4e5779e124
The Linux kernel recently updated the wording of their sign-off procedure, changing the ambiguous "real name" requirement to "a known identity" and dropping "no pseudonyms". Anonymous contributions remain uncommittable [1]. As discussed in the April 19, 2023 leadership meeting, update our policy to go along with Linux and flashrom (who also updated their policy). [1] Linux kernel commit d4563201f3 (Documentation: simplify and clarify DCO contribution example language) Change-Id: Ie676334f7c1509524adcb8dbb78495fb4da35ede Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/74851 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <patrick@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@mailbox.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
440 lines
22 KiB
Markdown
440 lines
22 KiB
Markdown
coreboot Gerrit Etiquette and Guidelines
|
||
========================================
|
||
|
||
The following rules are the requirements for behavior in the coreboot
|
||
codebase in gerrit. These have mainly been unwritten rules up to this
|
||
point, and should be familiar to most users who have been active in
|
||
coreboot for a period of time. Following these rules will help reduce
|
||
friction in the community.
|
||
|
||
Note that as with many rules, there are exceptions. Some have been noted
|
||
in the 'More Detail' section. If you feel there is an exception not listed
|
||
here, please discuss it in the mailing list to get this document updated.
|
||
Don't just assume that it's okay, even if someone on IRC says it is.
|
||
|
||
|
||
Summary
|
||
-------
|
||
These are the expectations for committing, reviewing, and submitting code
|
||
into coreboot git and gerrit. While breaking individual rules may not have
|
||
immediate consequences, the coreboot leadership may act on repeated or
|
||
flagrant violations with or without notice.
|
||
|
||
* Don't violate the licenses.
|
||
* Let non-trivial patches sit in a review state for at least 24 hours
|
||
before submission.
|
||
* Try to coordinate with platform maintainers when making changes to
|
||
platforms.
|
||
* If you give a patch a -2, you are responsible for giving concrete
|
||
recommendations for what could be changed to resolve the issue the patch
|
||
addresses.
|
||
* Don't modify other people's patches without their consent.
|
||
* Be respectful to others when commenting.
|
||
* Don’t submit patches that you know will break other platforms.
|
||
|
||
|
||
More detail
|
||
-----------
|
||
* Don't violate the licenses. If you're submitting code that you didn't
|
||
write yourself, make sure the license is compatible with the license of the
|
||
project you're submitting the changes to. If you’re submitting code that
|
||
you wrote that might be owned by your employer, make sure that your
|
||
employer is aware and you are authorized to submit the code. For
|
||
clarification, see the Developer's Certificate of Origin in the coreboot
|
||
[Signed-off-by policy](#sign-off-procedure).
|
||
|
||
* In general, patches should remain open for review for at least 24 hours
|
||
since the last significant modification to the change. The purpose is to
|
||
let coreboot developers around the world have a chance to review. Complex
|
||
reworks, even if they don't change the purpose of the patch but the way
|
||
it's implemented, should restart the wait period.
|
||
|
||
* A change can go in without the wait period if its purpose is to fix
|
||
a recently-introduced issue (build, boot or OS-level compatibility, not
|
||
necessarily identified by coreboot.org facilities). Its commit message
|
||
has to explain what change introduced the problem and the nature of
|
||
the problem so that the emergency need becomes apparent. Avoid stating
|
||
something like "fix build error" in the commit summary, describe what
|
||
the commit does instead, just like any other commit. In addition, it is
|
||
recommended to reference the commit that introduced the issue. The change
|
||
itself should be as limited in scope and impact as possible to make it
|
||
simple to assess the impact. Such a change can be merged early with 3
|
||
Code-Review+2. For emergency fixes that affect a single project (SoC,
|
||
mainboard, ...) it's _strongly_ recommended to get a review by somebody
|
||
not involved with that project to ensure that the documentation of the
|
||
issue is clear enough.
