please make it python 3, yes. there's no reason to have anything python 2 specific at this point. of course you can write it to work with both if you like. :)

@dmach is there someone from DNF side who can help with this project - recommending the best ways to do things, and adding features to dnf/libdnf if required? It's quite important that this script be ported to dnf if yum is going away soon.

@adamwill Frantisek is sitting next to our cubicle, he can always stop by and ask for help.
BTW, isn't this a duplicate work to rpmdeplint?

@dmach Here's a bug that prevents us from using rpmdeplint:
https://bugzilla.redhat.com/show_bug.cgi?id=1562029

Also, I recently sent a list of documented use cases to @dmach for a potential replacement tool for rpmdeplint, and it contains a use case for this particular check as well. If there is such a tool, we can ditch our custom poorly-functioning scripts, and that would be nice :-)

Let's say this is potentially duplicate with rpmdeplint. The requirements for this tool are basically: tell us whether there are any packages which appear to have file conflicts, but do not have explicit package conflicts, on a DVD ISO. Exit 1 if so, 0 if not. So, it's a check for this test case. If we can make rpmdeplint do that, great.

I've pushed updated version of this.

• It's python 3

• File conflicts are implemented (code taken/modified from rpmdeplint)

• Results are similar to original yum version

Compared to original yum script it has following regressions:

• Checking prco range between packages is based only on unversioned provides/conflicts/obsoletes/requires (this doesn't seem to be a big issue though)

• Checking file conflicts is done on entire rpm archives, not just on headers - not a big issue for our use case, run times are worse only for remote repositories and it's nothing horrible

@adamwill , WDYT?

"Checking prco range between packages is based only on unversioned provides/conflicts/obsoletes/requires (this doesn't seem to be a big issue though)"

Not quite grokking this. Do you mean versioned provides/requires/conflicts/obsoletes are ignored? Or just the version component is ignored and they're treated as if they were unversioned?

I can see potential problems either way. If versioned ones are ignored, we could get false failures: if 'foo' conflicts with 'bar > 1.0', and the DVD contains foo and bar-2.0, and there's a file conflict between those two packages, the script may report a file conflict without a package conflict when really there is a package conflict and it's fine.

OTOH, if the version component is ignored, what if 'foo' conflicts with 'bar < 2.0', but the DVD contains foo and bar-2.0 and there is a file conflict between them? The script will suggest that things are fine because there's a package conflict between foo and bar, but really things are not fine because the conflict will not take effect due to the version restriction...

I'll let Frantisek reply, but just note that the existing yum-based script is broken as well. It detects file conflicts in packages that explicitly conflict with each other. So even if the first case you described was true, it's still wouldn't make the situation worse - for everything reported we'd need to manually check whether it really applies (the same way we had to in the past). We need to avoid the second case - silencing an actual problem. (And I'm not sure the existing script doesn't fail in this case as well - we can try with rpmfluff).

Edit: Actually I might be wrong about the existing script and misunderstood the "Package conflicts" vs "File conflicts" section (for all that time).

I don't believe the existing script does do that, actually. Or at least, it doesn't show them. Here's how it is there:

for (fn, pkglist) in filedict.iteritems():
    #print '%d checking on %s ...' % (count, fn),
    if (pkg_names_match(pkglist) or
        sourcerpms_match(pkglist) or
        obsolete_each_other(pkglist)):
        pass
    elif package_conflict(pkglist):
        strlist = sorted([str(p) for p in pkglist])
        package_conflicts.add('\n'.join(strlist))
    elif file_conflict(fn, pkglist):
        found += 1
        confdict[fn] = pkglist
...
print "%u file conflicts found." % len(confdict)
print "%u package conflicts found." % len(package_conflicts)

Note the elifs. It looks for a package conflict first; if it finds one, it will never proceed to looking for a file conflict; it only looks for and stores file conflicts when no package conflict is found.

Of course, I may be missing something...

Note the elifs. It looks for a package conflict first; if it finds one, it will never proceed to looking for a file conflict; it only looks for and stores file conflicts when no package conflict is found.

You are right, if it finds package conflict, it skips detecting the file conflicts. Just now, I've found there actually are information about versioned prco, just everything is in one string, sigh. I should be able to parse that pretty easily (by just dividing the string if there is either <, >, <=, >=, =, using first part as name of prco, sign, and second part as a version info).

More difficult/prone to mistakes is going to be implementing something like rpmRangeCompare (which I've found out today is actually a part of yum :/ ).

Regarding the old yum script, I've mixed package conflicts with file conflicts, @kparal sorry for misleading you :)

I've added parser of prco string (and two functions from yum: rangeCompare, compareEVR) to try digging out evr from them.

Comparing to the old script, on Server DVD repo, it's still missing two explicit package conflicts, I'll try to look into it tomorrow:

== Package conflicts ==
2:docker-common-1.13.1-66.git1185cfd.fc30.x86_64
moby-engine-18.06.3-2.ce.gitd7080c1.fc30.x86_64

2:docker-1.13.1-66.git1185cfd.fc30.x86_64
moby-engine-18.06.3-2.ce.gitd7080c1.fc30.x86_64

Okay,

I've added some fixes and now, on my test set (F30 Server DVD repo and rpmfusion-nonfree), the script from this PR produces the same results as the old one, yay!

