autopkgtest-cloud

Merge ~hyask/autopkgtest-cloud:skia/private_ppa_noble into autopkgtest-cloud:master

  1. Git
  2. lp:~hyask/autopkgtest-cloud
  3. skia/private_ppa_noble
  4. Merge into master
Proposed by Skia
Status: Merged
Merged at revision: ac0e18876bd6c8db12735c2f5aeb6aff76f74db5
Proposed branch: ~hyask/autopkgtest-cloud:skia/private_ppa_noble
Merge into: autopkgtest-cloud:master
Diff against target: 68 lines (+18/-28)
2 files modified
charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker (+17/-27)
mojo/service-bundle (+1/-1)
Reviewer Review Type Date Requested Status
Paride Legovini Approve
Review via email: mp+464327@code.launchpad.net

Description of the change

Main high level change is to enable the use of private PPAs on Noble.

Lower-level changes are:
  * move away from `apt-key`.
  * get the `release` in a way that is deb822 compatible.
  * remove the `noble`-specific quirk that was added when it became deb822-only.

To post a comment you must log in.
Revision history for this message
Skia (hyask) wrote :

WARNING: this has **not** been tested yet, we are still waiting for a private PPA to be setup for our team.

Revision history for this message
Skia (hyask) wrote :

First round of test showed that we needed to add keyserver.ubuntu.com to `no_proxy`. With that fix, things are working. We just need to validate that it also works with a private PPA.

Revision history for this message
Tim Andersson (andersson123) wrote :

If you haven't seen yet, our private ppa has been set up :)

Revision history for this message
Skia (hyask) wrote :

Tested with our newly created private PPA on both Noble and Trusty.
Command-lines used, for memory:
* ./run-autopkgtest -s noble -a amd64 --trigger hello/2.10-3build1~hellothere1 --ppa hyask:thisismytoken@canonical-ubuntu-qa/private-ppa-testing:074721E255F8AC93F97019410847687141517A9C --swiftuser skia hello
* ./run-autopkgtest -s trusty -a amd64 --trigger hello/2.8-4ubuntu1~hellothere14.04 --ppa hyask:thisismytoken@canonical-ubuntu-qa/private-ppa-testing:074721E255F8AC93F97019410847687141517A9C --swiftuser skia hello

Revision history for this message
Paride Legovini (paride) wrote :

Nice simplification!

I wonder how apt-key was accessing keyserver.ubuntu.com before, without it being in no_proxy. Maybe is uses https by default, and that's allowed in the squid config, while you went for plain http?

Not worth overthinking: skipping the proxy is even better.

review: Approve
Revision history for this message
Skia (hyask) wrote :

I wondered the same, and my wild guess, is that `apt-key` uses `gpg` directly, and `gpg` may simply not support the `http_proxy` variable, thus bypassing it naturally without requiring `no_proxy`.

Thanks for the review!

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker b/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker
index 5689302..bfa35e7 100755
--- a/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker
+++ b/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker
@@ -912,33 +912,23 @@ def request(msg):
912 )912 )
913 else:913 else:
914 ppaprefix = "http://"914 ppaprefix = "http://"
915 if release == "noble":915 # add GPG key
916 # add GPG key916 # we need to `gpg --dearmor` because at least trusty doesn't seem to support asc keys and
917 argv += [917 # OpenPGP HKS protocol doesn't specify a way to directly download unarmored keys
918 "--setup-commands",918 # both wget and gpg are thus required on the testbed, and both are present on the cloud images by default
919 "apt-get install -y software-properties-common",919 argv += [
920 ]920 "--setup-commands",
921 # add apt source921 f"wget -O- 'http://keyserver.ubuntu.com/pks/lookup?op=get&options=mr&v=1&search=0x{fingerprint}' | "
922 argv += [922 f"gpg --dearmor > '/etc/apt/trusted.gpg.d/autopkgtest-{ppauser}-{ppaname}.gpg'",
923 "--setup-commands",923 ]
924 "add-apt-repository --enable-source --yes ppa:%(u)s/%(p)s"924 # add apt source
925 % {"u": ppauser, "p": ppaname},925 argv += [
926 ]926 "--setup-commands",
927 else:927 "REL=$(lsb_release -cs); "
928 # add GPG key928 'echo "deb %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" > /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list; '
929 argv += [929 'echo "deb-src %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" >> /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list;'
930 "--setup-commands",930 % {"prefix": ppaprefix, "u": ppauser, "p": ppaname},
931 "apt-key adv --keyserver keyserver.ubuntu.com --recv-key "931 ]
932 + fingerprint,
933 ]
934 # add apt source
935 argv += [
936 "--setup-commands",
937 'REL=$(sed -rn "/^(deb|deb-src) .*(ubuntu.com|ftpmaster)/ { s/^[^ ]+ +(\[.*\] *)?[^ ]* +([^ -]+) +.*$/\\2/p; q }" /etc/apt/sources.list); '
938 'echo "deb %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" > /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list; '
939 'echo "deb-src %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" >> /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list;'
940 % {"prefix": ppaprefix, "u": ppauser, "p": ppaname},
941 ]
942932
943 # put results into separate container, named by the last PPA933 # put results into separate container, named by the last PPA
944 container += "-%s-%s" % (ppauser, ppaname)934 container += "-%s-%s" % (ppauser, ppaname)
diff --git a/mojo/service-bundle b/mojo/service-bundle
index f2da41c..24d2d14 100644
--- a/mojo/service-bundle
+++ b/mojo/service-bundle
@@ -15,7 +15,7 @@
15{%- if stage_name == "production" or stage_name == "staging" %}15{%- if stage_name == "production" or stage_name == "staging" %}
16 {%- set http_proxy = "http://squid.internal:3128" %}16 {%- set http_proxy = "http://squid.internal:3128" %}
17 {%- set https_proxy = "http://squid.internal:3128" %}17 {%- set https_proxy = "http://squid.internal:3128" %}
18 {%- set no_proxy = "127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com" %}18 {%- set no_proxy = "127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,keyserver.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com" %}
19{%- endif %}19{%- endif %}
2020
21description: "autopkgtest-cloud"21description: "autopkgtest-cloud"

Subscribers

People subscribed via source and target branches