |
bug task added |
|
juju-core (Ubuntu) |
|
| 2014-01-09 09:51:42 |
James Page |
description |
TBC |
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase. |
|
| 2014-01-09 09:51:46 |
James Page |
juju-core (Ubuntu): status |
New |
Incomplete |
|
| 2014-01-09 09:51:48 |
James Page |
juju-mongodb (Ubuntu): importance |
Undecided |
High |
|
| 2014-01-09 09:51:51 |
James Page |
juju-core (Ubuntu): importance |
Undecided |
High |
|
| 2014-01-09 11:36:44 |
James Page |
description |
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase. |
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). |
|
| 2014-01-09 11:37:53 |
James Page |
description |
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). |
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
|
| 2014-01-09 11:38:01 |
James Page |
bug |
|
|
added subscriber Mark Ramm |
| 2014-01-09 11:38:07 |
James Page |
bug |
|
|
added subscriber Antonio Rosales |
| 2014-01-09 11:38:14 |
James Page |
bug |
|
|
added subscriber Patricia Gaughen |
| 2014-01-09 11:38:28 |
James Page |
bug |
|
|
added subscriber Dave Cheney |
| 2014-01-09 11:38:45 |
James Page |
bug |
|
|
added subscriber Marc Deslauriers |
| 2014-01-14 11:56:36 |
Launchpad Janitor |
juju-mongodb (Ubuntu): status |
New |
Confirmed |
|
| 2014-01-14 11:56:56 |
James Page |
juju-mongodb (Ubuntu): status |
Confirmed |
New |
|
| 2014-01-28 12:40:44 |
James Page |
bug task added |
|
gccgo-go (Ubuntu) |
|
| 2014-01-28 12:40:50 |
James Page |
gccgo-go (Ubuntu): importance |
Undecided |
High |
|
| 2014-01-28 12:41:19 |
James Page |
summary |
[MIR] juju-core, juju-mongodb |
[MIR] juju-core, juju-mongodb, gccgo-go |
|
| 2014-01-28 12:47:04 |
James Page |
description |
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in univers.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
|
| 2014-01-28 12:47:28 |
James Page |
description |
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in univers.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in universe.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
|
| 2014-01-28 18:10:27 |
James Page |
juju-core (Ubuntu): status |
Incomplete |
New |
|
| 2014-01-28 18:10:37 |
James Page |
bug |
|
|
added subscriber MIR approval team |
| 2014-01-28 18:13:45 |
James Page |
removed subscriber MIR approval team |
|
|
|
| 2014-01-28 18:14:21 |
James Page |
description |
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in universe.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe, not yet available on arm64 or ppc64el.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
golang or gccgo TBC
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in universe.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
gccgo + gccgo-go
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
|
| 2014-01-28 21:16:12 |
Michael Terry |
gccgo-go (Ubuntu): assignee |
|
Matthias Klose (doko) |
|
| 2014-02-01 14:15:38 |
James Page |
bug |
|
|
added subscriber MIR approval team |
| 2014-02-01 14:15:53 |
James Page |
summary |
[MIR] juju-core, juju-mongodb, gccgo-go |
[MIR] juju-core, juju-mongodb, gccgo-go, gccgo-* |
|
| 2014-02-05 13:22:36 |
Dustin Kirkland |
bug |
|
|
added subscriber Dustin Kirkland |
| 2014-02-10 09:54:31 |
James Page |
bug task added |
|
golang (Ubuntu) |
|
| 2014-02-10 09:54:39 |
James Page |
golang (Ubuntu): importance |
Undecided |
High |
|
| 2014-02-10 09:54:41 |
James Page |
golang (Ubuntu): status |
New |
Incomplete |
|
| 2014-02-11 15:35:27 |
James Page |
summary |
[MIR] juju-core, juju-mongodb, gccgo-go, gccgo-* |
[MIR] juju-core, juju-mongodb, gccgo-go, gccgo-4.9, golang |
|
| 2014-02-11 15:40:26 |
James Page |
description |
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in universe.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
gccgo + gccgo-go
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
>> golang <<
Availability
------------
In universe, limited to amd64, i386 and armhf archs.