|
||
|
||
* Trivial changes that deal with minor issues like inconsistencies in
|
||
whitespace or spelling fixes that don't impact the final binary output
|
||
also don't need to wait. Such changes should point out in their commit
|
||
messages how the the author verified that the binary output is identical
|
||
(e.g. a TIMELESS build for a given configuration). When submitting
|
||
such changes early, the submitter must be different from the author
|
||
and must document the intent in the Gerrit discussion, e.g. "landed the
|
||
change early because it's trivial". Note that trivial fixes shouldn't
|
||
necessarily be expedited: Just like they're not critical enough for
|
||
things to go wrong because of them, they're not critical enough to
|
||
require quick handling. This exception merely serves to acknowledge that
|
||
a round-the-world review just isn't necessary for some types of changes.
|
||
|
||
* As explained in our Code of Conduct, we try to assume the best of each
|
||
other in this community. It's okay to discuss mistakes (e.g. isolated
|
||
instances of non-trivial and non-critical changes submitted early) but
|
||
try to keep such inquiries blameless. If a change leads to problems with
|
||
our code, the focus should be on fixing the issue, not on assigning blame.
|
||
|
||
* Do not +2 patches that you authored or own, even for something as trivial
|
||
as whitespace fixes. When working on your own patches, it’s easy to
|
||
overlook something like accidentally updating file permissions or git
|
||
submodule commit IDs. Let someone else review the patch. An exception to
|
||
this would be if two people worked in the patch together. If both +2 the
|
||
patch, that is acceptable, as each is giving a +2 to the other's work.
|
||
|
||
* Try to coordinate with platform maintainers and other significant
|
||
contributors to the code when making changes to platforms. The platform
|
||
maintainers are the users who initially pushed the code for that platform,
|
||
as well as users who have made significant changes to a platform. To find
|
||
out who maintains a piece of code, please use util/scripts/maintainers.go
|
||
or refer to the original author of the code in git log.
|
||
|
||
* If you give a patch a -2, you are responsible for giving concrete
|
||
recommendations for what could be changed to resolve the issue the patch
|
||
addresses. If you feel strongly that a patch should NEVER be merged, you
|
||
are responsible for defending your position and listening to other points
|
||
of view. Giving a -2 and walking away is not acceptable, and may cause your
|
||
-2 to be removed by the coreboot leadership after no less than a week. A
|
||
notification that the -2 will be removed unless there is a response will
|
||
be sent out at least 2 days before it is removed.
|
||
|
||
* Don't modify other people's patches unless you have coordinated this with
|
||
the owner of that patch. Not only is this considered rude, but your changes
|
||
could be unintentionally lost. An exception to this would be for patches
|
||
that have not been updated for more than 90 days. In that case, the patch
|
||
can be taken over if the original author does not respond to requests for
|
||
updates. Alternatively, a new patch can be pushed with the original
|
||
content, and both patches should be updated to reference the other.
|
||
|
||
* Be respectful to others when commenting on patches. Comments should
|
||
be kept to the code, and should be kept in a polite tone. We are a
|
||
worldwide community and English is a difficult language. Assume your
|
||
colleagues are intelligent and do not intend disrespect. Resist the urge to
|
||
retaliate against perceived verbal misconduct, such behavior is not
|
||
conducive to getting patches merged.
|
||
|
||
* Don’t submit code that you know will break other platforms. If your patch
|
||
affects code that is used by other platforms, it should be compatible with
|
||
those platforms. While it would be nice to update any other platforms, you
|
||
must at least provide a path that will allow other platforms to continue
|
||
working.
|
||
|
||
Sign-off Procedure
|
||
------------------
|
||
The coreboot project employs a sign-off procedure similar to what is
|
||
used by the Linux kernel. Each gerrit commit requires a sign-off line
|
||
saying that the contributed code abides by the Developer's certificate
|
||
of origin, below.
