[Launchpad-reviewers] [Merge] ~pelpsi/lpci:jobs-cannot-run-as-root into lpci:main
Simone Pelosi has proposed merging ~pelpsi/lpci:jobs-cannot-run-as-root into
lpci:main.
Commit message:
Add a root flag
New root flag to choose whether to run commands as root or as default user
(_lpci).
Lpci runs jobs as root inside the container.
However, there are some reasonable jobs that call code that refuses to run as
root.
LP: #1982954
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
Related bugs:
Bug #1982954 in lpci: "Some jobs cannot run as root"
https://bugs.launchpad.net/lpci/+bug/1982954
For more details, see:
https://code.launchpad.net/~pelpsi/lpci/+git/lpcraft/+merge/441539
--
Your team Launchpad code reviewers is requested to review the proposed merge of
~pelpsi/lpci:jobs-cannot-run-as-root into lpci:main.
diff --git a/NEWS.rst b/NEWS.rst
index ba2012b..45f0dde 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -9,6 +9,8 @@ Version history
- Fix ``policy-rc.d`` issue preventing services
from running into the container.
+- Add a ``root`` flag.
+
0.1.0 (2023-04-18)
==
diff --git a/docs/configuration.rst b/docs/configuration.rst
index 65b0b5d..db9f589 100644
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@@ -61,6 +61,10 @@ Job definitions
`/etc/apt/sources.list`.
Also see the :ref:`package-repositories` section below.
+``root`` (optional)
+If False, allow running commands as default user (_lpci).
+Default value: True.
+
``snaps`` (optional)
Snaps to install as dependencies of this job.
Also see the :ref:`snap-properties` section below.
diff --git a/lpci/commands/run.py b/lpci/commands/run.py
index d6c65b2..ef29525 100644
--- a/lpci/commands/run.py
+++ b/lpci/commands/run.py
@@ -433,8 +433,14 @@ def _run_instance_command(
host_architecture: str,
remote_cwd: Path,
environment: Optional[Dict[str, Optional[str]]],
+root: bool = True,
) -> None:
full_run_cmd = ["bash", "--noprofile", "--norc", "-ec", command]
+if not root:
+prefix = ["runuser", "-u", env.get_default_user(), "--"]
+prefix.extend(full_run_cmd)
+full_run_cmd = prefix
+
emit.progress("Running command for the job...")
original_mode = emit.get_mode()
if original_mode == EmitterMode.BRIEF:
@@ -475,6 +481,11 @@ def _run_job(
# XXX jugmac00 2022-04-27: we should create a configuration object to be
# passed in and not so many arguments
job = config.jobs[job_name][job_index]
+root = job.root
+
+# workaround necessary to please coverage
+assert isinstance(root, bool)
+
host_architecture = get_host_architecture()
if host_architecture not in job.architectures:
return
@@ -540,6 +551,7 @@ def _run_job(
series=job.series,
architecture=host_architecture,
gpu_nvidia=gpu_nvidia,
+root=root,
) as instance:
snaps = list(itertools.chain(*pm.hook.lpci_install_snaps()))
for snap in snaps:
@@ -583,6 +595,7 @@ def _run_job(
host_architecture=host_architecture,
remote_cwd=remote_cwd,
environment=environment,
+root=root,
)
if config.license:
if not job.output:
diff --git a/lpci/commands/tests/test_run.py b/lpci/commands/tests/test_run.py
index 07ae61b..c47f1e7 100644
--- a/lpci/commands/tests/test_run.py
+++ b/lpci/commands/tests/test_run.py
@@ -3537,6 +3537,55 @@ class TestRun(RunBaseTestCase):
remote="test-remote",
)
+@patch("lpci.commands.run.get_provider")
+@patch("lpci.commands.run.get_host_architecture", return_value="amd64")
+def test_root_field(self, mock_get_host_architecture, mock_get_provider):
+launcher = Mock(spec=launch)