Rationale
---------
golang is the primary focus of Go toolchain development; scale testing of juju with gccgo and golang gc built binaries revealed that the gccgo built binaries consume a significant amount of memory compared to golang gc built versions.
As juju is focussed on building scale out service deployments, choosing the toolchain that produces the most scalable binaries on the architectures that most users are going to be using would make sense.
Security
--------
QA
--
Dependencies
------------
All build-deps are in main; some non-core packages depend on package in universe (kate, vim addons) - recommend that these are left in universe.
golang-go.tools can be demoted to a suggested to limit scope of main inclusion.
Standards compliance
--------------------
OK
Maintenance
-----------
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in universe.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
gccgo + gccgo-go
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
|
| 2014-02-11 15:42:32 |
James Page |
description |
>> golang <<
Availability
------------
In universe, limited to amd64, i386 and armhf archs.
Rationale
---------
golang is the primary focus of Go toolchain development; scale testing of juju with gccgo and golang gc built binaries revealed that the gccgo built binaries consume a significant amount of memory compared to golang gc built versions.
As juju is focussed on building scale out service deployments, choosing the toolchain that produces the most scalable binaries on the architectures that most users are going to be using would make sense.
Security
--------
QA
--
Dependencies
------------
All build-deps are in main; some non-core packages depend on package in universe (kate, vim addons) - recommend that these are left in universe.
golang-go.tools can be demoted to a suggested to limit scope of main inclusion.
Standards compliance
--------------------
OK
Maintenance
-----------
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in universe.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
gccgo + gccgo-go
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
>> golang <<
Availability
------------
In universe, limited to amd64, i386 and armhf archs.
Rationale
---------
golang is the primary focus of Go toolchain development; scale testing of juju with gccgo and golang gc built binaries revealed that the gccgo built binaries consume a significant amount of memory compared to golang gc built versions.
As juju is focussed on building scale out service deployments, choosing the toolchain that produces the most scalable binaries on the architectures that most users are going to be using would make sense.
Security
--------
Can't find any interesting security history.
QA
--
OK; the toolchain does have a test suite but its not run by default (yet).
Dependencies
------------
All build-deps are in main; some non-core packages depend on package in universe (kate, vim addons) - recommend that these are left in universe.
golang-go.tools can be demoted to a suggested to limit scope of main inclusion.
Standards compliance
--------------------
OK
Maintenance
-----------
>> gccgo-go <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
'go' build tool built using gccgo, avoiding the need to promote two golang toolchains to Ubuntu main.
Security
--------
Searching for golang CVE's turned up nothing (this package is a rename of the golang 1.2 source package).
Quality assurance
-----------------
Package installs cleanly, go tool installed using alternatives at higher priority that golang-go version in universe.
Dependencies
------------
gccgo is in universe, all other dependencies in main.
Standards compliance
--------------------
OK
Maintenance
-----------
Some bugs expected upfront but should stabilize before release. Probably picked up by ubuntu-server if foundations team don't want to.
Background information
----------------------
This package is a re-cut of the golang upstream codebase with selected cherry-picks from upstream VCS for gccgo support, along with a patch to support building using gccgo + Make.
The only code actually used is in src/cmd/go.
>> juju-mongodb <<
Availability
------------
In universe, available on all required architectures (x86, armhf, arm64, ppc64el).
Rationale
---------
MongoDB is a dependency for operating a Juju deployed Ubuntu environment.
Security
--------
MongoDB has had some CVE's in the past, related to the use of the V8 and Spidermonkey Javascript engine in the Mongo Shell; however juju-mongodb builds without support for Javascript scripting, avoiding the historic CVE's (which where fixed upstream anyway).
Quality assurance
-----------------
Package installs cleanly, package build process runs upstream smoke tests (minus jstests due to disabling javascript support). Tests pass on all architectures.
Dependencies
------------
All in main already
Standards compliance
--------------------
OK (well is scons but we won't hold that against it)
Maintenance
-----------
Upstream MongoDB run stable releases with point updates; its intended that a MRE is applied for this package so point releases can be pushed as SRU's.