|
||
```text
|
||
Signed-off-by: Random J Developer <random@developer.example.org>
|
||
```
|
||
|
||
Using '-s' with 'git commit' will automatically add a Signed-off-by line
|
||
to your commit message. Patches without a Signed-off-by should not be
|
||
pushed to gerrit, and will be rejected by coreboot's CI system.
|
||
|
||
You must use a known identity in the Signed-off-by line. Anonymous
|
||
contributions cannot be committed! This can be anything sufficient to
|
||
identify and contact the source of a contribution, such as your name or
|
||
an established alias/nickname. Refer to [this LKML thread] and the
|
||
[SCO-Linux disputes] for the rationale behind the DCO.
|
||
|
||
Developer's Certificate of Origin 1.1
|
||
|
||
> By making a contribution to this project, I certify that:
|
||
>
|
||
> (a) The contribution was created in whole or in part by me and I have
|
||
> the right to submit it under the open source license indicated in the
|
||
> file; or
|
||
>
|
||
> (b) The contribution is based upon previous work that, to the best of
|
||
> my knowledge, is covered under an appropriate open source license and
|
||
> I have the right under that license to submit that work with
|
||
> modifications, whether created in whole or in part by me, under the
|
||
> same open source license (unless I am permitted to submit under a
|
||
> different license), as indicated in the file; or
|
||
>
|
||
> (c) The contribution was provided directly to me by some other person
|
||
> who certified (a), (b) or (c) and I have not modified it; and
|
||
>
|
||
> (d) In the case of each of (a), (b), or (c), I understand and agree
|
||
> that this project and the contribution are public and that a record of
|
||
> the contribution (including all personal information I submit with it,
|
||
> including my sign-off) is maintained indefinitely and may be
|
||
> redistributed consistent with this project or the open source license
|
||
> indicated in the file.
|
||
|
||
Note: The [Developer's Certificate of Origin 1.1] is licensed under the
|
||
terms of the [Creative Commons Attribution-ShareAlike 2.5 License].
|
||
|
||
|
||
Recommendations for gerrit activity
|
||
-----------------------------------
|
||
These guidelines are less strict than the ones listed above. These are more
|
||
of the “good idea” variety. You are requested to follow the below
|
||
guidelines, but there will probably be no actual consequences if they’re
|
||
not followed. That said, following the recommendations below will speed up
|
||
review of your patches, and make the members of the community do less work.
|
||
|
||
* Each patch should be kept to one logical change, which should be
|
||
described in the title of the patch. Unrelated changes should be split out
|
||
into separate patches. Fixing whitespace on a line you’re editing is
|
||
reasonable. Fixing whitespace around the code you’re working on should be a
|
||
separate ‘cleanup’ patch. Larger patches that touch several areas are fine,
|
||
so long as they are one logical change. Adding new chips and doing code
|
||
cleanup over wide areas are two examples of this.
|
||
|
||
* Test your patches before submitting them to gerrit. It's also appreciated
|
||
if you add a line to the commit message describing how the patch was
|
||
tested. This prevents people from having to ask whether and how the patch
|
||
was tested. Examples of this sort of comment would be ‘TEST=Built
|
||
platform’ or ‘Tested by building and booting platform’. Stating that the
|
||
patch was not tested is also fine, although you might be asked to do some
|
||
testing in cases where that would be reasonable.
|
||
|
||
* Take advantage of the lint tools to make sure your patches don’t contain
|
||
trivial mistakes. By running ‘make gitconfig’, the lint-stable tools are
|
||
automatically put in place and will test your patches before they are
|
||
committed. As a violation of these tools will cause the jenkins build test
|
||
to fail, it’s to your advantage to test this before pushing to gerrit.
|
||
|
||
* Don't submit patch trains longer than around 20 patches unless you
|
||
understand how to manage long patch trains. Long patch trains can become
|
||
difficult to handle and tie up the build servers for long periods of time
|
||
if not managed well. Rebasing a patch train over and over as you fix
|
||
earlier patches in the train can hide comments, and make people review the
|
||
code multiple times to see if anything has changed between revisions. When
|
||
pushing long patch trains, it is recommended to only push the full patch
|
||
train once - the initial time, and only to rebase three or four patches at
|
||
a time.
