ubuntu-security-tools

Merge ~sespiros/ubuntu-security-tools/+git/ubuntu-security-tools:fix-release-info into ubuntu-security-tools:master

  1. Git
  2. lp:~sespiros/ubuntu-security-tools/+git/ubuntu-security-tools
  3. fix-release-info
  4. Merge into master
Proposed by Spyros Seimenis
Status: Merged
Merged at revision: 2a581f319adaf3be8d31f495332bd9e208c3803a
Proposed branch: ~sespiros/ubuntu-security-tools/+git/ubuntu-security-tools:fix-release-info
Merge into: ubuntu-security-tools:master
Diff against target: 286 lines (+45/-45)
1 file modified
build-tools/umt (+45/-45)
Reviewer Review Type Date Requested Status
Alex Murray Approve
Leonidas S. Barbosa Pending
Review via email: mp+427489@code.launchpad.net

Description of the change

Changed most of the umt references to details['release'] to use details['base_release']. The rest of the cases which use details['release'] do so because they need the full release name and not just the base/parent release.

Now that umt depends on source_map and cve_lib anyway, maybe those parts could be refactored further in the future to entirely remove the release_list field from .ubuntu-security-tools.conf and use cve_lib instead.

To post a comment you must log in.
Revision history for this message
Spyros Seimenis (sespiros) wrote :

For the reviewer: link to the MP that started it all https://code.launchpad.net/~sespiros/ubuntu-security-tools/+git/ubuntu-security-tools/+merge/424782

Revision history for this message
Alex Murray (alexmurray) wrote :

I am not in love with changing so much code to use a new name... although I can understand the motivation. What about a different word than base_release - since this is what we would use in the changelog entry, looking at it for inspiration https://www.debian.org/doc/debian-policy/ch-source.html#s-dpkgchangelog I see they use the term distribution(s) - what if we used that instead?

Revision history for this message
Spyros Seimenis (sespiros) wrote :

I agree that it seems like a big change but there were 2 ways to fix the changelog/repo commands bug:
1) revert my previous fix; that means that the release field will keep not detecting ESM releases properly, the ESM chroot naming standardization was just a case that worked as a motivation to make all these changes.
2) keep the new field (base_release) and differentiate code that needs a full release name from code that needs just the base release (this patch)

Regarding the name, "distribution" could be an alternative one but I haven't seen that used in any of our tools. cve_lib for example uses the term "parent" https://git.launchpad.net/ubuntu-cve-tracker/tree/scripts/cve_lib.py#n113 to indicate the same thing, so that could be a candidate.

If we wanted to be pedantic, according to
- https://docs.ubuntu.com/landscape/en/repositories and
- https://wiki.ubuntu.com/DevelopmentCodeNames

technically a release is "Ubuntu" plus the version "X.YY" (and I guess the minor versions as well). "series" could also be the term we could use instead of "base_release" ("parent" in cve_lib) and maybe "subproject" instead of "release" (subproject is the term cve_lib uses).

Revision history for this message
Alex Murray (alexmurray) wrote :

series sounds like a good option - but it would be good to canvas the team to see if anyone else has better ideas.

Revision history for this message
Emilia Torino (emitorino) wrote :

