MRE for juju-core/juju-mongodb

[James Page]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Technical Board

Despite the fact that juju-core will not be able to enter main this
cycle (see [0] for context), the Canonical Server Team still need to
be able to maintain it in its universe home for the duration of 14.04.

Since 1.16 upstream juju-core have maintained a stable branch with
critical changes and bug fixes only; we’ve been pushing these point
releases into Saucy with full testing of each fixed bug which has
worked out OK so-far (note that 1.16.6 is still pending acceptance
into -proposed for saucy as I've not had time to document test cases
in full just yet).

We’d like to apply for a MRE for juju-core and juju-mongodb to support
this maintenance approach.

We’d also like to ask for permission to introduce new stable releases
of juju-core into 14.04 using versioned packages at a later date.

1) juju-core MRE

Upstream maintain stable branches with critical bug fixes; All
juju-core releases must pass the full set of CI tests upstream prior
to release; this includes testing on most supported providers (ec2,
openstack, azure, local, HP, manual, restrictive and closed network)
for all supported Ubuntu releases up to and including 14.04.  Stable
to stable release upgrades of juju-core itself are also tested as part
of this process. The tarball used in the tests is the tarball used in
the release.

One gap exists in juju-core upstream testing - MAAS provider testing.
 The Canonical Server Team will undertake testing of this as part of
the SRU process in the short term.  The juju-core CI team are working
to plug this gap in upstream testing.

2) juju-mongodb MRE

This package is a cut down version of mongodb which just provides
binaries for juju-core to use; Currently its based on the 2.4.x series
of MongoDB.

MongoDB upstream maintain even point releases as stable releases which
only receive bug fixes as part of minor point releases (see [1] for an
example).  That said, stable releases are only maintained for 18->24
months (obviously counter to the 5 year support period for 14.04).
For this reason, we’d also like permission to introduce new stable
versions of MongoDB via this package in the future.

This process would be done in-conjunction with juju-core upstream to
ensure compatibility and facilitate testing and would probably be done
under an exceptional SRU with extended testing after the release of
the new upstream version on MongoDB in juju-mongodb as part of an
interim Ubuntu release.

The package build runs the upstream unit test suite minus the script
engine tests - the package builds with scripting disabled to avoid use
of libv8 - this was requested by the Security Team during the start of
the work to support the MIR for juju-core.

3) New juju-core packages

In addition to maintaining the stable release version of juju-core in
14.04, we’d also like to include new stable releases using versioned
packages.  These would be aligned to each upstream stable release of
juju-core.

This will allow 14.04 users easier access to new stable releases than
trying to figure out which PPA they should be using to get the latest
stable release (and features):

   sudo apt-get install juju-core-4

This approach is similar to that taken for HWE kernels and Xorg during
the 12.04 lifecycle.

In terms of backwards compatibility, we would not introduce a stable
release which was not backwards compatible from the client to the
release version of juju-core in 14.04 (1.18) on running servers.

Regards

James

[0] https://bugs.launchpad.net/ubuntu/+source/juju-core/+bug/1267393
[1] http://docs.mongodb.org/manual/release-notes/2.4/

- -- 
James Page
Ubuntu and Debian Developer
james.page at ubuntu.com
jamespage at debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTPrJDAAoJEL/srsug59jD3psQAKPUVaHKrpbpnt1QHHat3pee
Y53eKdRinpXXHfVZRJEddkhIG4KMXZULGkiq2oYnN0rYomBpJRGZsTvxMxsIV0A8
fYooJItbtocQBhX/Y+w1lWzJbJFpiULpzZ1w35YG6CX4wz43woyQEmINaJ6145xE
Nzaxz/v/ANm3ZXJ7uHohF/a+UViwWgCRaHsR9IWAQsxiFGxgRaTJIoPEeMSJbOMB
qlz2mEHw1QYtkR4V4sSgYo6rRMapd9uwfEPRqXg5D6DvFVbPBkOVIS5e9UfN9MJe
4OoDZ3k33uM0O7giZz8EVhG1pmPuIdmYlsg90rPpOjeATG1utNSEGlk/zStPralQ
h1GMvfNctt8UF2LExlN+uORbBuXhscScxLEC0kJjpiXK/DhXF06l4oZbP2Klv7tJ
deNWrTfBy3nnCWVkpvuLW/75OCuqt07vkWgvlLtCUCocqDZC/xgCOrOt+BgGWGHV
rt+RWEsRt9gvObMbVM7c4SVIC5xvWd+oC86NZnaq3rkSdg+6eiE+AHqAF4TXu9KA
KT33c00q8CzwP5GjhcehPd2lmHk0h1TZ17/F3tXWsFjlcdUWhdk8XImLiheMNfYC
k3SOn1hIJjMi1yNbh1F0YyEvoWHGZVknmUK4Hx4ao0W5FsngmqZbqV9bDcbMo+k6
6VV76vUI/ir+ca6zmpPY
=EIAI
-----END PGP SIGNATURE-----