launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #09208
[Merge] lp:~cjwatson/launchpad/remove-unembargo-package into lp:launchpad
Colin Watson has proposed merging lp:~cjwatson/launchpad/remove-unembargo-package into lp:launchpad.
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/remove-unembargo-package/+merge/112044
Following https://code.launchpad.net/~cjwatson/launchpad/pcj-reupload/+merge/111124 (and a few subsequent fixes), the Ubuntu security team should be able to use Archive.copyPackage(unembargo=True) rather than the old unembargo-package.py script, so we can remove the latter.
I've QAed the new method on dogfood, but I still need to do a smoke-test on production with the security team, currently planned for Wednesday. I won't land this at least until that's done.
--
https://code.launchpad.net/~cjwatson/launchpad/remove-unembargo-package/+merge/112044
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~cjwatson/launchpad/remove-unembargo-package into lp:launchpad.
=== modified file 'lib/lp/soyuz/scripts/packagecopier.py'
--- lib/lp/soyuz/scripts/packagecopier.py 2012-06-26 00:46:41 +0000
+++ lib/lp/soyuz/scripts/packagecopier.py 2012-06-26 09:53:26 +0000
@@ -7,7 +7,6 @@
__all__ = [
'PackageCopier',
- 'UnembargoSecurityPackage',
'CopyChecker',
'check_copy_permissions',
'do_copy',
@@ -1080,74 +1079,3 @@
raise SoyuzScriptError(
"Can not sync between the same locations: '%s' to '%s'" % (
self.location, self.destination))
-
-
-class UnembargoSecurityPackage(PackageCopier):
- """`SoyuzScript` that unembargoes security packages and their builds.
-
- Security builds are done in the ubuntu-security private PPA.
- When they are ready to be unembargoed, this script will copy
- them from the PPA to the Ubuntu archive and re-upload any files
- from the restricted librarian into the non-restricted one.
-
- This script simply wraps up PackageCopier with some nicer options.
-
- An assumption is made, to reduce the number of command line options,
- that packages are always copied between the same distroseries. The user
- can, however, select which target pocket to unembargo into. This is
- useful to the security team when there are major version upgrades
- and they want to stage it through -proposed first for testing.
- """
-
- usage = ("%prog [-d <distribution>] [-s <suite>] [--ppa <private ppa>] "
- "<package(s)>")
- description = ("Unembargo packages in a private PPA by copying to the "
- "specified location and re-uploading any files to the "
- "unrestricted librarian.")
-
- def add_my_options(self):
- """Add -d, -s, dry-run and confirmation options."""
- SoyuzScript.add_distro_options(self)
- SoyuzScript.add_transaction_options(self)
-
- self.parser.add_option(
- "-p", "--ppa", dest="archive_owner_name",
- default="ubuntu-security", action="store",
- help="Private PPA owner's name.")
-
- self.parser.add_option(
- "--ppa-name", dest="archive_name",
- default="ppa", action="store",
- help="Private PPA name.")
-
- def setUpCopierOptions(self):
- """Set up options needed by PackageCopier."""
- # Set up the options for PackageCopier that are needed in addition
- # to the ones that this class sets up.
- self.options.to_partner = False
- self.options.to_ppa = False
- self.options.partner_archive = None
- self.options.include_binaries = True
- self.options.unembargo = True
- self.options.to_distribution = self.options.distribution_name
- # The PackageCopier parent class uses options.suite as the source
- # suite, so we need to override it to remove the pocket since PPAs
- # are pocket-less.
- self.options.to_suite = self.options.suite
- self.options.suite = self.options.suite.split("-")[0]
- self.options.version = None
- self.options.component = None
-
- def mainTask(self):
- """Invoke PackageCopier to copy the package(s) and re-upload files."""
- self.setUpCopierOptions()
-
- # Generate the location for PackageCopier after overriding the
- # options.
- self.setupLocation()
-
- # Invoke the package copy operation.
- copies = PackageCopier.mainTask(self)
-
- # Return this for the benefit of the test suite.
- return copies
=== modified file 'lib/lp/soyuz/scripts/tests/test_copypackage.py'
--- lib/lp/soyuz/scripts/tests/test_copypackage.py 2012-06-25 08:35:33 +0000
+++ lib/lp/soyuz/scripts/tests/test_copypackage.py 2012-06-26 09:53:26 +0000
@@ -74,7 +74,6 @@
do_copy,
PackageCopier,
re_upload_file,
- UnembargoSecurityPackage,
update_files_privacy,
)
from lp.soyuz.tests.test_publishing import SoyuzTestPublisher
@@ -2915,95 +2914,32 @@
distribution=ubuntu)
# Create a source and binary private publication.
- hoary = ubuntu.getSeries('hoary')
- hoary.status = SeriesStatus.CURRENT
- test_publisher = self.getTestPublisher(hoary)
- ppa_source = test_publisher.getPubSource(
- archive=joe_private_ppa, version='1.0', distroseries=hoary)
- test_publisher.getPubBinaries(
- pub_source=ppa_source, distroseries=hoary)
- self.layer.txn.commit()
-
- # Run the copy package script storing the logged information.