+provider = makeLXDProvider(lxd_launcher=launcher)
+mock_get_provider.return_value = provider
+execute_run = launcher.return_value.execute_run
+execute_run.return_value = subprocess.CompletedProcess("_lpci", 0)
+config = dedent(
+"""
+pipeline:
+- build
+
+jobs:
+build:
+root: False
+series: focal
+architectures: amd64
+run: whoami
+"""
+)
+Path(".launchpad.yaml").write_text(config)
+
+result = self.run_command("run")
+
+self.assertEqual(0, result.exit_code)
+self.assertEqual(
+[
+call(
+[
+"runuser",
+"-u",
+"_lpci",
+"--",
+"bash",
+"--noprofile",
+"--norc",
+"-ec",
+"whoami",
+],
+cwd=Path("/build/lpci/project"),
+env={},
+s
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad:expire-questions-limit into launchpad:master
Colin Watson has proposed merging ~cjwatson/launchpad:expire-questions-limit into launchpad:master. Commit message: expire-questions: Add a --limit option Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/441559 This is in line with the otherwise quite similar `expire-bugtasks` script. We currently have a cowboyed patch on dogfood limiting expiry there to five questions for testing; this allows us to do that using a command-line option instead, and to drop that patch. -- Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:expire-questions-limit into launchpad:master. diff --git a/cronscripts/expire-questions.py b/cronscripts/expire-questions.py index 213fe63..64b1936 100755 --- a/cronscripts/expire-questions.py +++ b/cronscripts/expire-questions.py @@ -30,9 +30,21 @@ class ExpireQuestions(LaunchpadCronScript): usage = "usage: %prog [options]" description = __doc__ +def add_my_options(self): +self.parser.add_option( +"-l", +"--limit", +action="store", +dest="limit", +type="int", +metavar="NUMBER", +default=None, +help="Limit expiry to NUMBER of questions.", +) + def main(self): """Expire old questions.""" -janitor = QuestionJanitor(log=self.logger) +janitor = QuestionJanitor(log=self.logger, limit=self.options.limit) janitor.expireQuestions(self.txn) diff --git a/lib/lp/answers/model/question.py b/lib/lp/answers/model/question.py index 3704ac3..ccf0e74 100644 --- a/lib/lp/answers/model/question.py +++ b/lib/lp/answers/model/question.py @@ -833,7 +833,7 @@ class QuestionSet: """See `IQuestionSet`.""" self.title = "Launchpad" -def findExpiredQuestions(self, days_before_expiration): +def findExpiredQuestions(self, days_before_expiration, limit=None): """See `IQuestionSet`.""" # This query joins to bugtasks that are not BugTaskStatus.INVALID # because there are many bugtasks to one question. A question is @@ -859,7 +859,7 @@ class QuestionSet: expiry = datetime.now(timezone.utc) - timedelta( days=days_before_expiration ) -return ( +rows = ( IStore(Question) .using(*origin) .find( @@ -877,6 +877,9 @@ class QuestionSet: ) .config(distinct=True) ) +if limit is not None: +rows = rows[:limit] +return rows def searchQuestions( self, diff --git a/lib/lp/answers/model/tests/test_question.py b/lib/lp/answers/model/tests/test_question.py index 8b3abf4..15ec010 100644 --- a/lib/lp/answers/model/tests/test_question.py +++ b/lib/lp/answers/model/tests/test_question.py @@ -126,3 +126,24 @@ class TestQuestionSet(TestCaseWithFactory): question_set = getUtility(IQuestionSet) expired = question_set.findExpiredQuestions(3) self.assertNotIn(question, expired) + +def test_expiredQuestions_limit(self): +for _ in range(10): +question = self.factory.makeQuestion() +removeSecurityProxy(question).datelastquery = datetime.now( +timezone.utc +) - timedelta(days=5) + +question_set = getUtility(IQuestionSet) +self.assertGreaterEqual( +question_set.findExpiredQuestions( +days_before_expiration=3 +).count(), +10, +) +self.assertEqual( +5, +question_set.findExpiredQuestions( +days_before_expiration=3, limit=5 +).count(), +) diff --git a/lib/lp/answers/scripts/questionexpiration.py b/lib/lp/answers/scripts/questionexpiration.py index 32b3c1c..48da01e 100644 --- a/lib/lp/answers/scripts/questionexpiration.py +++ b/lib/lp/answers/scripts/questionexpiration.py @@ -19,13 +19,14 @@ class QuestionJanitor: without activity in a configurable period. """ -def __init__(self, days_before_expiration=None, log=None): +def __init__(self, days_before_expiration=None, log=None, limit=None): """Create a new QuestionJanitor. :days_before_expiration: Days of inactivity before a question is expired. Defaults to config.answertracker.days_before_expiration :log: A logger instance to use for logging. Defaults to the default logger. +:limit: Expire no more than limit questions. """ if days_before_expiration is None: @@ -37,6 +38,7 @@ class QuestionJanitor: log = getLogger() self.days_before_expiration = days_before_expiration self.log = log +self.limit = limit self.janitor = getUtility(ILaunchpadCelebrities).janitor @@ -57,7 +59,7 @@ cl
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad:charm-update-launchpad-layers into launchpad:master
Colin Watson has proposed merging ~cjwatson/launchpad:charm-update-launchpad-layers into launchpad:master. Commit message: charm: Update launchpad-layers to 81c2d5b77d Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/441567 This pulls in "Add trailing slash to supermirror_root". -- Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:charm-update-launchpad-layers into launchpad:master. diff --git a/charm/launchpad-admin/charmcraft.yaml b/charm/launchpad-admin/charmcraft.yaml index 1f8a8e9..1fbca20 100644 --- a/charm/launchpad-admin/charmcraft.yaml +++ b/charm/launchpad-admin/charmcraft.yaml @@ -35,7 +35,7 @@ parts: after: - ols-layers source: https://git.launchpad.net/launchpad-layers -source-commit: "0311e05ec2e856e61a2620f68aa3ea35c0a3029b" +source-commit: "81c2d5b77d3c2cb4fce42c15ae2a7381ebab7f8f" source-submodules: [] source-type: git plugin: dump diff --git a/charm/launchpad-appserver/charmcraft.yaml b/charm/launchpad-appserver/charmcraft.yaml index 47b8752..deb7add 100644 --- a/charm/launchpad-appserver/charmcraft.yaml +++ b/charm/launchpad-appserver/charmcraft.yaml @@ -35,7 +35,7 @@ parts: after: - ols-layers source: https://git.launchpad.net/launchpad-layers -source-commit: "0311e05ec2e856e61a2620f68aa3ea35c0a3029b" +source-commit: "81c2d5b77d3c2cb4fce42c15ae2a7381ebab7f8f" source-submodules: [] source-type: git plugin: dump diff --git a/charm/launchpad/charmcraft.yaml b/charm/launchpad/charmcraft.yaml index cd51483..5d4 100644 --- a/charm/launchpad/charmcraft.yaml +++ b/charm/launchpad/charmcraft.yaml @@ -35,7 +35,7 @@ parts: after: - ols-layers source: https://git.launchpad.net/launchpad-layers -source-commit: "0311e05ec2e856e61a2620f68aa3ea35c0a3029b" +source-commit: "81c2d5b77d3c2cb4fce42c15ae2a7381ebab7f8f" source-submodules: [] source-type: git plugin: dump ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad-layers:mail-configure into launchpad-layers:main
Colin Watson has proposed merging ~cjwatson/launchpad-layers:mail-configure
into launchpad-layers:main.
