Upstreaming downstream Google BMC repositories

Ed Tanous edtanous at google.com
Fri Jan 8 08:20:00 AEDT 2021 

On Thu, Jan 7, 2021 at 10:26 AM Paul Menzel <pmenzel at molgen.mpg.de> wrote:
>
>
> Dear Benjamin,
>
>
> Am 07.01.21 um 18:33 schrieb Benjamin Fair:
>
> > On Thu, 7 Jan 2021 at 00:09, Paul Menzel <pmenzel at molgen.mpg.de> wrote:
>
> >> Am 07.01.21 um 02:49 schrieb Brandon Kim:
> >>
> >>> We're exploring ways of upstreaming some of the downstream repositories
> >>> from Google to openbmc/* .
> >>>
> >>> Half, if not most of the downstream repositories are C++ daemons that are
> >>> specific to Google so we didn't want to create a bunch of new
> >>> openbmc/<repo> that no one would use.
> >>>
> >>> An idea that Ed gave me was having something like openbmc/google-misc
> >>> repository for all these repositories and if there are any that seem useful
> >>> to others, we can break it out into a different, separate repository in
> >>> openbmc/* layer.
> >>>
> >>> Please let me know if this seems like a good idea and I'm open to other
> >>> suggestions!
> >>
> >> Thank you very much for putting in the effort to make these repositories
> >> public.
> >>
> >> Using the openbmc/google-misc approach, how would the git history
> >> (commit log) be handled?
> >>
> >> Personally, I would prefer having small repositories as git makes that
> >> very easy to handle. Also it might save you time, as you do not have to
> >> think about what to do with the git history, and do not have to merge it.
> >
> > We would most likely squash the history together, in case there's
> > something confidential or private in the earlier commits.
>
> Understood. If that could be avoided, and only the confidential stuff
> removed, that would be great, as the git history gives a lot of insight
> into design decisions.

It should be noted, there isn't really much git history to speak of
for the things we're looking at pushing.  The intent was that we'd
write good descriptive commit messages when each piece was pushed.
With that said, I very much suspect that these things won't be
terribly useful outside of google.  If they are useful outside of
google-built systems, they really don't belong in meta-google or
google-misc.

Some examples of things that would go in this repository.
1. The google public keys/certs.  I would hope that non-google systems
are using their own root certificates.
2. Disabling of ssh login flows.  This is done in a very specific way
that requires interfacing with out of network components and protocols
that are specific to our systems.  I'd be surprised if anyone found
this useful.
3. In-band telemetry code implementing interfaces for interfacing to
google infrastructure.  These haven't been built yet, but will likely
be a translation from the public facing APIs (Dbus/redfish/ipmi) to
interface them to google infrastructure.  it's unlikely anyone else
would use this.

>
> > Many small repos would be easy to handle for us, but OpenBMC may not
> > want to have lots of small Google-specific repos in their org as this
> > may make it more cumbersome for others to find the relevant repos that
> > they're interested in.
>
> Understood. On the other, with small repositories, they can only use the
> parts they need.

See above, if there are pieces that people want to use on non-google
systems, they don't belong in meta-google.  With that said, your
statement is incorrect, recipes are not required to be 1:1 with
repositories.  Multiple recipes can point at subfolders of the same
repository, allowing you to "use the parts they need" by simply adding
recipes.  With that said, this is not the intent, and I would much
rather move code to a more common layer (meta-phosphor for example)
rather than have non google systems including meta-google in their
bblayers.conf.

>
> > There's also overhead for the project maintainers to create the
> > relevant groups and permissions for each new repo.
> Please note, that Without knowing the contents of the repositories and
> the size, this is all just my opinion. If the OpenBMC “admins“ can
> easily create several repositories, I’d prefer that route.

Today creating new repos is non-trivial, and IMO we already have too
many of them, which is causing a lot of thrash.  I'd really like to
see us start consolidating some of these (see my patches to
consolidate all the meta-layers into openbmc/openbmc with the owners
plugin)

> If it’s too
> much work for them, their preference should be chosen.
>
>
> Kind regards,
>
> Paul

More information about the openbmc mailing list