Migrate away from vmdebootstrap
We use vmdebootstrap to build the VM image used for building Tails ISO images with Vagrant (source:vagrant/definitions/tails-builder/generate-tails-builder-box.sh). But vmdebootstrap won't be in Buster ("You have until September, 2018").
Sources of inspiration:
Lars Wirzenius tentatively agreed to keep the package in sid a bit longer, e.g. the end of 2019-02 and best/worst case the Buster release
… but later changed his mind: vmdebootstrap going away in September, switch now. I've checked with Lars privately and he confirmed that he really does not want to see
vmdebootstrap in sid after September.
Let's check the consequences:
- time scope: between the time when
vmdebootstrapis removed from testing/sid (September) and the time when our build system has switched to something else
- who? people who satisfy all these criteria:
- They want to build Tails ISO images.
- They run testing/sid on their Tails development machine.
- They have not installed
vmdebootstrapbefore it gets removed from testing/sid.
- impact: can't build a Tails ISO
I doubt we want to migrate in a bugfix release and it's too late to do this in time for 3.9. Most likely, the following major release will be 3.12, scheduled for 2019-01-29, with a freeze date around mid-January, so the deadline to have this work well tested and ready for QA would be sometime at the end of 2018. The impact described above would affect people for ~4 months, during which we can document workarounds (e.g. installing
vmdebootstrap from Stretch). This was basically what I had in mind when I've negotiated a delay with Lars earlier this year and it still seems acceptable to me.
If we miss the end of 2018 deadline, then most likely the earliest we can do the switch is Tails 4.0 (~mid-2019) and then the problem will have affected people for ~9 months. I think that's too long, so let's try to avoid that if we can.
- Updated/stablish link for
READMEin upstream sources: https://sources.debian.org/src/vmdebootstrap/latest/debian/NEWS/
- Do we have any idea which of the replacements cited on https://lists.debian.org/debian-devel-announce/2018/07/msg00002.html we would want to move to?
- (In addition to suggest installing from
stretch, we also have https://snapshot.debian.org/