|
||
|
||
* Run 'make what-jenkins-does' locally on patch trains before submitting.
|
||
This helps verify that the patch train won’t tie up the jenkins builders
|
||
for no reason if there are failing patches in the train. For running
|
||
parallel builds, you can specify the number of cores to use by setting the
|
||
the CPUS environment variable. Example:
|
||
|
||
```Bash
|
||
make what-jenkins-does CPUS=8
|
||
```
|
||
|
||
* Use a topic when pushing a train of patches. This groups the commits
|
||
together so people can easily see the connection at the top level of
|
||
gerrit. Topics can be set for individual patches in gerrit by going into
|
||
the patch and clicking on the icon next to the topic line. Topics can also
|
||
be set when you push the patches into gerrit. For example, to push a set of
|
||
commits with the i915-kernel-x60 set, use the command:
|
||
|
||
```Bash
|
||
git push origin HEAD:refs/for/master%topic=i915-kernel-x60
|
||
```
|
||
|
||
* If one of your patches isn't ready to be merged, make sure it's obvious
|
||
that you don't feel it's ready for merge yet. The preferred way to show
|
||
this is by marking in the commit message that it’s not ready until X. The
|
||
commit message can be updated easily when it’s ready to be pushed.
|
||
Examples of this are "WIP: title" or "[NEEDS_TEST]: title". Another way to
|
||
mark the patch as not ready would be to give it a -1 or -2 review, but
|
||
isn't as obvious as the commit message. These patches can also be pushed with
|
||
the wip flag:
|
||
|
||
```Bash
|
||
git push origin HEAD:refs/for/master%wip
|
||
```
|
||
|
||
* When pushing patches that are not for submission, these should be marked
|
||
as such. This can be done in the title ‘[DONOTSUBMIT]’, or can be pushed as
|
||
private changes, so that only explicitly added reviewers will see them. These
|
||
sorts of patches are frequently posted as ideas or RFCs for the community to
|
||
look at. Note that private changes can still be fetched from Gerrit by anybody
|
||
who knows their commit ID, so don't use this for sensitive changes. To push
|
||
a private change, use the command:
|
||
|
||
```Bash
|
||
git push origin HEAD:refs/for/master%private
|
||
```
|
||
|
||
* Multiple push options can be combined:
|
||
|
||
```Bash
|
||
git push origin HEAD:refs/for/master%private,wip,topic=experiment
|
||
```
|
||
|
||
* Respond to anyone who has taken the time to review your patches, even if
|
||
it's just to say that you disagree. While it may seem annoying to address a
|
||
request to fix spelling or 'trivial' issues, it’s generally easy to handle
|
||
in gerrit’s built-in editor. If you do use the built-in editor, remember to
|
||
get that change to your local copy before re-pushing. It's also acceptable
|
||
to add fixes for these sorts of comments to another patch, but it's
|
||
recommended that that patch be pushed to gerrit before the initial patch
|
||
gets submitted.
|
||
|
||
* Consider breaking up large individual patches into smaller patches
|
||
grouped by areas. This makes the patches easier to review, but increases
|
||
the number of patches. The way you want to handle this is a personal
|
||
decision, as long as each patch is still one logical change.
|
||
|
||
* If you have an interest in a particular area or mainboard, set yourself
|
||
up as a ‘maintainer’ of that area by adding yourself to the MAINTAINERS
|
||
file in the coreboot root directory. Eventually, this should automatically
|
||
add you as a reviewer when an area that you’re listed as a maintainer is
|
||
changed.
|
||
|
||
* Submit mainboards that you’re working on to the board-status repo. This
|
||
helps others and shows that these mainboards are currently being
|
||
maintained. At some point, boards that are not up to date in the
|
||
board-status repo will probably end up getting removed from the coreboot
|
||
master branch.
