Ubuntu
ca-certificates-java package

Merge ~vpa1977/ubuntu/+source/ca-certificates-java:dpkg-trigger into ubuntu/+source/ca-certificates-java:ubuntu/devel

Git
lp:~vpa1977/ubuntu/+source/ca-certificates-java
dpkg-trigger
Merge into ubuntu/devel

Proposed by Vladimir Petko on 2023-03-01

Status:

Merged

Merged at revision:

1a1275024ad4cbf1cea8fd74dfc78dce54e62806

Proposed branch:

~vpa1977/ubuntu/+source/ca-certificates-java:dpkg-trigger

Merge into:

ubuntu/+source/ca-certificates-java:ubuntu/devel

Diff against target:

249 lines (+124/-31)

9 files modified

debian/ca-certificates-java.postinst (+19/-26)
debian/ca-certificates-java.triggers (+2/-3)
debian/changelog (+18/-0)
debian/control (+9/-2)
debian/tests/can-convert-keystore (+24/-0)
debian/tests/can-install-jre (+26/-0)
debian/tests/can-install-libreoffice (+4/-0)
debian/tests/can-install-multiple-jdks (+13/-0)
debian/tests/control (+9/-0)

Related bugs:

Bug #1999103: Unable to install ca-certificates-java (20220719) on machine with PKCS12 keystore	Undecided	Fix Released
Bug #2003750: Unable to install libreoffice due to ca-certificates-java installation failure [original: Fails to configure in autopkgtest]	High	Fix Released
Bug #2004061: package ca-certificates-java 20230103 failed to install/upgrade: зацикливание триггеров, отмена работы	Undecided	Fix Released

Link a bug report

Reviewer	Date Requested	Status
Steve Langasek (community)	2023-03-01	Approve on 2023-03-02
git-ubuntu import	2023-03-01	Pending
Review via email: mp+438150@code.launchpad.net

Description of the change

NOTE: Please do not merge this until all OpenJDK package updates are performed. This package breaks existing OpenJDK packages.

This change depends on openjdk-jre-headless triggering certificate updates in the postinst script. Prerequisite updates:
- openjdk-8 [1] (merged)
- openjdk-lts [2] (merged)
- openjdk-17 [3] (merged)
- openjdk-18 [4] (merged)
- openjdk-19 [5] (merged)
- openjdk-20 [6] (merged)
- openjdk-21 [7] (merged)
Summary of changes:

  * Resolve circular JRE dependency (LP: #2003750, LP: #1999103, LP: #2004061)
    - debian/ca-certificates-java.postinst: remove setup_path, remove
      update_cacerts from "configure" stage.
    - debian/ca-certificates-java.postinst: do "fresh" update if cacerts file is not found. Certificates are refreshed only in response to the trigger activated by OpenJDK packages.
    - debian/ca-certificates-java.postinst: fix cacert enumeration command for Java 8.
    - debian/control: remove JRE dependency.
    - debian/control: add Breaks condition.
    - debian/tests: add smoke tests.
    - debian/ca-certificates-java.triggers: remove file trigger /usr/jvm.

PPA: ppa:vpa1977/ca-certificates-java-dpkg [8]

Steps to test:
autopackage tests should pass

Autopackage test results:
autopkgtest [08:33:54]: @@@@@@@@@@@@@@@@@@@@ summary
can-convert-keystore PASS
can-install-jre PASS
can-install-multiple-jdks PASS
can-install-libreoffice PASS

[1] https://code.launchpad.net/~vpa1977/ubuntu/+source/openjdk-8/+git/openjdk-8/+merge/438158
[2] https://code.launchpad.net/~vpa1977/ubuntu/+source/openjdk-lts/+git/openjdk-lts/+merge/438159
[3] https://code.launchpad.net/~vpa1977/ubuntu/+source/openjdk-17/+git/openjdk-17/+merge/438151
[4] https://code.launchpad.net/~vpa1977/ubuntu/+source/openjdk-18/+git/openjdk-18/+merge/438160
[5] https://code.launchpad.net/~vpa1977/ubuntu/+source/openjdk-19/+git/openjdk-19/+merge/438187
[6] https://code.launchpad.net/~vpa1977/ubuntu/+source/openjdk-20/+git/openjdk-20/+merge/438161
[7] https://code.launchpad.net/~vpa1977/ubuntu/+source/openjdk-21/+git/openjdk-21/+merge/438162
[8] https://launchpad.net/~vpa1977/+archive/ubuntu/ca-certificates-java-dpkg