Commit message:
Configure outbound email if send_email is true
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
Related bugs:
Bug #2017136 in launchpad-layers: "No email received after changing the
OpenPGP key"
https://bugs.launchpad.net/launchpad-layers/+bug/2017136
For more details, see:
https://code.launchpad.net/~cjwatson/launchpad-layers/+git/launchpad-layers/+merge/441577
Most of Launchpad's email is sent using immediate delivery, which uses
`smtplib` directly; but some, such as email sent by garbo jobs, instead queues
it up until the end of the transaction. The latter mode wasn't configured
properly on production, so outgoing email ended up in a default "stub" mailer
which sent everything to root@localhost. Add configuration to send queued
production email to localhost:25 as well.
Individual charms must call `configure_email` to install `mail-configure.zcml`
in the appropriate configuration directory, or remove it if `send_email` is
false.
See also
https://code.launchpad.net/~cjwatson/lp-production-configs/production-smtp-mailer/+merge/411555
in our old private configs branch.
--
Your team Launchpad code reviewers is requested to review the proposed merge of
~cjwatson/launchpad-layers:mail-configure into launchpad-layers:main.
diff --git a/launchpad-base/config.yaml b/launchpad-base/config.yaml
index 3fa13a5..14feeca 100644
--- a/launchpad-base/config.yaml
+++ b/launchpad-base/config.yaml
@@ -219,6 +219,13 @@ options:
type: string
description: Username to use with RabbitMQ.
default: test
+ send_email:
+type: boolean
+description: >
+ Is this service allowed to send email? (Email is always sent via a
+ mail transport agent running on localhost; deploy a postfix-relay
+ subordinate charm to handle this.)
+default: false
session_cookie_name:
type: string
description: The ID of the cookie used to store the session token.
diff --git a/launchpad-base/lib/charms/launchpad/base.py b/launchpad-base/lib/charms/launchpad/base.py
index fbdf2fd..7768c9b 100644
--- a/launchpad-base/lib/charms/launchpad/base.py
+++ b/launchpad-base/lib/charms/launchpad/base.py
@@ -136,6 +136,25 @@ def lazr_config_files():
]
+def configure_email(config, directory_name):
+mail_configure_path = config_file_path(
+f"{directory_name}/mail-configure.zcml"
+)
+if config["send_email"]:
+hookenv.log("Writing email configuration.")
+templating.render(
+"mail-configure.zcml",
+mail_configure_path,
+config,
+owner="root",
+group=base.user(),
+perms=0o444,
+)
+elif os.path.exists(mail_configure_path):
+hookenv.log("Removing email configuration.")
+os.unlink(mail_configure_path)
+
+
def configure_rsync(config, template, name):
hookenv.log("Writing rsync configuration.")
rsync_path = os.path.join("/etc/rsync-juju.d", name)
diff --git a/launchpad-base/templates/launchpad-base-lazr.conf b/launchpad-base/templates/launchpad-base-lazr.conf
index 71c456e..b9707cb 100644
--- a/launchpad-base/templates/launchpad-base-lazr.conf
+++ b/launchpad-base/templates/launchpad-base-lazr.conf
@@ -57,6 +57,9 @@ oops_prefix: {{ oops_prefix }}
[gpghandler]
upload_keys: {{ gpg_upload_keys }}
+[immediate_mail]
+{{- opt("send_email", send_email) }}
+
[launchpad]
bugs_domain: bugs.{{ domain }}
{{- opt("bzr_imports_root_url", bzr_imports_root_url) }}
diff --git a/launchpad-base/templates/mail-configure.zcml b/launchpad-base/templates/mail-configure.zcml
new file mode 100644
index 000..380a530
--- /dev/null
+++ b/launchpad-base/templates/mail-configure.zcml
@@ -0,0 +1,8 @@
+http://namespaces.zope.org/zope";
+xmlns:mail="http://namespaces.zope.org/mail";
+i18n_domain="zope">
+
+
+
+
___
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad-layers:mail-configure into launchpad-layers:main
The proposal to merge ~cjwatson/launchpad-layers:mail-configure into launchpad-layers:main has been updated. Description changed to: Most of Launchpad's email is sent using immediate delivery, which uses `smtplib` directly; but some, such as email sent by garbo jobs, instead queues it up until the end of the transaction. The latter mode wasn't configured properly on production, so outgoing email ended up in a default "stub" mailer which sent everything to root@localhost. Add configuration to send queued production email to localhost:25 as well. Individual charms must call `configure_email` to install `mail-configure.zcml` in the appropriate configuration directory, or remove it if `send_email` is false. See also https://code.launchpad.net/~cjwatson/lp-production-configs/production-smtp-mailer/+merge/411555 in our old private configs branch, which did something similar - I just forgot to transcribe it over to the new deployment mechanism. For more details, see: https://code.launchpad.net/~cjwatson/launchpad-layers/+git/launchpad-layers/+merge/441577 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad-layers:mail-configure into launchpad-layers:main. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad:charm-mail-configure into launchpad:master