|
||
|
||
* Abandon patches that are no longer useful, or that you don’t intend to
|
||
keep working on to get submitted.
|
||
|
||
* Bring attention to patches that you would like reviewed. Add reviewers,
|
||
ask for reviewers on IRC or even just rebase it against the current
|
||
codebase to bring it to the top of the gerrit list. If you’re not sure who
|
||
would be a good reviewer, look in the MAINTAINERS file or git history of
|
||
the files that you’ve changed, and add those people.
|
||
|
||
* Familiarize yourself with the coreboot [commit message
|
||
guidelines](https://www.coreboot.org/Git#Commit_messages), before pushing
|
||
patches. This will help to keep annoying requests to fix your commit
|
||
message to a minimum.
|
||
|
||
* If there have been comments or discussion on a patch, verify that the
|
||
comments have been addressed before giving a +2. If you feel that a comment
|
||
is invalid, please respond to that comment instead of just ignoring it.
|
||
|
||
* Be conscientious when reviewing patches. As a reviewer who approves (+2)
|
||
a patch, you are responsible for the patch and the effect it has on the
|
||
codebase. In the event that the patch breaks things, you are expected to
|
||
be actively involved in the cleanup effort. This means you shouldn’t +2 a
|
||
patch just because you trust the author of a patch - Make sure you
|
||
understand what the implications of a patch might be, or leave the review
|
||
to others. Partial reviews, reviewing code style, for example, can be given
|
||
a +1 instead of a +2. This also applies if you think the patch looks good,
|
||
but may not have the experience to know if there may be unintended
|
||
consequences.
|
||
|
||
* If there is still ongoing discussion to a patch, try to wait for a
|
||
conclusion to the discussion before submitting it to the tree. If you feel
|
||
that someone is just bikeshedding, maybe just state that and give a time
|
||
that the patch will be submitted if no new objections are raised.
|
||
|
||
* When working with patch trains, for minor requests it’s acceptable to
|
||
create a fix addressing a comment in another patch at the end of the patch
|
||
train. This minimizes rebases of the patch train while still addressing the
|
||
request. For major problems where the change doesn’t work as intended or
|
||
breaks other platforms, the change really needs to go into the original
|
||
patch.
|
||
|
||
* When bringing in a patch from another git repo, update the original
|
||
git/gerrit tags by prepending the lines with 'Original-'. Marking
|
||
the original text this way makes it much easier to tell what changes
|
||
happened in which repository. This applies to these lines, not the actual
|
||
commit message itself:
|
||
|
||
* Commit-Id:
|
||
* Change-Id:
|
||
* Signed-off-by:
|
||
* Reviewed-on:
|
||
* Tested-by:
|
||
* Reviewed-by:
|
||
|
||
The script `util/gitconfig/rebase.sh` can be used to help automate this.
|
||
Other tags such as 'Commit-Queue' can simply be removed.
|
||
|
||
* Check if there's documentation that needs to be updated to remain current
|
||
after your change. If there's no documentation for the part of coreboot
|
||
you're working on, consider adding some.
|
||
|
||
* When contributing a significant change to core parts of the code base (such
|
||
as the boot state machine or the resource allocator), or when introducing
|
||
a new way of doing something that you think is worthwhile to apply across
|
||
the tree (e.g. board variants), please bring up your design on the [mailing
|
||
list](../community/forums.md). When changing behavior substantially, an
|
||
explanation of what changes and why may be useful to have, either in the
|
||
commit message or, if the discussion of the subject matter needs way more
|
||
space, in the documentation. Since "what we did in the past and why it isn't
|
||
appropriate anymore" isn't the most useful reading several years down the road,
|
||
such a description could be put into the release notes for the next version
|
||
(that you can find in Documentation/releases/) where it will inform people
|
||
now without cluttering up the regular documentation, and also gives a nice
|
||
shout-out to your contribution by the next release.
