RFE: use patchwork to submit a patch

Daniel Axtens dja at axtens.net
Fri Oct 11 08:38:49 AEDT 2019

Hi Konstantin,

tl;dr: I think a git-to-email bridge is a good step. I'm not sure why
patchwork would be the thing to build it on top of, and I'm worried that
it would slow us both down. I'm very open to being convinced though.

> I would like to propose a new (large) feature to patchwork with the goal 
> to make the process of submitting a patch easier for newbies and people 
> generally less familiar with patch-based development. This was discussed 
> previously on the workflows list: 
> https://lore.kernel.org/workflows/20190930202451.GA14403@pure.paranoia.local/
> How I envision this would work:
If I understand correctly, you're using Patchwork as:

> - user creates an account (which requires a mail confirmation)

 a) an identity provider, and

> - they choose a "submit patch" option from the menu
> - the patch submission screen has a succession of screens:
>   1. a screen with a single field allowing a user to paste a URL to 
>      their fork of the git repository. Once submitted, patchwork does a 
>      "git ls-remote" to attempt to get a list of refs and to verify that 
>      this is indeed a valid git repository
>   2. next screen asks the user to select the ref to work from using the 
>      list obtained from the remote. Once submitted, patchwork performs a 
>      `git clone --reference` to clone the repository locally using a 
>      local fork of the same repo to minimize object transfer. This part 
>      requires that:
>        a. patchwork project is configured with a path to a local fork, 
>           if this feature is enabled for a project

 b) a way to integrate with existing concepts of a project and keep
    metadata about them in 1 place

>        b. that fork is kept current via some mechanism outside of 
>           patchwork (e.g. with grokmirror)
>        c. there is some sanity-checking during the clone process to 
>           avoid abuse (e.g. a sane timeout, a tmpdir with limited size, 
>           etc -- other suggestions welcome)
>   3. next screen asks the user to pick a starting commit from the log.  
>      Once submitted, patchwork generates the patch from the commit 
>      provided to the tip of the branch selected by the user earlier,
>      using git format-patch.
>   4. next screen asks the user to review the patch to make sure this is 
>      what they want to submit. Once confirmed, patchwork performs two 
>      admin-defined optional hooks:
>        a. a hook to generate a list of cc's (e.g. get_maintainer.pl)
>        b. a sanity check hook (e.g. checkpatch.pl)
>   5. if sanity checking is defined, next screen shows the output of the 
>      sanity check hook, asking confirmation to proceed.
>   6. next screen shows the user three fields:
>        a. title of the patch/series
>        b. cover letter for the patch/series
>        c. message-id of the previous patch revision (can be picked from 
>           the list of previously submitted series by this user -- 
>           patchwork should have them already)

 c) a handy tool for getting previous series by a given user.

>        d. number of the revision (can be auto-filled if previous field 
>           is provided) and other tags to include in []
>   7. next screen shows final review of what would be sent out to the 
>      list (and cc's, if the hook to get cc's is defined and returned any 
>      results). Once submitted, patchwork sends the patch/series using 
>      patchwork's envelope-from and the user's own email in the From: 
>      header.

 d) a 'trusted' source of email.

Is that right? I just ask because this idea seems a long way from what
Patchwork traditionally does. That's not necessarily bad, I just want to
make sure I understand, and that if you get funding you're not tying
yourself to a platform that doesn't suit your needs.

I'm particularly curious about Patchwork as (a) an identity
provider. You wrote:

> - user creates an account (which requires a mail confirmation)

This seems like "optional centralising" on Patchwork - it becomes a
central identity provider but it's optional in that you can just send
email directly if you prefer.

If you're going to do 'lightweight' centralisation like that, why not do
it on a platform that already understands git? It's really easy to
extract the information you describe in (c) just by querying the
patchwork API. You don't need to actually integrate into patchwork, or
be logged in, to do that. You lose the ability to load any git remote,
but if you have a git remote that isn't github or gitlab, you probably
already have a good email flow (e.g. if you repo is on kernel.org).

If you really want to use Patchwork as an identity provider, rather than
a forge, could we just teach Patchwork how to be an identity broker, and
then build things separately, authenticating through Patchwork to
confirm a user's identity? That means you could build in whatever
language you like and, critically, run on whatever deployment schedule
you want. You could also get much better isolation that way, which would
be good - I don't want an RCE in the git library to allow someone to
wipe out all patchwork data, for example.

> I know this is a pretty big RFE, and I would like to hear your thoughts 
> about this. If there is general agreement that this is doable/good idea, 
> I may be able to come up with funding for this development as part of 
> the overall tooling improvement proposal.

As I said up top, I'm not opposed to this per se. I think a git-to-email
bridge is a good step. I'm just confused as to why patchwork would be
the thing to build it on top of, and I'm worried about how you'd deploy
and update this extended Patchwork. I'm very open to being convinced


More information about the Patchwork mailing list