- copy_helper = self.getCopier(
- sourcename='foo', from_ppa='joe',
- include_binaries=True, from_suite='hoary',
- to_suite='hoary-security', unembargo=True)
- copied = copy_helper.mainTask()
-
- # The private files are copied via a direct-copy request.
- self.assertEqual(len(copied), 3)
- self.assertEqual(
- ['INFO FROM: joe: hoary-RELEASE',
- 'INFO TO: Primary Archive for Ubuntu Linux: hoary-SECURITY',
- 'INFO Copy candidates:',
- 'INFO \tfoo 1.0 in hoary',
- 'INFO \tfoo-bin 1.0 in hoary hppa',
- 'INFO \tfoo-bin 1.0 in hoary i386',
- 'INFO Re-uploaded foo_1.0.dsc to librarian',
- 'INFO Re-uploaded foo_1.0_source.changes to librarian',
- 'INFO Re-uploaded foo-bin_1.0_all.deb to librarian',
- 'INFO Re-uploaded foo-bin_1.0_i386.changes to librarian',
- 'INFO Re-uploaded '
- 'buildlog_ubuntu-hoary-i386.foo_1.0_FULLYBUILT.txt.gz to '
- 'librarian',
- 'INFO Copied:',
- 'INFO \tfoo 1.0 in hoary',
- 'INFO \tfoo-bin 1.0 in hoary hppa',
- 'INFO \tfoo-bin 1.0 in hoary i386',
- 'INFO 3 packages successfully copied.',
- ],
- copy_helper.logger.getLogBuffer().splitlines())
-
- def testUnembargoing(self):
- """Test UnembargoSecurityPackage, which wraps PackagerCopier."""
- # Set up a private PPA.
- joe = self.factory.makePerson(name="joe")
- ubuntu = getUtility(IDistributionSet).getByName('ubuntu')
- joe_private_ppa = self.factory.makeArchive(
- owner=joe, name='ppa', private=True,
- distribution=ubuntu)
-
- # Setup a SoyuzTestPublisher object, so we can create publication
- # to be unembargoed.
warty = ubuntu.getSeries('warty')
test_publisher = self.getTestPublisher(warty)
-
- # Create a source and binary pair to be unembargoed from the PPA.
ppa_source = test_publisher.getPubSource(
- archive=joe_private_ppa, version='1.1',
- distroseries=warty,
+ archive=joe_private_ppa, version='1.1', distroseries=warty,
status=PackagePublishingStatus.PUBLISHED)
other_source = test_publisher.getPubSource(
archive=joe_private_ppa, version='1.1',
sourcename="sourcefordiff", distroseries=warty,
status=PackagePublishingStatus.PUBLISHED)
- test_publisher.addFakeChroots(warty)
ppa_binaries = test_publisher.getPubBinaries(
pub_source=ppa_source, distroseries=warty,
status=PackagePublishingStatus.PUBLISHED)
+ self.layer.txn.commit()
# Give the new source a private package diff.
- sourcepackagerelease = other_source.sourcepackagerelease
+ spr = other_source.sourcepackagerelease
diff_file = test_publisher.addMockFile("diff_file", restricted=True)
- package_diff = sourcepackagerelease.requestDiffTo(
- joe, ppa_source.sourcepackagerelease)
+ package_diff = spr.requestDiffTo(joe, ppa_source.sourcepackagerelease)
package_diff.diff_content = diff_file
- # Prepare a *restricted* buildlog file for the Build instances.
- fake_buildlog = test_publisher.addMockFile(
- 'foo_source.buildlog', restricted=True)
-
- for build in ppa_source.getBuilds():
- build.log = fake_buildlog
-
# Add a restricted changelog file.
- fake_changelog = test_publisher.addMockFile(
- 'changelog', restricted=True)
- ppa_source.sourcepackagerelease.changelog = fake_changelog
+ changelog = test_publisher.addMockFile("changelog", restricted=True)
+ ppa_source.sourcepackagerelease.changelog = changelog
- # Create ancestry environment in the primary archive, so we can
- # test unembargoed overrides.
+ # Create ancestry environment in the primary archive, so we can test
+ # unembargoed overrides.
ancestry_source = test_publisher.getPubSource(
version='1.0', distroseries=warty,
status=PackagePublishingStatus.PUBLISHED)
@@ -3011,7 +2947,7 @@
pub_source=ancestry_source, distroseries=warty,
status=PackagePublishingStatus.SUPERSEDED)
- # Override the published ancestry source to 'universe'
+ # Override the published ancestry source to 'universe'.
universe = getUtility(IComponentSet)['universe']
ancestry_source.component = universe
@@ -3021,22 +2957,38 @@
self.layer.txn.commit()
- # Now we can invoke the unembargo script and check its results.