|
||
|
||
Expectations contributors should have
|
||
-------------------------------------
|
||
* Don't expect that people will review your patch unless you ask them to.
|
||
Adding other people as reviewers is the easiest way. Asking for reviews for
|
||
individual patches in the IRC channel, or by sending a direct request to an
|
||
individual through your favorite messenger is usually the best way to get a
|
||
patch reviewed quickly.
|
||
|
||
* Don't expect that your patch will be submitted immediately after getting
|
||
a +2. As stated previously, non-trivial patches should wait at least 24
|
||
hours before being submitted. That said, if you feel that your patch or
|
||
series of patches has been sitting longer than needed, you can ask for it
|
||
to be submitted on IRC, or comment that it's ready for submission in the
|
||
patch. This will move it to the top of the list where it's more likely to
|
||
be noticed and acted upon.
|
||
|
||
* Reviews are about the code. It's easy to take it personally when someone
|
||
is criticising your code, but the whole idea is to get better code into our
|
||
codebase. Again, this also applies in the other direction: review code,
|
||
criticize code, but don’t make it personal.
|
||
|
||
Gerrit user roles
|
||
-----------------
|
||
There are a few relevant roles a user can have on Gerrit:
|
||
|
||
- The anonymous user can check out source code.
|
||
- A registered user can also comment and give "+1" and "-1" code reviews.
|
||
- A reviewer can also give "+2" code reviews.
|
||
- A core developer can also give "-2" (that is, blocking) code reviews
|
||
and submit changes.
|
||
|
||
Anybody can register an account on our instance, using either an
|
||
OpenID provider or OAuth through GitHub or Google.
|
||
|
||
The reviewer group is still quite open: Any core developer can add
|
||
registered users to that group and should do so once some activity
|
||
(commits, code reviews, and so on) has demonstrated rough knowledge
|
||
of how we handle things.
|
||
|
||
A core developer should be sufficiently well established in the
|
||
community so that they feel comfortable when submitting good patches,
|
||
when asking for improvements to less good patches and reasonably
|
||
uncomfortable when -2'ing patches. They're typically the go-to
|
||
person for _some_ part of the coreboot tree and ideally listed as its
|
||
maintainer in our MAINTAINERS registry. To become part of this group,
|
||
a candidate developer who already demonstrated proficiency with the
|
||
code base as a reviewer should be nominated, by themselves or others,
|
||
at the regular [coreboot leadership meetings](../community/forums.md)
|
||
where a decision is made.
|
||
|
||
Core developers are expected to use their privileges for the good of the
|
||
project, which includes any of their own coreboot development but also beyond
|
||
that. They should make sure that [ready changes] don't linger around needlessly
|
||
just because their authors aren't well-connected with core developers but
|
||
submit them if they went through review and generally look reasonable. They're
|
||
also expected to help clean-up breakage as a result of their submissions.
|
||
|
||
Since the project expects some activity by core developers, long-term absence
|
||
(as in "years") can lead to removal from the group, which can easily be
|
||
reversed after they come back.
|
||
|
||
Requests for clarification and suggestions for updates to these guidelines
|
||
should be sent to the coreboot mailing list at <coreboot@coreboot.org>.
|
||
|
||
[ready changes]: https://review.coreboot.org/q/age:1d+project:coreboot+status:open+is:mergeable+label:All-Comments-Resolved%253Dok+label:Code-Review%253D2+-label:Code-Review%253C0+label:Verified%253D1+-label:Verified-1
|
||
[Developer's Certificate of Origin 1.1]: https://developercertificate.org/
|
||
[Creative Commons Attribution-ShareAlike 2.5 License]: https://creativecommons.org/licenses/by-sa/2.5/
|
||
[this LKML thread]: https://lkml.org/lkml/2004/5/23/10
|
||
[SCO-Linux disputes]: https://en.wikipedia.org/wiki/SCO%E2%80%93Linux_disputes
|