 So my name is Felipe Borges. I work on the desktop team in Red Hat for a few years and I mostly work upstream on GNOME and I've been started I start to be passionate about flood packs and changing the distribution model and silverblow So yeah, I'm going to talk today about the Fedora flood packs Which are Fedora specific flood packs building Fedora infrastructure, and we are going to cover Why we are doing this and how we are doing this so the first things the first concepts I would like to cover is the anatomy of a flood pack and then Explain a bit of Fedora silverblow, and I hope everything is going to make sense in the motivation part so flood pack is an application distribution model which is based on containers and the apps are bundled inside containers so you have this runtime which is Slash user on on your classic system, which has the common libraries that would come in a Traditional image, and then you'll have the applications which ship more specialized more specialized libraries bundled with them and The greatness about this is that you don't need to target a specific version of OS And you can just target a specific version of a runtime and you can have multiple simultaneous runtimes running On your system, and we can just source the runtime to the application and that's what it works and Fedora silverblow is the other concept that made us try to create Fedora flood packs because in as you heard lots today In Fedora silverblow applications are containers, right? the basic system is pretty solid immutable and Everything you want to ship on top of it should be on a container and containers can be Potman Docker containers Fedora toolbox, which are specialized containers that the bar she spoke and flood packs You rush here because I guess you already heard a lot of Silverblow today. So why if you see the anatomy of a flood pack in practice? I'm going to I am the maintainer of non boxes upstream and the boxes has a flood pack in in flood hub and This is how the flood pack manifest looks like for boxes. So here. We pretty much just describe The build instructions and how the flood pack is composed and you can notice here on the build instructions All the the modules that are bundled together and how we need to still specify versions build systems I'm just going to go down here here. We are setting config options for you USB then here CMake specifics here. We are also passing config options and Down here. I guess we have some patched Yeah, here we are even scripting the installation because So Python Yeah, here for instance, we have Spice GTK with some patches that we are carrying on and If you look at the Fedora repositories, you'll notice that is actually a great collection of building structures for everything that Fedora maintainers have 15 years plus experience on building stuff. They have credibility. We have a security model of bringing people on the community and That's something we should be leveraging Especially because flood pack has this distributed model where you can have various repositories and if you're waiting to trust Source to flood pack a builds from flat hub Just go for it, right? One doesn't exclude the other But if you trust Fedora more and you want to try Fedora flood packs We have an alternative for you. So it's all about option and those are not mutually exclusive and And yeah, I guess If we go to flat hub, it also showed on his presentation that we have around 600 apps there and Fedora has thousands of apps and Our current registry has 50 and these I have here agnome software Recent change that actually allows you to choose the source where you're downloading our application So these are like these things I just described to you coming out to life And So here for instance, if I would do a flatback remote LS in the internet connection is gonna work and Fedora testing Yeah, here you can see everything that we have already on the Fedora repository and It's much more to come We're going to oh, sorry So how do the Fedora flood packs are composed You saw it there from the boxes manifest that flood pack builder reads that manifests with a list of source codes and just composes a flood pack container and Infidora we have modularity which allows us to group package packs together and and We can compose Application containers without using flood pack builder, but using modularity to orchestrate the build The only issue is that as I described in the beginning that the flatback has the different prefixes for for the application stuff So if I for instance would Bash and I will open a bash session inside the GNOME boxes Flatback container so here have the different icon there And if I go to LS app leave 64 to get the libraries which are bundled inside with boxes So here you can see live here to leave USB and all those things that you saw before in the manifest and These are individual that this slash app prefix while if I would go to To the Fedora project Sorry Yeah, if spec files are using live deer that should probably be resolved But many of them are not and when I'm gonna get to the details about how am I Building things you see that most of the the painful job is fixing spec files, which are not compliant to the specs and yeah, so here for instance, I will just show you a little bit how the the Fedora project The Fedora runtime looks like so if I go to user you can see the user Live 64. Ah, here we have You can see what we have inside which are the basic building blocks on the runtime that Ideally would be removed from the basic image on Fedora server blue So you're actually not having duplicated files Although OS 3 should be able to handle duplicated files as well so the