+1 to refactor and use cve_lib as single source of this type of information

Revision history for this message
Alex Murray (alexmurray) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/build-tools/umt b/build-tools/umt
2index 27ca44c..603c412 100755
3--- a/build-tools/umt
4+++ b/build-tools/umt
5@@ -379,10 +379,10 @@ def cmd_changelog():
6 validate_toplevel()
7
8 is_devel_release = False
9- if details['release'] != ust['release_devel']:
10- release = details['release'] + '-security'
11+ if details['series'] != ust['release_devel']:
12+ release = details['series'] + '-security'
13 else:
14- release = details['release']
15+ release = details['series']
16 is_devel_release = True
17
18 if opt.increment:
19@@ -564,7 +564,7 @@ def perform_source_build(details, opt):
20 build_params.append('-sa')
21
22 if not opt.skip_maintainer:
23- update_maintainer(details['release'], details['version'], opt.simple_maintainer_update)
24+ update_maintainer(details['series'], details['version'], opt.simple_maintainer_update)
25 build_source(build_params, build_script, details,
26 force_dpkg_source=force_dpkg_source)
27 process_source_files(details, source_dest, merge=opt.merge)
28@@ -652,8 +652,8 @@ def perform_binary_build(details, opt):
29 # If opt.sbuild_dep_resolver is not specified, look for per package overrides
30 if details["build_dep_resolver"] == None:
31 if details['package'] in sbuild_dep_resolver_overrides and \
32- details['release'] in sbuild_dep_resolver_overrides[details['package']]:
33- details["build_dep_resolver"] = sbuild_dep_resolver_overrides[details['package']][details['release']]
34+ details['series'] in sbuild_dep_resolver_overrides[details['package']]:
35+ details["build_dep_resolver"] = sbuild_dep_resolver_overrides[details['package']][details['series']]
36
37 if details["build_dep_resolver"] in ['apt', 'aptitude', 'internal']:
38 buildopts.append('--build-dep-resolver=%s' % details["build_dep_resolver"])
39@@ -761,7 +761,7 @@ def cmd_build_orig():
40 opt.skip = True
41 # Force the release as we can't auto-discover based on directory name
42 if opt.release == False:
43- opt.release = details['release']
44+ opt.release = details['series']
45 details = prepare_build(opt)
46 perform_source_build(details, opt)
47 perform_binary_build(details, opt)
48@@ -919,7 +919,7 @@ def cmd_check():
49 (rc, report) = runcmd(command, stdout=None)
50
51 # Check if we should warn about a Vcs-Bzr tag
52- if details['release'] == ust['release_devel']:
53+ if details['series'] == ust['release_devel']:
54 try:
55 for line in open('debian/control').readlines():
56 if line.lower().startswith("vcs-bzr:"):
57@@ -928,7 +928,7 @@ def cmd_check():
58 pass
59
60 # Print out some special-case warnings before exiting
61- emit_special_warnings(details['package'], details['release'])
62+ emit_special_warnings(details['package'], details['series'])
63
64 # finally check changes file as well for missing LP: # references
65 changes_file = dscfile.replace(".dsc", "_source.changes")
66@@ -1156,7 +1156,7 @@ def download_binaries_from_ppa(details, binary_dest, version, ppa, arch, display
67 err("could not find '%s'" % sis_changes)
68 sys.exit(1)
69
70- repo_dest = os.path.join(ust['package_tools_repo_base'], details['release'])
71+ repo_dest = os.path.join(ust['package_tools_repo_base'], details['series'])
72 binaries = glob.glob(repo_dest + '/%s_%s_*' % (details['package'], version))
73 copy_binaries = False
74 if len(binaries) > 0:
75@@ -1170,7 +1170,7 @@ def download_binaries_from_ppa(details, binary_dest, version, ppa, arch, display
76
77 if not copy_binaries:
78 copy_sppa_to_repos = os.path.join(os.environ['UST'], "repo-tools", 'copy_sppa_to_repos')
79- args = [copy_sppa_to_repos, '--ppa', ppa, '--force-binaries', '--release', details['release']]
80+ args = [copy_sppa_to_repos, '--ppa', ppa, '--force-binaries', '--release', details['series']]
81 if arch:
82 args += ['--arch', arch]
83 args.append(details['package'])
84@@ -1207,24 +1207,24 @@ def cmd_compare_bin():
85
86 # always use debian-installer in release pocket for non-devel releases
87 installer_components = 'main/debian-installer'
88- if details['release'] == ust['release_devel'] or not use_installer:
89+ if details['series'] == ust['release_devel'] or not use_installer:
90 installer_components = ''
91 s='''
92 deb [arch=%s] %s/ %s %s %s
93 deb-src %s/ %s %s