Its also possible that we might need to bump a major version (2.4.x -> 2.6.x); as this package is specific to Juju, we can constrain the impact and regression testing to Juju only.
Background information
----------------------
Why a separate package? it was agreed at the last vUDS that having a separate package allows us to limit a) use of v8 (disabled) which was a security concern and b) allows us to potentially update at a later date if need be only impacting juju itself.
>> juju-core <<
Availability
------------
In universe.
Rationale
---------
Juju is the recommended service orchestration tool for Ubuntu; as such it really needs to be a core part of Ubuntu.
Security
--------
No security history, but it was agreed that a security review would be undertaken as part of the MIR process.
Quality assurance
-----------------
No tests are run as part of the package build process; however upstream do run these tests for all target series (12.04 -> 14.04) prior to release so the overall quality of the codebase it pretty good.
The package has some basic DEP-8 tests that bootstrap a local Juju environment to ensure everything hangs together OK.
Dependencies
------------
juju-mongodb (see above)
gccgo + gccgo-go
Currently all required go dependencies are snapshotted at specific upstream commits and bundled with Juju.
Standards compliance
--------------------
OK
Maintenance
-----------
Upstream Juju team intend to manage stable point releases against the version shipped in 14.04. Ubuntu Server team will own the package in distro.
Background information
----------------------
Some decisions still need to be made, mainly around toolchain. Specifically the aim is to support a single Go toolchain in Ubuntu main for all architectures; golang-go does not support arm64 or ppc64el yet, whereas the gccgo implementation does.
Required changes to support gccgo have been upstreamed into the Juju codebase.
Its also worth noting that the package and binaries in Ubuntu are used for:
client tool (juju)
juju agent (jujud) - but only for local provider and where --upload-tools is used
Upstream released jujud binaries are/will be distributed officially via simplestreams using a documented build process (details TBC). The juju client will use these tools on public clouds and potentially in private cloud deployments where tools are synced into the cloud using the juju client tool (juju sync-tools). |
|
| 2014-02-11 15:42:39 |
James Page |
golang (Ubuntu): status |
Incomplete |
New |
|
| 2014-02-13 23:02:38 |
Matthias Klose |
golang (Ubuntu): status |
New |
Incomplete |
|
| 2014-02-13 23:03:39 |
Matthias Klose |
juju-mongodb (Ubuntu): status |
New |
Incomplete |
|
| 2014-02-13 23:05:48 |
Matthias Klose |
gccgo-go (Ubuntu): status |
New |
Incomplete |
|
| 2014-02-14 08:58:54 |
James Page |
gccgo-go (Ubuntu): status |
Incomplete |
New |
|
| 2014-02-14 08:58:57 |
James Page |
golang (Ubuntu): status |
Incomplete |
New |
|
| 2014-02-14 08:58:59 |
James Page |
juju-mongodb (Ubuntu): status |
Incomplete |
New |
|
| 2014-02-19 22:51:39 |
Michael Terry |
juju-core (Ubuntu): assignee |
|
Jamie Strandboge (jdstrand) |
|
| 2014-02-24 18:20:06 |
Jamie Strandboge |
juju-core (Ubuntu): assignee |
Jamie Strandboge (jdstrand) |
Seth Arnold (seth-arnold) |
|
| 2014-02-24 18:20:21 |
Jamie Strandboge |
juju-mongodb (Ubuntu): assignee |
|
Seth Arnold (seth-arnold) |
|
| 2014-02-24 18:21:22 |
Jamie Strandboge |
juju-mongodb (Ubuntu): assignee |
Seth Arnold (seth-arnold) |