way we do is that we compose them as OCI images and OCI images are containers. So We distribute them as containers the registry that Fedora project org is where Fedora containers are and the flat pack apps are there as well So how we do it? So we have a set of tools that can generate The basic modules for composing a flat pack so I'm using events for my presentation So I'm going to show you how It looks like to compose an events flat pack from the events RPM So we have this tool Fed mod and it can accept the RPM to flat pack here I can pass flat pack common which are the basic building blocks for for composing the the module and the container file and He has a very interesting option that I can pass a flat hub flag And so it is gonna copy the the permissions and all the the holes in the In the container that have been poked on events upstream on flat hub So if your application is already on flat hub you can benefit from not having to To do the discovery of what your application needs to talk to and all So events and here events is the name of the RPM package So just wait a bit. I hope the network is going to be on my side this time around So he's just going to produce two artifacts which are the basic for building Oh gosh, this is really taking a while So there we go. So we have basically these two files The container YAML file and events YAML file. I'm going to check this events YAML file And you can see it's a basic module M file from modularity has a big basic description of it And here we have the build requires which Tell the version of the runtime we are creating runtimes based on fedora versions So there'll be a fedora 30 a fedora 31 runtime and these are all based on the free desktop runtime But ideally people should be able to create runtimes and That's about here in the bottom. We have the component So if you can set this parallel from the source of boxes We are looking before and now the events one you see here that we are building events itself and then These specific libraries that are bundled together, right? So if this is a pdf reader and you need libspect for that and and so on Great thing about this we can set here the ref which can be a different branch So if your application depends on a on a version or in a branch of an rpm that That it's newer than than equivalent ease or older than this I would be able to tell evince to To use libspect from fedora 29 and that will be included in the bundle If I go to the container file though Here I have the the container permission. So I'm pretty much just telling it that you should use the certain portals it should have access to decons and Certain environmental flags that can be set And that's about it. These are the two artifacts and We use this tool called flatpack module that is going to Rebuild everything because since we are setting a different prefix everything needs to be rebuilt So we cannot just get the builds already existing and just put them together on flatpacks. Unfortunately And with flatpack module you can produce this all locally. It's going to to bring It's going to bring mock and make the local builds for you and it's going to take a while If you notice in easy and tomarch stock, they said that we still have a problem with cache because Uh We are not using os3 and and things like this So we are still rebuilding things all the time and then we have fed pkg Which is the tradition for you being using already for your normal packages and it's able to build containers now and You can build them in coaching fedora infrastructure and that's How you get something on the repository in the registry you just Need to file a body update with your build And that's about it yesterday we had this keynote speaker and she had like this african proverb about If you want to go fast go alone if you want to go far you should go together and nowadays in red hat we have Three interns working on this effort of converging rpms to flatpack myself and a few colleagues, but we are still a handful of people and imagine the the maintenance burden of Later on people are using fedora flatpacks and we need to fix specific things And also it would be very nice if more people would get engaged and that's why we have this true starting points for you this first one describes detail by detail the process how to to make the conversion And the second one we have a automatic generated list of easy to convert applications So the applications are sorted by the amount of dependencies they involve because since you are building the dependencies And you notice that the dependencies they need some changes on their spec file because they're using different prefixes another thing that is pretty common to fix is applications installing system d unit files and flatpack doesn't allow you to put files in those locations and things like this and So the more dependencies your application has harder it is i am working on gnom boxes We have gnom boxes on flat hub, but the fedora flat pack of gnom boxes is still not coming out because livid, chemo, free rdp these guys take hours to build all together in the same bundle and they just have very A huge variety of dependencies who need fixing because they're just not following the the spec file standards and They need correction. So also if you are a package maintainer and you're receiving pull requests for us, please accept them Because i'm not trying to bypass anybody's authority. So we are filling pull requests to fix specific things that Need to be fixed so we can still build and we have this flat pack rpm macros So we can still conditionally Do things for flat pack and still maintain your old ways of doing things All right, uh