On 14-04-07 08:47 PM, Steve Langasek wrote: > On Sat, Apr 05, 2014 at 09:07:10AM -0400, Marc Deslauriers wrote: > >>> I think we can at least set the following high level requirements: >>> - Uploaders must be Ubuntu members and have signed the CoC (I'd have >>> been tempted to require ~ubuntu-dev but that'd mean pretty much nobody >>> on the Kylin team would be able to upload...) >>> - Packages must be built on the same infrastructure as Ubuntu, using >>> the same builder pool and build chroots. >>> - The result must be signed by a GPG key managed by Canonical (not >>> provided to the Kylin team) within the Canonical infrastructure. >>> - That GPG key must be separate from any other key currently in use and >>> should be (not a hard requirement for 14.04) signed by the archive >>> master key. >>> - Distribution will be done through a server managed by the Kylin team >>> which will get its content from a private server on Canonical's network. > >>> That should leave enough room for implementation details to be decided >>> by the relevant teams (Launchpad, IS, Kylin) while enforcing the bits I >>> actually care about. > >> Can we add to the requirements that the packages in the repository must >> adhere >> to the Extension Repository Policy (or perhaps a slightly adjusted version)? > > This has also been captured at > <https://wiki.ubuntu.com/Ubuntu%20Kylin/Ubuntu%20Kylin%20Archive>. > Currently, it's written as: > > Packages in the repository must adhere to the Extension Repository Policy. > If there is any exception, there should be a request to Ubuntu Technical > Board. > > I think we should drop the second sentence: there should never be exceptions > to the Extension Repository Policy here, but the TB can amend that policy as > necessary, so it's redundant to spell this out here. >
+1 for dropping the second sentence. Marc. -- technical-board mailing list technical-board@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/technical-board