|
|
| 2014-03-10 15:01:24 |
Martin Pitt |
bug |
|
|
added subscriber Martin Pitt |
| 2014-03-20 12:30:20 |
Jamie Strandboge |
bug watch added |
|
http://code.google.com/p/go/issues/detail?id=256 |
|
| 2014-03-21 12:13:25 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
| 2014-03-28 23:05:59 |
Steve Langasek |
bug |
|
|
added subscriber Steve Langasek |
| 2014-03-29 01:50:39 |
Launchpad Janitor |
gccgo-go (Ubuntu): status |
New |
Confirmed |
|
| 2014-03-29 01:50:39 |
Launchpad Janitor |
golang (Ubuntu): status |
New |
Confirmed |
|
| 2014-03-29 01:50:39 |
Launchpad Janitor |
juju-core (Ubuntu): status |
New |
Confirmed |
|
| 2014-03-29 01:50:39 |
Launchpad Janitor |
juju-mongodb (Ubuntu): status |
New |
Confirmed |
|
| 2014-03-29 01:51:24 |
Sergio Schvezov |
bug |
|
|
added subscriber Sergio Schvezov |
| 2014-04-01 11:43:04 |
John A Meinel |
bug |
|
|
added subscriber John A Meinel |
| 2014-04-04 16:45:25 |
Jamie Strandboge |
juju-core (Ubuntu): assignee |
Seth Arnold (seth-arnold) |
|
|
| 2014-04-04 19:14:39 |
Nobuto Murata |
bug |
|
|
added subscriber Nobuto MURATA |
| 2014-04-06 03:36:00 |
William Grant |
bug |
|
|
added subscriber William Grant |
| 2014-06-17 23:17:01 |
Seth Arnold |
bug |
|
|
added subscriber Seth Arnold |
| 2015-03-11 15:54:27 |
Matthias Klose |
gccgo-go (Ubuntu): status |
Confirmed |
Invalid |
|
| 2015-03-11 15:54:54 |
Matthias Klose |
summary |
[MIR] juju-core, juju-mongodb, gccgo-go, gccgo-4.9, golang |
[MIR] juju-core, juju-mongodb, gccgo, golang |
|
| 2015-03-11 15:55:10 |
Matthias Klose |
bug task added |
|
gcc-defaults (Ubuntu) |
|
| 2015-03-11 15:55:26 |
Launchpad Janitor |
gccgo-5 (Ubuntu): status |
New |
Confirmed |
|
| 2015-03-11 15:55:26 |
Matthias Klose |
affects |
gcc-defaults (Ubuntu) |
gccgo-5 (Ubuntu) |
|
| 2015-08-10 20:48:06 |
Matthias Klose |
juju-mongodb (Ubuntu): status |
Confirmed |
Incomplete |
|
| 2015-09-04 21:31:05 |
Matthias Klose |
gccgo-5 (Ubuntu): status |
New |
Fix Released |
|
| 2015-09-08 15:42:35 |
Jamie Strandboge |
golang (Ubuntu): status |
Confirmed |
Incomplete |
|
| 2015-09-11 15:48:51 |
Wes |
bug |
|
|
added subscriber Wes |
| 2015-09-30 17:29:14 |
Alexis Bruemmer |
bug |
|
|
added subscriber Alexis Bruemmer |
| 2015-10-06 01:20:59 |
Michael Hudson-Doyle |
bug |
|
|
added subscriber Michael Hudson-Doyle |
| 2015-10-08 22:44:59 |
Cheryl Jennings |
bug |
|
|
added subscriber Cheryl Jennings |
| 2015-10-10 17:45:28 |
James Page |
branch linked |
|
lp:~james-page/ubuntu/wily/juju-core/mir-fixes |
|
| 2015-10-10 17:48:44 |
James Page |
bug task added |
|
golang-github-bmizerany-pat (Ubuntu) |
|
| 2015-10-10 17:49:03 |
James Page |
bug task added |
|
golang-go-dbus (Ubuntu) |
|
| 2015-10-10 17:49:13 |
James Page |
bug task added |
|
golang-go.crypto (Ubuntu) |
|
| 2015-10-10 17:49:35 |
James Page |
bug task added |
|
golang-go.net-dev (Ubuntu) |
|
| 2015-10-10 17:49:48 |
James Page |
bug task added |
|
golang-goyaml (Ubuntu) |
|
| 2015-10-10 17:50:14 |
James Page |
bug task added |
|
golang-juju-loggo (Ubuntu) |
|
| 2015-10-10 17:51:00 |
James Page |
bug task added |
|
golang-github-bmizerany-assert (Ubuntu) |
|
| 2015-10-10 17:51:16 |
James Page |
bug task added |
|
dh-golang (Ubuntu) |
|
| 2015-10-10 18:04:04 |
James Page |
bug task added |
|
golang-gocheck (Ubuntu) |
|
| 2015-10-10 18:12:08 |
James Page |
bug task added |
|
golang-check.v1 (Ubuntu) |
|
| 2015-10-10 18:28:09 |
James Page |
cve linked |
|
2014-7189 |
|
| 2015-10-10 18:35:24 |
