Project

General

Profile

Bug #11612

Feature #5926: Freezable APT repository

Cannot import needed packages into the new tagged APT snapshot at point-release time

Added by intrigeri over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
Infrastructure
Target version:
Start date:
07/31/2016
Due date:
% Done:

100%

Feature Branch:
bugfix/11612-tagged-APT-snapshot-for-point-release
Type of work:
Code
Blueprint:
Starter:
Affected tool:

Description

When running ./bin/tag-apt-snapshots as part of the Tails 2.5 release process, I'm told:

I: detected origin: debian with reference: 2016073103
[...]
W: some packages were not found anywhere:
 - base-files/8+deb8u4/i386/binary
 - dmeventd/2:1.02.90-2.2/i386/binary
 - dmsetup/2:1.02.90-2.2/i386/binary
 - electrum/2.6.3-1/all/binary
 - evince-common/3.14.1-2/all/binary
 - evince/3.14.1-2/i386/binary

The build manifest contains:

origin_references:
  debian:
    reference: '2016073103'

... because config/APT_snapshots.d/debian/serial contains "latest", which in this context means "do what I mean", that is stick to previous release's tagged snapshot (auto/scripts/apt-mirror)… except the part of our build system that creates the build manifest does not know about this convention.

And anyway, even if the build manifest pointed to the right place, i.e. the previous release's (2.4) tagged APT snapshot, which is the only place where the missing packages are as of today: tails-prepare-tagged-apt-snapshot-import in its current shape does not know how to generate a configuration that pulls from there.

One option could be to modify how we deal with point-releases: when releasing, instead of using the aforementioned "latest" convention, on the stable branch we could keep pointing to the actual time-based snapshots we need for the next point-releases (in this case: 2016052503) and prevent them from being garbage-collected until next major release.

Associated revisions

Revision 025d6869 (diff)
Added by intrigeri over 3 years ago

Never (pretend to) thaw APT snapshots on the stable branch.

Let's always encode, on the stable branch, the exact set of APT snapshots we
want to use in next point-release. Previously we would pretend to thaw them by
writing "latest" in APT_snapshots.d/*/serial, but then apt-mirror would
special-case this situation: on an unreleased branch based on stable, it would
consider that "latest" means "stick to previous release's tagged snapshot".
Which worked fine at build time, except the part of our build system that
creates the build manifest does not know about this convention, so the resulting
build manifest would point to the latest APT snapshots we have, even though they
were not really used during the build. And even if the build manifest pointed to
the right place (i.e. the previous release's tagged APT snapshot), which is the
only place where some of the needed packages are when tagging the next
point-release's APT snapshot: tails-prepare-tagged-apt-snapshot-import does not
know how to generate a configuration that pulls from there.

So let's drop this special meaning of "latest", and make things simpler by
actually hard-coding in Git the snapshots we really want to use.

This implies the documentation change that makes sure that we're keeping these
time-based APT snapshots long enough.

refs: #11612

Revision aed83f94 (diff)
Added by intrigeri over 3 years ago

Simplify freezable APT repository handling for stable and testing -based branches.

We now enforce that any branch based on stable or testing uses frozen
APT snapshots, except for the debian-security archive. This simplifies
the documentation, the code, and eases reasoning about the whole thing.

refs: #11612

Revision f1f21bd9
Added by anonym over 3 years ago

Merge remote-tracking branch 'origin/bugfix/11612-tagged-APT-snapshot-for-point-release' into devel

Fix-committed: #11612

History

#1 Updated by intrigeri over 3 years ago

  • Description updated (diff)

#2 Updated by intrigeri over 3 years ago

  • Blocked by Feature #11448: Write helper tools for APT repository freeze exceptions added

#3 Updated by intrigeri over 3 years ago

  • Feature Branch set to bugfix/11612-tagged-APT-snapshot-for-point-release

#4 Updated by intrigeri over 3 years ago

  • Blocked by deleted (Feature #11448: Write helper tools for APT repository freeze exceptions)

#5 Updated by intrigeri over 3 years ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from intrigeri to anonym
  • % Done changed from 0 to 50
  • QA Check set to Ready for QA

Please merge into devel, but not into stable as this would break its build currently (we've lost the time-based APT snapshots it should use, so we can't encode them).

#6 Updated by anonym over 3 years ago

  • Status changed from In Progress to 11
  • Assignee deleted (anonym)
  • % Done changed from 50 to 100
  • QA Check changed from Ready for QA to Pass

#7 Updated by anonym over 3 years ago

  • Status changed from 11 to Resolved

Also available in: Atom PDF