Colin Watson has proposed merging ~cjwatson/launchpad:charm-mail-configure into launchpad:master. Commit message: charm: Configure outbound email if send_email is true Requested reviews: Launchpad code reviewers (launchpad-reviewers) Related bugs: Bug #2017136 in launchpad-layers: "No email received after changing the OpenPGP key" https://bugs.launchpad.net/launchpad-layers/+bug/2017136 For more details, see: https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/441582 This pulls in and uses https://code.launchpad.net/~cjwatson/launchpad-layers/+git/launchpad-layers/+merge/441577. -- Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:charm-mail-configure into launchpad:master. diff --git a/charm/launchpad-admin/charmcraft.yaml b/charm/launchpad-admin/charmcraft.yaml index 1fbca20..e640df9 100644 --- a/charm/launchpad-admin/charmcraft.yaml +++ b/charm/launchpad-admin/charmcraft.yaml @@ -35,7 +35,7 @@ parts: after: - ols-layers source: https://git.launchpad.net/launchpad-layers -source-commit: "81c2d5b77d3c2cb4fce42c15ae2a7381ebab7f8f" +source-commit: "6a50917f5f6163069ae1661e3320abb5b48173a3" source-submodules: [] source-type: git plugin: dump diff --git a/charm/launchpad-admin/reactive/launchpad-admin.py b/charm/launchpad-admin/reactive/launchpad-admin.py index d00383a..3d44168 100644 --- a/charm/launchpad-admin/reactive/launchpad-admin.py +++ b/charm/launchpad-admin/reactive/launchpad-admin.py @@ -6,6 +6,7 @@ import subprocess from charmhelpers.core import hookenv, host, templating from charms.launchpad.base import ( +configure_email, configure_lazr, get_service_config, home_dir, @@ -111,6 +112,7 @@ def configure(): "launchpad-admin-lazr.conf", "launchpad-admin/launchpad-lazr.conf", ) +configure_email(config, "launchpad-admin") templating.render( "bash_aliases.j2", os.path.join(home_dir(), ".bash_aliases"), diff --git a/charm/launchpad-appserver/charmcraft.yaml b/charm/launchpad-appserver/charmcraft.yaml index deb7add..14708d5 100644 --- a/charm/launchpad-appserver/charmcraft.yaml +++ b/charm/launchpad-appserver/charmcraft.yaml @@ -35,7 +35,7 @@ parts: after: - ols-layers source: https://git.launchpad.net/launchpad-layers -source-commit: "81c2d5b77d3c2cb4fce42c15ae2a7381ebab7f8f" +source-commit: "6a50917f5f6163069ae1661e3320abb5b48173a3" source-submodules: [] source-type: git plugin: dump diff --git a/charm/launchpad-appserver/reactive/launchpad-appserver.py b/charm/launchpad-appserver/reactive/launchpad-appserver.py index 1edc216..61cd796 100644 --- a/charm/launchpad-appserver/reactive/launchpad-appserver.py +++ b/charm/launchpad-appserver/reactive/launchpad-appserver.py @@ -10,6 +10,7 @@ from charms.coordinator import acquire from charms.launchpad.base import ( config_file_path, configure_cron, +configure_email, configure_lazr, get_service_config, lazr_config_files, @@ -125,6 +126,7 @@ def configure(): "launchpad-appserver-secrets-lazr.conf", secret=True, ) +configure_email(config, "launchpad-appserver") configure_gunicorn(config) configure_logrotate(config) configure_cron(config, "crontab.j2") diff --git a/charm/launchpad/charmcraft.yaml b/charm/launchpad/charmcraft.yaml index 5d4..b3205bf 100644 --- a/charm/launchpad/charmcraft.yaml +++ b/charm/launchpad/charmcraft.yaml @@ -35,7 +35,7 @@ parts: after: - ols-layers source: https://git.launchpad.net/launchpad-layers -source-commit: "81c2d5b77d3c2cb4fce42c15ae2a7381ebab7f8f" +source-commit: "6a50917f5f6163069ae1661e3320abb5b48173a3" source-submodules: [] source-type: git plugin: dump ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into ~launchpad/launchpad-mojo-specs/+git/private:vbuilder
Colin Watson has proposed merging
~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into
~launchpad/launchpad-mojo-specs/+git/private:vbuilder.
