launchpad-reviewers team mailing list archive

[Andy Whitcroft <apw@xxxxxxxxxxxxx>]

Andy Whitcroft has proposed merging lp:~apw/launchpad/signing-checksum-fix-cross-device-links into lp:launchpad.

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)
Related bugs:
  Bug #1285919 in Launchpad itself: "uefi archive files don't have signed checksums"
  https://bugs.launchpad.net/launchpad/+bug/1285919
  Bug #1577736 in Launchpad itself: "Expand archive signing to kernel modules"
  https://bugs.launchpad.net/launchpad/+bug/1577736

For more details, see:
https://code.launchpad.net/~apw/launchpad/signing-checksum-fix-cross-device-links/+merge/298106

Fix custom publisher oopses when attempting to rename prepared checksum files into place.  These should be built in the archive temproot to ensure they are on the same filesystem.
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~apw/launchpad/signing-checksum-fix-cross-device-links into lp:launchpad.

=== modified file 'lib/lp/archivepublisher/signing.py'
--- lib/lp/archivepublisher/signing.py	2016-06-17 21:17:58 +0000
+++ lib/lp/archivepublisher/signing.py	2016-06-22 09:04:58 +0000
@@ -109,6 +109,7 @@
         self.targetdir = os.path.join(
             dists_signed, "%s-%s" % (self.package, self.arch))
         self.archiveroot = pubconf.archiveroot
+        self.temproot = pubconf.temproot
 
         self.public_keys = set()
 
@@ -338,7 +339,7 @@
         signer = None
         if self.archive.signing_key:
             signer = IArchiveSigningKey(self.archive)
-        with DirectoryHash(versiondir, self.tmpdir, signer) as hasher:
+        with DirectoryHash(versiondir, self.temproot, signer) as hasher:
             hasher.add_dir(versiondir)
 
     def shouldInstall(self, filename):

=== modified file 'lib/lp/archivepublisher/tests/test_signing.py'
--- lib/lp/archivepublisher/tests/test_signing.py	2016-06-17 20:46:06 +0000
+++ lib/lp/archivepublisher/tests/test_signing.py	2016-06-22 09:04:58 +0000
@@ -100,6 +100,9 @@
         self.signing_dir = os.path.join(
             self.temp_dir, self.distro.name + "-signing")
         self.suite = "distroseries"
+        pubconf = getPubConfig(self.archive)
+        if not os.path.exists(pubconf.temproot):
+            os.makedirs(pubconf.temproot)
         # CustomUpload.installFiles requires a umask of 0o022.
         old_umask = os.umask(0o022)
         self.addCleanup(os.umask, old_umask)
@@ -115,6 +118,9 @@
         self.signing_dir = os.path.join(
             self.temp_dir, "signing", "signing-owner", "testing")
         self.testcase_cn = '/CN=PPA signing-owner testing/'
+        pubconf = getPubConfig(self.archive)
+        if not os.path.exists(pubconf.temproot):
+            os.makedirs(pubconf.temproot)
 
     def setUpArchiveKey(self):
         with KeyServerTac():
@@ -183,6 +189,9 @@
         # nothing is signed.
         self.archive = self.factory.makeArchive(
             distribution=self.distro, purpose=ArchivePurpose.COPY)
+        pubconf = getPubConfig(self.archive)
+        if not os.path.exists(pubconf.temproot):
+            os.makedirs(pubconf.temproot)
         self.openArchive("test", "1.0", "amd64")
         self.tarfile.add_file("1.0/empty.efi", "")
         self.tarfile.add_file("1.0/empty.ko", "")