lp:~xnox/launchpad

Author: Dimitri John Ledkov
Author Date: 2023-10-13 23:51:06 UTC

soyuz: Add toggle to turn off I18n/Index publishing

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>

Author: Dimitri John Ledkov
Author Date: 2023-10-03 18:01:03 UTC

archivepublisher: consistently use only sha256 for apt archives

Unused hashes are redundant, and are now cauing interop problems with
overly strict programs and humans.

Summary of changes:

 * Remove md5, sha1 from Release, Packages, Sources metadata in
   primary & ppa publisher.

 * Change i18n Index from SHA1 to SHA256. Uncertain if actually used
   by clients.

 * Remove sha512 from Packages & Sources in primary publisher only, do
   not exist anywhere else. (Also see LP: #1536602). Also it is
   noticably slow even on most modern hardware for rudimentary
   repository sizes.

 * Ensure and enforce consistent publishing by both primary & ppa
   publisher, irrespective of host release.

Note that overall security is provided by rsa-pkcs1-v1_5 + sha512
signatures in current primary and ppa publishers, independent of the
hash changes in this commit.

Minimum required apt for Launchpad host deployment is 1.1 (Xenial) due
to `--no-sha512` option usage.

Minimum required apt for clients is 0.7.7 (Hardy), subject to
compatible signing.

This implementation is intentionally global for all suites in both
primary and ppa publishers.

Fixes LP: #1883271

Author: Dimitri John Ledkov
Author Date: 2023-10-04 00:57:09 UTC

archivepublisher: remove SHA512 from Packages & Sources

Never used in ppas for InRelease, Packages, and Sources.
Never used in archive for InRelease.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>

Author: Dimitri John Ledkov
Author Date: 2023-07-25 17:02:53 UTC

snappy: Make requestbuild use auto-build archive and pocket defaults

Make request snap builds page for a snap, reuse auto-build archive &
pocket, if set on the snap.

Proof of concept untested code, no tests added.

LP: #2028687

Author: Dimitri John Ledkov
Author Date: 2023-06-23 13:27:19 UTC

Allow to specify snapd channel in snap builds

snapcraft has a runtime dependency on snapd, and in rare cases when
there is incompatibility between the two, one may need to request both
snapcraft and snapd from specific channels to correctly complete
builds.

This was especially profound when we lost ability to rebuild core22
snap on riscv64 due to a regression in snapd, and unable to instruct
launchpad to temporarily use snapd from any other channel but stable.

Author: Dimitri John Ledkov
Author Date: 2023-01-20 20:58:39 UTC

custom_uploads_copier.py: Support excluding signing

Add support in custom_uploads_copier to skip copying signing (uefi &
signing).

Hook into initialise_distroseries with packagecopier to exclude
copying signing. Not sure if this codepath is actually ever used.

Hook into publish_ftpmaster to exclude signing upon preparing to
publish fresh series for the first time.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>

Author: Dimitri John Ledkov
Author Date: 2023-01-20 20:58:39 UTC

custom_uploads_copier.py: Support excluding signing

Add support in custom_uploads_copier to skip copying signing (uefi &
signing).

Hook into initialise_distroseries with packagecopier to exclude
copying signing. Not sure if this codepath is actually ever used.

Hook into publish_ftpmaster to exclude signing upon preparing to
publish fresh series for the first time.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>

Author: Dimitri John Ledkov
Author Date: 2023-01-21 02:17:22 UTC

custom_uploads_copier: allow checking upload's source is published

In ftpmaster publisher, opt-into checking custom upload's source is
still published. This is to avoid publising custom uploads, for source
packages that have been removed.

Possibly a better check would be to find bpph and check if it is
superseeded or not. But it is quite hard to jump from custom upload to
the patching bpph, despite having the link to the binary upload
changes file.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>

Author: Dimitri John Ledkov
Author Date: 2021-06-14 13:36:17 UTC

Avoid expiring PPAs related to building images

Some UC kernel snaps are built from PPAs owned by the kernel team.
Some CPC / Cloud kernel previews are build from these PPAs too.

Author: Dimitri John Ledkov
Author Date: 2021-06-01 14:23:13 UTC

Avoid expiring PPAs related to building UC gadgets and images

Related to 411dd1713626ed137da3a75daa01f4f6a42bd073

Author: Dimitri John Ledkov
Author Date: 2019-11-04 14:29:37 UTC

Drop core16, not yet stable.