Commit message:
vbuilder: Add bos03 for staging
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~cjwatson/launchpad-mojo-specs/+git/private/+merge/441588
--
Your team Launchpad code reviewers is requested to review the proposed merge of
~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into
~launchpad/launchpad-mojo-specs/+git/private:vbuilder.
diff --git a/vbuilder/bundle.yaml b/vbuilder/bundle.yaml
index 5a13951..18b9b22 100644
--- a/vbuilder/bundle.yaml
+++ b/vbuilder/bundle.yaml
@@ -44,24 +44,29 @@
{%- set content_id_template = "launchpad-buildd:staging" %}
{%- set dns_update_host_bos01 = "10.189.0.2" %}
{%- set dns_update_host_bos02 = "10.189.128.2" %}
+{%- set dns_update_host_bos03 = "10.189.128.2" %}
{%- set dns_update_host_lcy02 = "10.132.31.11 10.132.31.12 10.132.31.13" %}
{%- set dns_update_host_lgw01 = "10.222.128.2" %}
{%- set dns_update_key_name = "vbuilder-staging-manage" %}
{%- set domain_bos01 = "vbuilder.staging.bos01.scalingstack" %}
{%- set domain_bos02 = "vbuilder.staging.bos02.scalingstack" %}
+{%- set domain_bos03 = "vbuilder.staging.bos03.scalingstack" %}
{%- set domain_lcy02 = "vbuilder.staging.lcy02.scalingstack" %}
{%- set domain_lgw01 = "vbuilder.staging.lgw01.scalingstack" %}
{%- set extra_constraints = "" %}
{%- set gss_series = "focal|jammy" %}
{%- set instance_key_name_bos01 = "ppa-manage-test" %}
{%- set instance_key_name_bos02 = "ppa-manage-test" %}
+{%- set instance_key_name_bos03 = "ppa-manage-test" %}
{%- set instance_key_name_lcy02 = "ppa-manage-test" %}
{%- set instance_key_name_lgw01 = "ppa-manage-test" %}
{%- set instance_network_bos01 = "10.189.34.0/24" %}
{%- set instance_network_bos02 = "10.189.162.0/23" %}
+{%- set instance_network_bos03 = "10.144.2.0/23" %}
{%- set instance_network_lcy02 = "10.134.2.0/23" %}
{%- set instance_network_lgw01 = "10.222.161.0/24" %}
{%- set instance_router = "vbuilder_staging_router" %}
+{%- set instance_router_bos03 = "router_launchpad-vbuilder-staging" %}
{%- set instance_router_lcy02 = "router_launchpad-vbuilder-staging" %}
{%- set launchpad_buildd_repository = "ppa:launchpad/buildd-staging" %}
{%- set lp_buildd_managers_lfp = "91.189.90.132" %}
@@ -72,11 +77,14 @@
{%- set modifiers_bos02 = '{"arm64": "10.44.0.13", "ppc64el": "10.44.0.19", "s390x": "10.44.0.14"}' %}
{%- set name_prefix = "launchpad-buildd-staging" %}
{%- set openstack_tenant_name = "vbuilder_staging_project" %}
+{%- set openstack_tenant_name_bos03 = "launchpad-vbuilder-staging_project" %}
{%- set openstack_tenant_name_lcy02 = "launchpad-vbuilder-staging_project" %}
{%- set openstack_username = "vbuilder_staging" %}
+{%- set openstack_username_bos03 = "launchpad-vbuilder-staging" %}
{%- set openstack_username_lcy02 = "launchpad-vbuilder-staging" %}
{%- set vbuilders_bos01 = {"amd64": ("jammy", "vbuilder-gpu", 1, true), "arm64": ("jammy", "vbuilder", 1, false), "ppc64el": ("jammy", "vbuilder", 1, true), "s390x": ("jammy", "vbuilder", 1, true)} %}
{%- set vbuilders_bos02 = {"arm64": ("jammy", "vbuilder", 1, false), "ppc64el": ("jammy", "vbuilder", 1, true), "s390x": ("jammy", "vbuilder", 1, true)} %}
+{%- set vbuilders_bos03 = {"amd64": ("jammy", "vbuilder", 4, true)} %}
{%- set vbuilders_lcy02 = {"amd64": ("jammy", "vbuilder", 4, true)} %}
{%- set vbuilders_lgw01 = {"amd64": ("jammy", "vbuilder", 4, true)} %}