- test_args = [
- "--ppa", "joe",
- "--ppa-name", "ppa",
- "-s", "%s" % ppa_source.distroseries.name + "-security",
- "foo",
- ]
-
- script = UnembargoSecurityPackage(
- name='unembargo', test_args=test_args)
- script.logger = BufferLogger()
-
- copied = script.mainTask()
-
- # Check the results.
- self.checkCopies(copied, script.destination.archive, 3)
+ # Run the copy package script storing the logged information.
+ copy_helper = self.getCopier(
+ sourcename='foo', from_ppa='joe',
+ include_binaries=True, from_suite='warty',
+ to_suite='warty-security', unembargo=True)
+ copied = copy_helper.mainTask()
+
+ # The private files are copied via a direct-copy request.
+ self.checkCopies(copied, copy_helper.destination.archive, 3)
+ self.assertEqual(
+ ['INFO FROM: joe: warty-RELEASE',
+ 'INFO TO: Primary Archive for Ubuntu Linux: warty-SECURITY',
+ 'INFO Copy candidates:',
+ 'INFO \tfoo 1.1 in warty',
+ 'INFO \tfoo-bin 1.1 in warty hppa',
+ 'INFO \tfoo-bin 1.1 in warty i386',
+ 'INFO Re-uploaded foo_1.1.dsc to librarian',
+ 'INFO Re-uploaded diff_file to librarian',
+ 'INFO Re-uploaded foo_1.1_source.changes to librarian',
+ 'INFO Re-uploaded changelog to librarian',
+ 'INFO Re-uploaded foo-bin_1.1_all.deb to librarian',
+ 'INFO Re-uploaded foo-bin_1.1_i386.changes to librarian',
+ 'INFO Re-uploaded '
+ 'buildlog_ubuntu-warty-i386.foo_1.1_FULLYBUILT.txt.gz to '
+ 'librarian',
+ 'INFO Copied:',
+ 'INFO \tfoo 1.1 in warty',
+ 'INFO \tfoo-bin 1.1 in warty hppa',
+ 'INFO \tfoo-bin 1.1 in warty i386',
+ 'INFO 3 packages successfully copied.',
+ ],
+ copy_helper.logger.getLogBuffer().splitlines())
# Check that the librarian files are all unrestricted now.
# We must commit the txn for SQL object to see the change.
@@ -3071,43 +3023,22 @@
published.pocket.title, "Security",
"Expected Security pocket, got %s" % published.pocket.title)
- def testUnembargoSuite(self):
- """Test that passing different suites works as expected."""
+ def testUnembargoStableReleasePocketForbidden(self):
+ """Unembargoing into release pocket of stable series is forbidden."""
# Set up a private PPA.
joe = self.factory.makePerson(name="joe")
ubuntu = getUtility(IDistributionSet).getByName('ubuntu')
self.factory.makeArchive(
owner=joe, name='ppa', private=True, distribution=ubuntu)
- test_args = [
- "--ppa", "joe",
- "-s", "warty-backports",
- "foo",
- ]
-
- script = UnembargoSecurityPackage(
- name='unembargo', test_args=test_args)
- script.setUpCopierOptions()
- script.setupLocation()
- script.setupDestination()
- script.destination.distroseries.status = SeriesStatus.CURRENT
- script.checkPrivacyOptions()
- self.assertEqual("warty-backports", script.options.to_suite)
-
- # Change the suite to one with the release pocket. It should copy
- # nothing as you're not allowed to unembargo into the release
- # pocket of a stable series.
- test_args[3] = "warty"
- script = UnembargoSecurityPackage(
- name='unembargo', test_args=test_args)
- script.logger = BufferLogger()
- script.setUpCopierOptions()
- script.setupLocation()
- script.setupDestination()
+ copy_helper = self.getCopier(
+ sourcename='foo', from_ppa='joe',
+ include_binaries=True, from_suite='warty',
+ to_suite='warty', unembargo=True)
self.assertRaisesWithContent(
SoyuzScriptError,
"Can't unembargo into suite 'warty' of a distribution.",
- script.checkPrivacyOptions)
+ copy_helper.mainTask)
def testCopyClosesBugs(self):
"""Copying packages closes bugs.
=== removed file 'scripts/ftpmaster-tools/unembargo-package.py'
--- scripts/ftpmaster-tools/unembargo-package.py 2011-12-29 05:29:36 +0000
+++ scripts/ftpmaster-tools/unembargo-package.py 1970-01-01 00:00:00 +0000
@@ -1,19 +0,0 @@
-#!/usr/bin/python -S
-#
-# Copyright 2009 Canonical Ltd. This software is licensed under the
-# GNU Affero General Public License version 3 (see the file LICENSE).
-
-# pylint: disable-msg=W0403
-"""Unembargo a package from the security private PPA."""
-
-import _pythonpath
-
-from lp.services.config import config
-from lp.soyuz.scripts.packagecopier import UnembargoSecurityPackage
-
-
-if __name__ == '__main__':
- script = UnembargoSecurityPackage(
- 'unembargo-package', dbuser=config.archivepublisher.dbuser)
- script.lock_and_run()
-
Follow ups