There is one ugly thing remaining though, check line 458 . I am confident with using the script as is with that hacky workaround, but I'd understand if you weren't :)

https://pagure.io/fedora-qa/qa-misc/blob/6658e4a2ae1ed26bfe222c966a3d80a7e67b6f56/f/potential_conflict.py#_458

Nevermind, fixed that :)

    # /usr/lib/.build-id seems to be causing whole lot of false positives, so just skip it
    if fn == "/usr/lib/.build-id":
        continue

So, it should be ready for review now.

Thanks a lot!

Just as a note, DNF guys are continually threatening to take this (hawkey.split_nevra) away from us :/ See e.g. here. But hey, the more things we have using it, the louder we can tell them no!

you could probably do the above slightly more neatly using a dict, but meh, it's not long enough to really hurt.

you can do the above a bit more neatly, for style points: p1_data = getattr(p1, prcotype)

Just as a note, DNF guys are continually threatening to take this (hawkey.split_nevra) away from us :/ See e.g. here. But hey, the more things we have using it, the louder we can tell them no!

Yeah, we've talked about that. If I remember correctly, there should be some replacement available before they remove it.

Apart from that, I forgot to mention (possible) regression compared to the old yum script: this one strips architecture information from prco. So, something like 'pcre2(x86-64)-10.21-4' is treated as if it was 'pcre2-10.21-4.noarch'. I am not sure the old script handled that properly at all though.

if you want to be rigorous about it you could set up logging properly and make this a debug log statement or something...

is this comment still accurate for the new code? if not, remove it...

why is this included but commented out?

again, why is the 'a' stuff included but commented out?

is this the workaround you added for .build-id? if so, is it still needed now you skip that file?

can you run pylint-3 on the file and fix some of the issues? we probably can ignore the variable naming complaints for a single-file script, but most of the other things can probably be fixed. as some of them may be inherited, maybe do it in a second commit.

aside from that and the comments above this looks good to my eyeballs...perhaps @jskladan or @tflink could provide a second opinion. I'll try and run it over a few other ISOs I have lying around later today.

Okay, thanks for the review. I'll look on logging later today, should I use it just for the debug level or for all logging (eg. replace printing completely)?

'a' stuff shouldn't have been there at all, it originated from example from dnf documentation, I'd commented it out and forgot about it.

Everything should be addressed apart from logging and pylint.

Logging is kinda an optional extra, I wouldn't block the review on it...it's not super important for a single file script. Commented-out prints just make me itch a bit. :P So I wouldn't worry about it really.

So, I've added some fixes as suggested by pylint. The last item that seems important is replacing optparse with argparse.

It looks like it's not a drop-in replacement. I think I can do that later together with logging stuff, but if you prefer to have it done before merging, I'll look into that tomorrow.

Nah, I think doing that as a follow-up would be fine, this looks mergeable now; I'll test it out a bit and merge it if I find no problems. Thanks a lot!

Just as a note, DNF guys are continually threatening to take this (hawkey.split_nevra) away from us :/ See e.g. here. But hey, the more things we have using it, the louder we can tell them no!

Yeah, we've talked about that. If I remember correctly, there should be some replacement available before they remove it.
Apart from that, I forgot to mention (possible) regression compared to the old yum script: this one strips architecture information from prco. So, something like 'pcre2(x86-64)-10.21-4' is treated as if it was 'pcre2-10.21-4.noarch'. I am not sure the old script handled that properly at all though.

Oh, I forgot to reply to this - thanks for pointing it up, I agree we can live with it though. I would guess it's very rarely gonna be an issue, and I also don't know if the old version handled it correctly either. The result of this script is always gonna be something a human should check the details of anyway, so...I think it's OK.

Oh, there's one pylint issue you missed:

potential_conflict.py:314:8: W0612: Unused variable 'e' (unused-variable)

indeed, you assign the exception as e but then don't actually use it.

oh, couple other minor things. Another pylint one:

potential_conflict.py:68:5: W0621: Redefining name 'opts' from outer scope (line 332) (redefined-outer-name)

this is basically because you're doing all the main work of the script just at the top level - defining opts at that level means the opts that the parseArgs() function deals with is actually that same object. In practice with this particular code I don't think that'll cause any problems, but it is slightly weird. One way to avoid this is to put all that work in a function called e.g. main() and then do this at the top level:

if __name__ == '__main__':
    main()

then the definition of opts would be inside the main() function, so it wouldn't be a global any more. (This would also shut up a lot of the warnings about incorrect global variable names, as they wouldn't be global any more). Again this probably isn't practically causing any problems, but it's probably a good idea to follow typical style.

There are also a couple of missing function doc strings it wouldn't hurt to add, for parseArgs() and compareEVR().