James Page |
golang-gocheck (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-10 18:35:34 |
James Page |
golang-goyaml (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-10 18:41:32 |
James Page |
juju-mongodb (Ubuntu): status |
Incomplete |
New |
|
| 2015-10-13 14:57:03 |
Jamie Strandboge |
golang-go.crypto (Ubuntu): assignee |
|
Jamie Strandboge (jdstrand) |
|
| 2015-10-13 16:48:33 |
Michael Terry |
dh-golang (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-13 17:04:26 |
Michael Terry |
golang-github-bmizerany-assert (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-13 17:13:00 |
Michael Terry |
golang-github-bmizerany-pat (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-13 17:21:27 |
Michael Terry |
golang-check.v1 (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-13 17:52:44 |
Michael Terry |
bug task added |
|
golang-x-text (Ubuntu) |
|
| 2015-10-13 18:00:22 |
Michael Terry |
golang-x-text (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-13 18:11:01 |
Michael Terry |
golang-go.net-dev (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-13 18:24:28 |
Michael Terry |
golang-juju-loggo (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-13 18:46:43 |
Michael Terry |
golang-go-dbus (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-13 18:49:52 |
Michael Terry |
golang (Ubuntu): status |
Incomplete |
New |
|
| 2015-10-13 18:49:52 |
Michael Terry |
golang (Ubuntu): assignee |
|
Matthias Klose (doko) |
|
| 2015-10-13 18:50:11 |
Michael Terry |
juju-core (Ubuntu): assignee |
|
Matthias Klose (doko) |
|
| 2015-10-13 18:50:25 |
Michael Terry |
juju-mongodb (Ubuntu): assignee |
|
Matthias Klose (doko) |
|
| 2015-10-15 09:01:41 |
Matthias Klose |
gccgo-go (Ubuntu): assignee |
Matthias Klose (doko) |
|
|
| 2015-10-16 13:09:20 |
Matthias Klose |
golang (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-16 13:09:20 |
Matthias Klose |
golang (Ubuntu): assignee |
Matthias Klose (doko) |
|
|
| 2015-10-16 13:25:23 |
Matthias Klose |
juju-core (Ubuntu): status |
Confirmed |
Triaged |
|
| 2015-10-16 14:26:23 |
Matthias Klose |
juju-mongodb (Ubuntu): assignee |
Matthias Klose (doko) |
Ubuntu Security Team (ubuntu-security) |
|
| 2015-10-16 14:28:33 |
Matthias Klose |
dh-golang (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-16 17:05:54 |
Jamie Strandboge |
juju-mongodb (Ubuntu): status |
New |
Incomplete |
|
| 2015-10-16 17:05:54 |
Jamie Strandboge |
juju-mongodb (Ubuntu): assignee |
Ubuntu Security Team (ubuntu-security) |
|
|
| 2015-10-16 17:28:47 |
Jamie Strandboge |
golang-go.crypto (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-16 17:28:47 |
Jamie Strandboge |
golang-go.crypto (Ubuntu): assignee |
Jamie Strandboge (jdstrand) |
|
|
| 2015-10-16 17:32:31 |
Jamie Strandboge |
golang-go.crypto (Ubuntu): status |
Fix Committed |
Incomplete |
|
| 2015-10-16 17:36:17 |
Jamie Strandboge |
golang-go-dbus (Ubuntu): status |
Incomplete |
Fix Committed |
|
| 2015-10-16 17:37:31 |
Jamie Strandboge |
golang-github-bmizerany-assert (Ubuntu): status |
Incomplete |
Fix Committed |
|
| 2015-10-16 18:02:12 |
Curtis Hovey |
bug |
|
|
added subscriber Curtis Hovey |
| 2015-10-16 18:02:19 |
Steve Langasek |
juju-mongodb (Ubuntu): status |
Incomplete |
New |
|
| 2015-10-16 18:43:52 |
Jamie Strandboge |
juju-core (Ubuntu): status |
Triaged |
Incomplete |
|
| 2015-10-16 18:55:30 |
Jamie Strandboge |
golang (Ubuntu): status |
Incomplete |
Fix Committed |
|
| 2015-10-16 19:05:55 |