{%- set vbuilder_prefix = "dogfood-" %}
@@ -217,6 +225,24 @@ applications:
region: scalingstack-bos02
use_swift: false
visibility: private
+{%- if stage_name == "staging" %}
+ glance-simplestreams-sync-bos03-amd64:
+charm: {{ charm_dir }}/glance-simplestreams-sync
+constraints: "{{ extra_constraints }}"
+num_units: 1
+options:
+ content_id_template: "{{ content_id_template }}"
+ mirror_list: |-
+[{url: "http://cloud-images.ubuntu.com/daily/";, name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(x86_64|amd64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "https://keystone.ps6.canonical.com:5000/v3";
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_bos03 }}"
+ openstack-username: "{{ openstack_username_bos03 }}"
+ region: scalingstack-bos03
+ use_swift: false
+ visibility: private
+{%- endif %}
glance-simplestreams-sync-lcy02-amd64:
charm: {{ charm_dir }}/glance-simplestreams-sync
constraints: "{{ extra_constraints }}"
@@ -319,6 +345,14 @@ applications:
remote-modifiers: '{{ modifiers_bos02 }}'
remote-modifier-private
Re: [Launchpad-reviewers] [Merge] ~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into ~launchpad/launchpad-mojo-specs/+git/private:vbuilder
Review: Approve LGTM -- https://code.launchpad.net/~cjwatson/launchpad-mojo-specs/+git/private/+merge/441588 Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into ~launchpad/launchpad-mojo-specs/+git/private:vbuilder. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into ~launchpad/launchpad-mojo-specs/+git/private:vbuilder
The proposal to merge ~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into ~launchpad/launchpad-mojo-specs/+git/private:vbuilder has been updated. Status: Needs review => Merged For more details, see: https://code.launchpad.net/~cjwatson/launchpad-mojo-specs/+git/private/+merge/441588 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad-mojo-specs/+git/private:vbuilder-staging-bos03 into ~launchpad/launchpad-mojo-specs/+git/private:vbuilder. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/rutabaga:fix-migrate-db into rutabaga:master
Colin Watson has proposed merging ~cjwatson/rutabaga:fix-migrate-db into rutabaga:master. Commit message: db: Don't fail migration if Token table already exists Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~cjwatson/rutabaga/+git/rutabaga/+merge/441591 The database migration handling in this project is very crude and needs to be entirely rewritten, but this should fix a problem that's blocking deployments for the moment. -- Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/rutabaga:fix-migrate-db into rutabaga:master. diff --git a/db/rutabaga.schema b/db/rutabaga.schema index d7cdd77..7cd04ff 100644 --- a/db/rutabaga.schema +++ b/db/rutabaga.schema @@ -1,5 +1,5 @@ BEGIN TRANSACTION; -CREATE TABLE Token +CREATE TABLE IF NOT EXISTS Token ( id INTEGER PRIMARY KEY AUTOINCREMENT, secret VARCHAR(255), @@ -7,4 +7,4 @@ username VARCHAR(255) UNIQUE, timestamp TEXT, valid INTEGER DEFAULT 1 ); -COMMIT; \ No newline at end of file +COMMIT; ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad:charm-charmhub-secrets-private-key into launchpad:master
Colin Watson has proposed merging
~cjwatson/launchpad:charm-charmhub-secrets-private-key into launchpad:master.
