When should we ask charmers to put things in the archive instead of winging it?

Jorge O. Castro jorge at ubuntu.com
Wed Feb 15 20:06:22 UTC 2012

This subject will likely lead to a bunch of opinions but I'd like to
come to some consensus so we can have a default recommended best
practice. We've talked about this at UDS and throughout the cycle, but
we've got some experience now and I'd like to revisit this again.
Right now we like charms that install things from the archive. In fact
to become an "officially blessed" charm this is something we require.

However, getting things packaged in Debian/Ubuntu for some upstream
projects can be a monumental task. I can personally think of many
upstreams where this is a large barrier. Fortunately, with a juju
charm we can totally cheat and get around this pulling a tarball or
right from VCS and deploying that way. Worst case instead of "juju
deploy jorgesoft" I can do "juju deploy

Keeping in mind that the ability to remove deployment barriers (like
lack of packages) is a strength of juju my proposal would be this:

- If by writing a charm this enables users to use your software in a
way that lets them inspect and contribute to your charm then yeah,
have your charm deploy your pristine upstream source. It gets it out
- Medium to long term though, you'll want to be in the archive so you
can inherit the benefits, at some point you'll switch your charm to
just using the packages and (theoretically) the users wouldn't really
- Some charms have switches that let you default to packages, but
install from upstream if you want. I think we should not only
encourage this, but promote it. At some point someone somewhere is
going to want to do this anyway so by promoting having that feature in
the charm it would at least have them in the store where they can be
improved on by the community.

Currently we default to the stricter view that we want things in the
archive and that charms pulling from a VCS or a PPA or whatever are
sort of fine, but not ideal. We've had discussions about this for a
while now but from talking to projects I am starting to come to
believe that we should consider it okay if a project wants to just
install from it's pristine source if they're willing to absolve our
security and server teams of the responsibility. (I realize that last
part is tricky.)


Jorge Castro
Canonical Ltd.

More information about the Juju mailing list