Jamie Strandboge |
juju-mongodb (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-16 19:13:07 |
Jamie Strandboge |
golang-juju-loggo (Ubuntu): status |
Incomplete |
Fix Committed |
|
| 2015-10-16 20:22:48 |
Steve Langasek |
golang (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-16 20:28:30 |
Steve Langasek |
golang-check.v1 (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-16 23:44:14 |
Steve Langasek |
juju-mongodb (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-17 14:29:00 |
Jamie Strandboge |
golang-go.crypto (Ubuntu): status |
Incomplete |
Fix Committed |
|
| 2015-10-17 14:32:25 |
Jamie Strandboge |
golang-gocheck (Ubuntu): status |
Incomplete |
Won't Fix |
|
| 2015-10-17 14:32:37 |
Jamie Strandboge |
golang-goyaml (Ubuntu): status |
Incomplete |
Won't Fix |
|
| 2015-10-19 21:46:50 |
James Page |
golang-x-text (Ubuntu): status |
Incomplete |
New |
|
| 2015-10-19 21:48:01 |
James Page |
juju-core (Ubuntu): status |
Incomplete |
New |
|
| 2015-10-20 09:33:51 |
James Page |
bug task added |
|
golang-golang-x-net-dev (Ubuntu) |
|
| 2015-10-20 09:36:12 |
James Page |
bug task added |
|
golang-pretty (Ubuntu) |
|
| 2015-10-20 09:36:29 |
James Page |
bug task added |
|
golang-text (Ubuntu) |
|
| 2015-10-20 09:56:54 |
Martin Pitt |
golang-go.net-dev (Ubuntu): status |
Fix Committed |
Won't Fix |
|
| 2015-10-20 09:57:08 |
Martin Pitt |
golang-golang-x-net-dev (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-20 14:28:41 |
Jamie Strandboge |
juju-core (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-20 14:28:41 |
Jamie Strandboge |
juju-core (Ubuntu): assignee |
Matthias Klose (doko) |
|
|
| 2015-10-20 14:30:16 |
Jamie Strandboge |
golang-x-text (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-20 14:41:10 |
Jamie Strandboge |
golang-pretty (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-20 14:44:03 |
Jamie Strandboge |
golang-text (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-20 14:46:47 |
Jamie Strandboge |
juju-core (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:07:21 |
Jamie Strandboge |
golang-juju-loggo (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:07:34 |
Jamie Strandboge |
golang-github-bmizerany-assert (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:07:46 |
Jamie Strandboge |
golang-github-bmizerany-pat (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:08:02 |
Jamie Strandboge |
golang-go-dbus (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:09:28 |
Jamie Strandboge |
golang-go.crypto (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:09:45 |
Jamie Strandboge |
golang-golang-x-net-dev (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:10:02 |
Jamie Strandboge |
golang-pretty (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:10:16 |
Jamie Strandboge |
golang-text (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:10:30 |
Jamie Strandboge |
golang-x-text (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-10-20 15:23:27 |
Jamie Strandboge |
bug task added |
|
golang-race-detector-runtime (Ubuntu) |
|
| 2015-10-20 15:24:20 |
Jamie Strandboge |
golang-race-detector-runtime (Ubuntu): status |
New |
Fix Committed |
|
| 2015-10-20 15:26:01 |
Jamie Strandboge |
golang-race-detector-runtime (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2015-12-27 02:44:27 |
Mathew Hodson |
bug task deleted |
golang-go.net-dev (Ubuntu) |
|
|
| 2015-12-27 02:48:32 |
Mathew Hodson |
bug task deleted |
gccgo-go (Ubuntu) |
|
|