Commit message:
charm: Add charmhub_secrets_private_key
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/441598
Otherwise Charmhub authorization doesn't work when authorizing upload of charm
recipe builds.
--
Your team Launchpad code reviewers is requested to review the proposed merge of
~cjwatson/launchpad:charm-charmhub-secrets-private-key into launchpad:master.
diff --git a/charm/launchpad-appserver/config.yaml b/charm/launchpad-appserver/config.yaml
index f016031..117b9eb 100644
--- a/charm/launchpad-appserver/config.yaml
+++ b/charm/launchpad-appserver/config.yaml
@@ -8,6 +8,11 @@ options:
description: >
Cognitive Services subscription key for the Bing Custom Search API.
default:
+ charmhub_secrets_private_key:
+type: string
+description: >
+ Base64-encoded NaCl private key for decrypting Charmhub upload tokens.
+default:
csrf_secret:
type: string
description: >
diff --git a/charm/launchpad-appserver/templates/launchpad-appserver-secrets-lazr.conf b/charm/launchpad-appserver/templates/launchpad-appserver-secrets-lazr.conf
index 10da8a6..0d47a5c 100644
--- a/charm/launchpad-appserver/templates/launchpad-appserver-secrets-lazr.conf
+++ b/charm/launchpad-appserver/templates/launchpad-appserver-secrets-lazr.conf
@@ -13,6 +13,9 @@
[bing]
{{- opt("subscription_key", bing_subscription_key) }}
+[charms]
+{{- opt("charmhub_secrets_private_key", charmhub_secrets_private_key) }}
+
[codehosting]
{{- opt("git_macaroon_secret_key", git_macaroon_secret_key) }}
___
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~cjwatson/launchpad-buildd:drop-apt-transport-https into launchpad-buildd:master
Colin Watson has proposed merging ~cjwatson/launchpad-buildd:drop-apt-transport-https into launchpad-buildd:master. Commit message: Drop dependency on apt-transport-https Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~cjwatson/launchpad-buildd/+git/launchpad-buildd/+merge/441609 HTTPS support is integrated into apt these days. -- Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad-buildd:drop-apt-transport-https into launchpad-buildd:master. diff --git a/debian/changelog b/debian/changelog index 9448940..968e488 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +launchpad-buildd (232) UNRELEASED; urgency=medium + + * Drop dependency on apt-transport-https; HTTPS support is integrated into +apt these days. + + -- Colin Watson Fri, 21 Apr 2023 01:10:46 +0100 + launchpad-buildd (231) focal; urgency=medium * Only ignore .bzr and .git when building source packages from recipes, diff --git a/debian/control b/debian/control index b92d6b2..e4b5dc3 100644 --- a/debian/control +++ b/debian/control @@ -39,7 +39,6 @@ Package: launchpad-buildd Section: misc Architecture: all Depends: adduser, - apt-transport-https, bzip2, debootstrap, dmsetup, ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