94-''' % (details['arch'], ust.get_sbuild_mirror(details['arch']), details['release'], components, installer_components,
95- ust.get_sbuild_srcmirror(details['arch']), details['release'], components)
96+''' % (details['arch'], ust.get_sbuild_mirror(details['arch']), details['series'], components, installer_components,
97+ ust.get_sbuild_srcmirror(details['arch']), details['series'], components)
98
99- if details['release'] != ust['release_devel']:
100+ if details['series'] != ust['release_devel']:
101 s += '''
102 deb [arch=%s] %s/ %s-updates %s %s
103 deb-src %s/ %s-updates %s
104 deb [arch=%s] %s/ %s-security %s %s
105 deb-src %s/ %s-security %s
106-''' % (details['arch'], ust.get_sbuild_mirror(details['arch']), details['release'], components, installer_components,
107- ust.get_sbuild_srcmirror(details['arch']), details['release'], components,
108- details['arch'], ust.get_sbuild_mirror(details['arch']), details['release'], components, installer_components,
109- ust.get_sbuild_srcmirror(details['arch']), details['release'], components)
110+''' % (details['arch'], ust.get_sbuild_mirror(details['arch']), details['series'], components, installer_components,
111+ ust.get_sbuild_srcmirror(details['arch']), details['series'], components,
112+ details['arch'], ust.get_sbuild_mirror(details['arch']), details['series'], components, installer_components,
113+ ust.get_sbuild_srcmirror(details['arch']), details['series'], components)
114
115 # as of quantal, devel packages can be waiting in -proposed, so
116 # don't do this just for non-devel releases
117@@ -1232,15 +1232,15 @@ deb-src %s/ %s-security %s
118 s += '''
119 deb [arch=%s] %s/ %s-proposed %s %s
120 deb-src %s/ %s-proposed %s
121-''' % (details['arch'], ust.get_sbuild_mirror(details['arch']), details['release'], components, installer_components,
122- ust.get_sbuild_srcmirror(details['arch']), details['release'], components)
123+''' % (details['arch'], ust.get_sbuild_mirror(details['arch']), details['series'], components, installer_components,
124+ ust.get_sbuild_srcmirror(details['arch']), details['series'], components)
125
126 if 'test_repo' in details and details['test_repo']:
127 s += '''
128 deb [arch=%s] %s/ %s/
129 deb-src %s/ %s/
130-''' % (details['arch'], ust['package_tools_repo_url'], details['release'],
131- ust['package_tools_repo_url'], details['release'])
132+''' % (details['arch'], ust['package_tools_repo_url'], details['series'],
133+ ust['package_tools_repo_url'], details['series'])
134
135 return s
136
137@@ -1489,7 +1489,7 @@ Acquire::Languages "none";
138 details['arch'] = arch
139
140 if opt.release:
141- details['release'] = opt.release
142+ details['series'] = opt.release
143
144 if opt.proposed:
145 details['proposed'] = True
146@@ -1572,7 +1572,7 @@ def copy_to_repo(opt, details, quiet=False, source_dest=source_dest, binary_dest
147 if not quiet:
148 print_details(details)
149
150- repo_dest = os.path.join(repo_base, details['release'])
151+ repo_dest = os.path.join(repo_base, details['series'])
152
153 if opt.purge and os.path.isdir(repo_dest):
154 print("Cleaning out '%s'" % (repo_dest))
155@@ -1620,7 +1620,7 @@ def copy_to_repo(opt, details, quiet=False, source_dest=source_dest, binary_dest
156 print("Copying '%s'..." % (os.path.join(binary_dest, f)))
157 shutil.copy(os.path.join(binary_dest, f), repo_dest)
158
159- (rc, report) = runcmd([update_repo, details['release']], stdin=sys.stdin, stdout=None)
160+ (rc, report) = runcmd([update_repo, details['series']], stdin=sys.stdin, stdout=None)
161 if rc != 0:
162 err("failure running '%s':\n%s" % (update_repo, report))
163 sys.exit(1)
164@@ -1672,7 +1672,7 @@ def cmd_upload():
165
166 # adjust destination if debian
167 init_dest = opt.destination
168- if details['release'] == "unstable": # XXX: add other releases
169+ if details['series'] == "unstable": # XXX: add other releases
170 init_dest = "debian"
171
172 details = parse_changes_file(changes_file)
173@@ -1971,7 +1971,7 @@ def cmd_adt():
174 }
175
176 details = parse_package_details(skip_sanity = True)
177- release = details['release']
178+ release = details['series']
179
180 valid_releases = []
181 for rel in source_map.cve_lib.releases:
182@@ -2647,7 +2647,7 @@ def run_qrt_tests(opt, args, details):
183 # installed (--only-upgrade) and mark them as auto installed
184 # (--mark-auto)
185 apt_args += "--only-upgrade "