for our shared libraries is mostly they are doing things wrong They are just hard coding paths manual files are format specific And or they are calling binaries to produce artifacts and these binaries have the path hard coded Things like this and then when you get to more like services then you have flat pack specific issues because they are putting unit files and They are really Installing themselves into the system and they are very core components, right? So that that becomes harder So automatic reviews is something that you would be very nice to have something that would be able to Just monitor that a dependency has changed has been updated. So rpm and Rebuild everything produce this bundle give to the maintainer tell them to test and everything is okay. You can just Authorize the change to go because I still would like to have for instance as a box as maintainer I would still have to to have the the privilege or the authority to to control Not to have the the master of everything because sometimes people are introducing regressions Because they're just not thinking about us in the application level because they're just working on some library that provides some feature for chemo locally branches in In flat hub we have branches for languages and you don't need to to build the whole set of languages within the same thing which reduces Significantly the size of your package We are still not able to compose Containers is splitting the languages out. So we choose to go for just the c locale For now But ideally we would like to have a mechanism to to download link packs or to provide languages Portal integration. This is something more like upstream for flat packs They still are converting rpm's and most of them require access to things that flat pack is closing And we just don't have the portal. So working on portals here I put abrt but any other automatic bug report because since you don't have the bug info inside the container How do you just Send a stack trace automatically to bugzilla is still very It's very premature. So if somebody is working on abrt or something related to this, please approach us. They'll be very nice And yeah, that's canate. I think I did in a good time So questions Yeah, I was Going to go in details on silver blue, but then I realized everybody heard a lot about silver blue today Hey No, we do not So one of the things if you flip back Basically, you can kind of say instead of saying f30 for the screen That you're depending on you can just leave it blank or you can say there's a whole We went back and forth so I came from the syntax exactly now But basically you can say, you know what for all the versions greater than this So you don't have to go back and update it every time a new version comes out or whatever Oh, that's really interesting. So yeah, so it's called stream expansion If you you know, whatever search word on the wiki here's docs of how to do it Oh, that's really good to know. Yeah, I think that they can be really useful. Basically the whole idea would But what we want to have is that you don't ever kind of Right, so, you know, unless obviously you've grown to your intent to use something like that Wow Wow, thank you. Yeah Remember all the other package names. Yeah, they'll do a good idea. Yeah Yeah, thank you. Yeah, it's a natural evolution I think most of things would just be built up individually as snippets and prototypes and later on they're going to become part of real life important software Any more questions additions comments please right, we have this List of the the flood packs sorted by by how hard it is and it's already filtered by by how How much we want them like the the colors are are the levels and the order is how How much the they need to be done So here we have like some people assigned to them But many of them are like still yet to do easy tag I see here Melt that you asked before it was done So, yeah, there's this wiki page with the the apps ideally Most of them, right? I I guess everybody should have an alternative to use fedora curated Certificate it like a percentage of it It could be done But the the that's like as the the the african proverb, right like who they could be done I could be packaging every day and I would produce like a thousand artifacts, but once they break It would be very nice to get to build up a community around the afford and Get people to take care especially people who have expertise on on on these fields, right like Yeah, if you if I consider most of packages have like a handful of dependencies and I'm just fixing one and two here I would say probably yeah that Yeah, at least for boxes as we have 32 dependencies I've been fixing four or five But these are very specific because they're chemo and all but most of the other packages that it's one or two per Perdependency, I would say 90 percent is is reasonable still a thousand packages 90 percent Good math, please Oh, that's a tough one. I probably ask alex about this one better I Yeah, I I wouldn't know how to I don't know. I wouldn't know how to answer that one Yeah, if you would be worth it or not, but make sense Right Definitely gonna forward the question It is not No, I don't think so I think Owen did a little bit of futuring on them. Yeah, I don't know what's the criteria to filter them, but yeah Yeah, and I also he Sorry to interrupt you, but I think they are he also limited to to the last Table of dependencies, which is definitely not Yeah, I think it's up to five dependencies So they are easy to to to fly by the pages fly back easy. So So boxes wouldn't wouldn't fitting any more comments all right, so Thanks everybody and have have a great boat trip today