Also, in (opts, cruft) = parseArgs() - normal style there would be (opts, _) = parseArgs(), the convention for Python is that you give a variable you are forced to accept but aren't going to use the name _. Or, better, you could just not have parseArgs return args at all, if you don't intend to use it.

when you use --repofrompath for a local path, this seems to just print 'None'.

Results for F30 Beta Server DVD ISO (Fedora-Server-dvd-x86_64-30_Beta-1.8.iso) are not quite the same: the old script found two conflicting files (/etc/sysconfig/docker and /usr/bin/docker) but the new finds only /etc/sysconfig/docker. Not sure why that is right now.

Found a bug testing on an F29 Beta ISO, Fedora-Server-dvd-x86_64-29_Beta-1.4.iso : it crashes on the second attempt at hawkey.split_nevra. The first string it tries is "apr-1.3.0.noarch"; the second string it tries is "apr(x86-64)-1.3.0-1.noarch". So it seems when we get a case like this with the arch, it doesn't just get ignored, it actually breaks stuff. That needs fixing somehow...

Results for F30 Beta Server DVD ISO (Fedora-Server-dvd-x86_64-30_Beta-1.8.iso) are not quite the same: the old script found two conflicting files (/etc/sysconfig/docker and /usr/bin/docker) but the new finds only /etc/sysconfig/docker. Not sure why that is right now.

That seems to be because colors differ (so, packages should be installable side by side, were they conflicting only on this file). This evaluates as True for /usr/bin/docker between moby-engine-18.06.3-1.ce.gitd7080c1.fc30.x86_64.rpm and docker-common-1.13.1-65.git1185cfd.fc30.x86_64.rpm:

left_files[filename].color != right_files[filename].color

Found a bug testing on an F29 Beta ISO, Fedora-Server-dvd-x86_64-29_Beta-1.4.iso

Fixed, I had forgot to purge arch info on except code path.

So, problems should be fixed, feedback addressed.

While removing that unused variable, I was wondering, how to handle dnf.exceptions.DownloadError. Right now, it's probably just going to crash somewhere else. There are a few options that I can think of:

• Don't handle them at all and die horribly once download fails
• Try multiple times with some sleeping between tries, die if it had failed more times
• Second option + ignoring the package instead of dying after trying a few times

However, I suppose we are not going to use this script against a remote repo too often, so just dying on DownloadError might be the way forward?

Edit: I've updated the PR not to handle dnf.exceptions.DownloadError at all.

yeah, I think just dying on it is probably fine. Honestly, if anyone's gonna implement retry-download-on-fail it should probably be done within DNF (I think there's a bug for this).

So, for the color difference - the new script is actually correct in that case, and the old script was wrong as it didn't consider color? Is that your assessment?

yeah, I think just dying on it is probably fine. Honestly, if anyone's gonna implement retry-download-on-fail it should probably be done within DNF (I think there's a bug for this).

It's going to land soon. There are 2 PRs on librepo, we need to review them and eventually merge together.

So now this is duplicated, which I don't like. How about we rejig this whole part a bit, like this?

base_string_for_nevra = str(data[0] + "-" + data[1])
# better comment as to exactly what this is stripping, ideally with
# an example, to avoid 'regexes are write-only' syndrome
base_string_for_nevra = re.sub(r' *\([^\]]*\)', '', string_for_nevra)
string_for_nevra = base_string_for_nevra + ".noarch"
try:
    nevra = hawkey.split_nevra(string_for_nevra)
# We might be missing release
except hawkey.ValueException:
    string_for_nevra = base_string_for_nevra + "-1.noarch"
    nevra = hawkey.split_nevra(string_for_nevra)

Er, there's a deliberate mistake in the above. Finding it is left as an exercise for the reader. ;) (aka pagure won't let me edit the comment, stupid pagure)

"Place code not contained in functions into main" still doesn't move it into a function, it's just inside a conditional. So all the things defined in there are still constants. Still this isn't causing any real problems in a single file script, just a note. That's why pylint is still complaining about invalid constant names.

So now this is duplicated, which I don't like. How about we rejig this whole part a bit, like this?

Done

So, for the color difference - the new script is actually correct in that case, and the old script was > wrong as it didn't consider color? Is that your assessment?

Yes, as I understand colors, the new script should be correct. However, when I was talking with @dmach , he seemed to be not sure if the code checking colors is really correct (he didn't say it's wrong though :) ).

I can disable taking colors into account ( It's just question of commenting out lines 285-287. ) before confirming it's correct, or we can go ahead and tweak the code later if needed.

as discussed on IRC, this regex is unnecessarily complicated, all the stuff with square brackets isn't doing anything much useful. This should be sufficient:

re.sub(r' *\(.*?\)', '', base_string_for_nevra)

that strips all occurrences of "some text inside some round brackets", plus leading (but not trailing) space characters.

as for the color thing - if you're not confident it's correct yet, let's disable it for now and fix it in a follow-up commit @dmach can help review.