Merge lp:~cjwatson/launchpad/uefi-copy-no-auto-approve into lp:launchpad
Status: | Merged |
---|---|
Approved by: | William Grant |
Approved revision: | no longer in the source branch. |
Merged at revision: | 16021 |
Proposed branch: | lp:~cjwatson/launchpad/uefi-copy-no-auto-approve |
Merge into: | lp:launchpad |
Diff against target: |
390 lines (+109/-113) 5 files modified
lib/lp/soyuz/scripts/custom_uploads_copier.py (+23/-25) lib/lp/soyuz/scripts/packagecopier.py (+3/-1) lib/lp/soyuz/scripts/tests/test_custom_uploads_copier.py (+73/-80) lib/lp/testing/factory.py (+5/-4) lib/lp/testing/tests/test_factory.py (+5/-3) |
To merge this branch: | bzr merge lp:~cjwatson/launchpad/uefi-copy-no-auto-approve |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
William Grant | code | Approve | |
Review via email: mp+126128@code.launchpad.net |
Commit message
Explicitly select the target archive when creating CustomUploadCop
Description of the change
== Summary ==
Bug 1036616: we can't stage custom uploads in PPAs, because the custom uploads copier doesn't work quite right. This is about to become very important to Ubuntu Engineering in terms of how we handle UEFI secure boot: we'll need it for security updates post-release, and it appears that we may need it very soon pre-release as well for signed kernels because the workflow for uploading kernels to the development series involves staging them in a PPA.
== Proposed fix ==
As described in the bug report, I first had to pre-emptively secure against the ability to bypass the forced UNAPPROVED logic for UEFI custom uploads to the primary archive by way of copying them from a PPA.
After that, the problem was that CustomUploadCop
== Tests ==
bin/test -vvct lp.archivepubli
== Demo and Q/A ==
On dogfood, attempt to copy an efilinux upload from https:/