186- release_num = BetterUbuntuDistroInfo().get_release(details['release'])
187+ release_num = BetterUbuntuDistroInfo().get_release(details['series'])
188 if release_num:
189 if release_num > "20.04":
190 apt_args += "--mark-auto "
191@@ -3418,7 +3418,7 @@ def prepare_tool_env(opt, details):
192 os.environ['DEB_BUILD_HARDENING'] = '1'
193
194 # Parallel builds only started with karmic and later
195- if opt.parallel and details['release'] not in ['dapper','jaunty']:
196+ if opt.parallel and details['series'] not in ['dapper','jaunty']:
197 _append_deb_build_options('parallel=%s' % (opt.parallel), "parallel=")
198 except:
199 pass
200@@ -3698,7 +3698,7 @@ do
201 rm -f "$SRCS"
202 fi
203 done
204-''' % (dropped_pockets, details['release'])
205+''' % (dropped_pockets, details['series'])
206
207 # add the updates pocket if building a proposed package if it isn't already
208 # in the sources.list
209@@ -3712,7 +3712,7 @@ if ! grep -q '^[^#].*\-updates' /etc/apt/sources.list ; then
210 mv -f "$SRCS" /etc/apt/sources.list
211 need_update=1
212 fi
213-''' % (details['release'], details['release'], details['release'])
214+''' % (details['series'], details['series'], details['series'])
215
216 # add the proposed pocket if told to do so
217 if force_proposed == True:
218@@ -3725,7 +3725,7 @@ if ! grep -q '^[^#].*\-proposed' /etc/apt/sources.list ; then
219 mv -f "$SRCS" /etc/apt/sources.list
220 need_update=1
221 fi
222-''' % (details['release'], details['release'], details['release'])
223+''' % (details['series'], details['series'], details['series'])
224
225 # Add local repo if needed
226 if details['additional-repo']:
227@@ -3737,12 +3737,12 @@ echo "deb %s %s/" >> "$SRCS"
228 mv -f "$SRCS" /etc/apt/sources.list
229 need_update=1
230 ''' % (details['additional-repo'],
231- details['additional-repo'], details['release'])
232+ details['additional-repo'], details['series'])
233
234 # Update components. Xenial and higher now requires universe to build
235 # main packages. release_num can be None if release is unknown, like
236 # when distro_info hasn't been updated yet for a new dev release
237- release_num = BetterUbuntuDistroInfo().get_release(details['release'])
238+ release_num = BetterUbuntuDistroInfo().get_release(details['series'])
239 if release_num and release_num < "16.04":
240 allowed_comps = { 'main' : ':main:',
241 'restricted' : ':main:restricted:',
242@@ -3790,7 +3790,7 @@ fi
243 ''' % (allowed_comps[details['component']], details['component'])
244
245 # Hack to work around lucid dbus trying to start in the chroot
246- if details['release'] == "lucid":
247+ if details['series'] == "lucid":
248 build_script = build_script + '''
249 dpkg-divert --divert /etc/init/dbus.conf.disabled --rename /etc/init/dbus.conf
250 '''
251@@ -4054,14 +4054,14 @@ def parse_package_details(release = None, skip_sanity = False, force_component =
252 details.setdefault('release', details['changelog_release'])
253
254 # Find base release
255- base_release = details["release"]
256- if 'esm' in base_release:
257- if 'trusty' in base_release:
258- base_release = 'trusty'
259+ series = details["release"]
260+ if 'esm' in series:
261+ if 'trusty' in series:
262+ series = 'trusty'
263 else:
264- base_release = base_release.split('/')[1]
265+ series = series.split('/')[1]
266
267- details['base_release'] = base_release
268+ details['series'] = series
269
270 # Find previous version
271 previous_version = ''
272@@ -4091,11 +4091,11 @@ def parse_package_details(release = None, skip_sanity = False, force_component =
273 # Perform sanity checking
274 if not skip_sanity:
275 # Sanity check release
276- if details['changelog_release'] != details['base_release']:
277- err("oops! changelog release (%s) != '%s'" % (details['changelog_release'], details['base_release']))
278+ if details['changelog_release'] != details['series']:
279+ err("oops! changelog release (%s) != '%s'" % (details['changelog_release'], details['series']))
280 sys.exit(1)
281 # Sanity check pocket
282- if (details['release'] != ust['release_devel']) and (details['release'] != 'unstable') and \
283+ if (details['series'] != ust['release_devel']) and (details['series'] != 'unstable') and \
284 (details['pocket'] != 'security') and \
285 (details['pocket'] != 'backports') and \
286 (details['pocket'] != 'proposed'):

Subscribers

People subscribed via source and target branches