Skip to main content
Jump to: navigation, search

Oomph Repository Analyzer

Revision as of 09:03, 29 August 2019 by Ed.merks.gmail.com (Talk | contribs)

Oomph Project Logo.png Powered by Oomph

Description

Oomph's repository analyzer is an application for generating a detailed analysis report of one for more p2 repositories. Oomph's repository-analyzer job illustrates how to use this application to generate reports. It currently generates reports for several of Eclipse's key p2 update sites, including the latest Platform repositories and the latest SimRel repositories. Please use Bug 550361 for feedback.

Page Types

There are three general page types generated.

  • Pages for folders that are not themselves p2 update sites; these are useful only for navigation.
  • Pages for folders that represent a p2 update site with two variants:
    • Pages for composite update sites.
    • Pages for simple update sites.
  • Pages for each installable unit in an update site.

Update Site Pages

An update site page looks will appear as follows:

RepositoryAnalyzerCompositeSitePage.png

In this case, it is a page for a composite p2 repository, so an "XML" section is included For a simple p2 repository, the detailed information about site's content and artifacts is very large and is therefore provide via separate installable unit-specific pages.

In general, sections are expandable via the orange triangle. Some sections support expand all via a second orange triangle after the section title, which appears only after expanding the section itself.

The report will diagnose the specific problems as documented in this wiki in the sections that follow.


Composite Locations

These are shown only for composite sites. If the composite site specifies a location using an absolute URI that has the same host as the composite site itself, this is reported as a problem:

RepositoryAnalyzerCompositeSitePageBadAbsoluteLocation.png

Such a design is problematic because it predetermines the scheme the user must use. So a user with problems accessing Eclipse via http-scheme will not be able to load this composite via http-scheme because the composite specifies they must use https-scheme.. Also, it will not be possible, locally on the build server, to access this composite purely using file-scheme.


Licenses

There are current 3 valid variants of the Eclipse Software User Agreement. All features and products must use one of these three as their license. Non-conformance is diagnosed as a problem. Detailed information is provided each license and for the installable units (features and products) that use each license.

RepositoryAnalyzerCompositeSitePageBadLicense.png

Under the covers, p2 computes a fingerprint for each license. This is displayed in report and this item can be expanded to show the full license text. The license is matched against one of the 3 valid SUAs and the mismatch is highlighted to show what's wrong.

RepositoryAnalyzerCompositeSitePageBadLicenseDetail.png

Here we see that some type of encoding problem has occurred; the to-be-deleted text is shown in bold red and the to-be-added text is show in bold green, in a really big font if the mismatch is small.


Certificates for Signed Content

All content distributed from Eclipse must be signed by a valid certificate, preferably a recent one. Unsigned content is diagnosed as a problem and the offending installable units are list:

RepositoryAnalyzerCompositeSitePageUnsignedContent.png

Certificate details are displayed and each section is expandable to list the installable units that are signed with that certificate. Of course this also provides access to the list of unsigned installable units.


Providers

All content distributed by Eclipse is provided by Eclipse. Features specify the name of the provider and the branding guidelines dictate that Eclipse must always be part of every project's brand. Any feature that is non-conformant will be diagnosed as a problem:

RepositoryAnalyzerCompositeSitePageBadProvider.png

This summary also shows the associated branding image of each feature. A warning icon indicates that no such image could be determined. An error icon indicates that the feature specifies an image, but doesn't actually include the image in the feature's associated artifact.


Bad Branding

Generally all features should be brand with an associated provider and a branding image. The report includes a section for these details:

RepositoryAnalyzerCompositeSitePageBadBranding.png

As mentioned previously, a warning icon indicates that no such image could be determined, and an error icon indicates that the feature specifies an image, but doesn't actually include the image in the feature's associated artifact.

Note that the combination of provider name and branding image is what determines the the images and grouping in the About Eclipse dialog.

RepositoryAnalyzerAboutEclipse.png


Products

In the long term, the repository analyzer should determine whether a product's native executables are properly signed. Currently the report only lists the products.

RepositoryAnalyzerProducts.png


Categories

The report will include a summary of all the categories. These are of course the categories presented to the users when they install features.

RepositoryAnalyzerCompositeSitePageCategories.png


Installable Units

The report will include details about each installable unit. If there are units with artifacts with unsigned content or with missing pack200 artifacts, these will be diagnosed:

RepositoryAnalyzerCompositeSitePageInstallableUnits.png

If there are such problems, filters are available to show only the installable units with those problems. Details for each unit include the size of the associated artifact(s).


Installable Unit Pages

Every installable unit displayed on the any of the Update Site pages is a link to an Installable Unit page.

Back to the top