canonical-ubuntu-qa team mailing list archive
-
canonical-ubuntu-qa team
-
Mailing list archive
-
Message #03764
[Merge] ~hyask/autopkgtest-cloud:skia/private_ppa_noble into autopkgtest-cloud:master
Skia has proposed merging ~hyask/autopkgtest-cloud:skia/private_ppa_noble into autopkgtest-cloud:master.
Requested reviews:
Canonical's Ubuntu QA (canonical-ubuntu-qa)
For more details, see:
https://code.launchpad.net/~hyask/autopkgtest-cloud/+git/autopkgtest-cloud/+merge/464327
Main high level change is to enable the use of private PPAs on Noble.
Lower-level changes are:
* move away from `apt-key`.
* get the `release` in a way that is deb822 compatible.
* remove the `noble`-specific quirk that was added when it became deb822-only.
--
Your team Canonical's Ubuntu QA is requested to review the proposed merge of ~hyask/autopkgtest-cloud:skia/private_ppa_noble into autopkgtest-cloud:master.
diff --git a/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker b/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker
index 5689302..14fd91d 100755
--- a/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker
+++ b/charms/focal/autopkgtest-cloud-worker/autopkgtest-cloud/worker/worker
@@ -912,33 +912,23 @@ def request(msg):
)
else:
ppaprefix = "http://";
- if release == "noble":
- # add GPG key
- argv += [
- "--setup-commands",
- "apt-get install -y software-properties-common",
- ]
- # add apt source
- argv += [
- "--setup-commands",
- "add-apt-repository --enable-source --yes ppa:%(u)s/%(p)s"
- % {"u": ppauser, "p": ppaname},
- ]
- else:
- # add GPG key
- argv += [
- "--setup-commands",
- "apt-key adv --keyserver keyserver.ubuntu.com --recv-key "
- + fingerprint,
- ]
- # add apt source
- argv += [
- "--setup-commands",
- 'REL=$(sed -rn "/^(deb|deb-src) .*(ubuntu.com|ftpmaster)/ { s/^[^ ]+ +(\[.*\] *)?[^ ]* +([^ -]+) +.*$/\\2/p; q }" /etc/apt/sources.list); '
- 'echo "deb %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" > /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list; '
- 'echo "deb-src %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" >> /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list;'
- % {"prefix": ppaprefix, "u": ppauser, "p": ppaname},
- ]
+ # add GPG key
+ # we need to `gpg --dearmor` because at least trusty doesn't seem to support asc keys and
+ # OpenPGP HKS protocol doesn't specify a way to directly download unarmored keys
+ # both wget and gpg are thus required on the testbed, and both are present on the cloud images by default
+ argv += [
+ "--setup-commands",
+ f"wget -O- 'http://keyserver.ubuntu.com/pks/lookup?op=get&options=mr&v=1&search=0x{fingerprint}' | "
+ f"gpg --dearmor > /etc/apt/trusted.gpg.d/autopkgtest-{ppauser}-{ppaname}.gpg",
+ ]
+ # add apt source
+ argv += [
+ "--setup-commands",
+ "REL=$(lsb_release -cs); "
+ 'echo "deb %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" > /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list; '
+ 'echo "deb-src %(prefix)sppa.launchpad.net/%(u)s/%(p)s/ubuntu $REL main" >> /etc/apt/sources.list.d/autopkgtest-%(u)s-%(p)s.list;'
+ % {"prefix": ppaprefix, "u": ppauser, "p": ppaname},
+ ]
# put results into separate container, named by the last PPA
container += "-%s-%s" % (ppauser, ppaname)
Follow ups
