Project

General

Profile

Feature #15510

Feature #15500: Update Puppet modules: 2018Q4 → 2019Q2 edition

Switch to the puppetlabs/apt module

Added by intrigeri about 1 year ago. Updated 17 days ago.

Status:
In Progress
Priority:
Elevated
Assignee:
Category:
Infrastructure
Target version:
Start date:
04/09/2018
Due date:
% Done:

10%

QA Check:
Feature Branch:
puppet-lizard-manifests:feature15510
Type of work:
Sysadmin
Blueprint:
Starter:
Affected tool:

Description

The shared apt module is deprecated and the shared Puppet modules group decided to switch to https://github.com/puppetlabs/puppetlabs-apt.

See https://gitlab.com/shared-puppet-modules-group/apt/blob/master/UPGRADING.md for migration info. Lots of features we use are missing so this is going to take time. Let's try to make it happen by the end of 2019Q1.

This migration can be split into steps:

  1. migrate away from functionality provided by the shared apt module but that's not supported by puppetlabs/apt: either switch to already supported alternatives, or to "plugins", or submit PRs to puppetlabs/apt
    1. listchanges done
    2. apt::apticronAPT::Periodic + monitoring check done
    3. apt::reboot_required_notify → install reboot-notifier ourselves done
    4. apt::dpkg_statoverride → import it in puppet-tails
  2. reach the point where the only functionality we use from the shared apt module is also supported either by puppetlabs/apt directly or by modules that depend on it
  3. switch to puppetlabs/apt; changes that must happen in lockstep when doing so:
    1. apt::apt_confapt::conf
    2. apt::custom_key_dirapt class' keys parameter but implementation looks scary (do the red flags apply to us?); worst case, follow https://wiki.debian.org/DebianRepository/UseThirdParty and drop the non-ascii-armorded key in /usr/share/keyrings/example-archive-keyring.gpg + point to it from sources.list
    3. apt::cronhttps://github.com/voxpupuli/puppet-unattended_upgrades: depends on puppetlabs/apt so has to be done in lockstep with the switch to it
    4. apt::packagepackage + apt::pin
    5. apt::preferences_snippetapt::pin
    6. apt::proxy*apt class' proxy parameter
    7. apt::sources_list, apt::repos, apt::use_next_release, apt::use_volatile, tails::apt::repository::* → puppetlabs/apt provides several was to manage sources.list

To list the apt:: things we use:

git grep -h --only-matching --color=never \
  --recurse-submodules -E '\bapt::[^ ]+\b' -- \
  hieradata/ manifests/ modules/reprepro/ modules/tails* \
  2>/dev/null \
  | sort -u

Related issues

Blocks Tails - Feature #13284: Core work: Sysadmin (Adapt our infrastructure) Confirmed 06/30/2017

History

#1 Updated by intrigeri about 1 year ago

  • Blocks Feature #13284: Core work: Sysadmin (Adapt our infrastructure) added

#2 Updated by intrigeri about 1 year ago

  • Description updated (diff)

#3 Updated by intrigeri 12 months ago

  • Target version changed from Tails_3.9 to Tails_3.10.1

#4 Updated by intrigeri 8 months ago

  • Target version changed from Tails_3.10.1 to Tails_3.11

#5 Updated by intrigeri 7 months ago

  • Parent task changed from #15499 to #15500

#6 Updated by intrigeri 7 months ago

  • Target version changed from Tails_3.11 to Tails_3.12

I've booked time to work on this around Dec 17-31.

#7 Updated by intrigeri 5 months ago

  • Target version changed from Tails_3.12 to Tails_3.13

#8 Updated by intrigeri 3 months ago

  • Description updated (diff)

#9 Updated by intrigeri 3 months ago

  • Description updated (diff)
  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 10

Listed all the apt:: thing we use and what I think we should do with them. Migrated a few small things away from the old apt module.

#10 Updated by intrigeri 3 months ago

  • Description updated (diff)

Migrated the last thing I could migrate without switching to puppetlabs/apt.

Next steps: prepare a topic branch (= environment) that switches to puppetlabs/apt + adjusts the bare minimum, put a couple non-critical nodes into that environment, fix stuff, and progressively port more code and nodes to that environment until we're done and we can merge this branch into production and put all nodes back into the production environment.

#11 Updated by intrigeri 2 months ago

  • Description updated (diff)

#12 Updated by intrigeri 2 months ago

  • Target version changed from Tails_3.13 to Tails_3.14

I've been busy elsewhere and we're now too close to a release for such a potentially disruptive change.

#13 Updated by intrigeri about 2 months ago

  • Feature Branch set to puppet-lizard-manifests:feature15510

#14 Updated by intrigeri 23 days ago

  • Priority changed from Normal to Elevated

#15 Updated by intrigeri 17 days ago

  • Target version changed from Tails_3.14 to Tails_3.15

Also available in: Atom PDF