Launchpad itself

Allow building livefses against a view of the archive at a fixed point in time

Bug #1765933 reported by Colin Watson
26
This bug affects 4 people
Affects Status Importance Assigned to Milestone
Launchpad itself
In Progress
High
Colin Watson
livecd-rootfs (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

It would be useful to be able to dispatch a set of livefs builds that all reliably build from the same point in time in the archive's history, even if they're dispatched at slightly different times. We did the InRelease-by-hash work (https://bugs.debian.org/886745, and subsequent Launchpad publisher changes) as a prerequisite for this. We're now ready to consider the next stage. I believe that there are three major chunks of work here:

1) Somebody needs to work out the livecd-rootfs/live-build bits, which I think ought to be a Foundations job (I don't expect to do this part myself). It needs to pick up the inrelease-path option from the sources.list in the environment where livecd-rootfs is run and propagate that through while building the image, but make sure that the inrelease-path option *doesn't* end up in the sources.list in the final image (just like the way we build from ftpmaster.internal but don't actually leave that in the final image, since it wouldn't work).

2) In parallel with 1), we need to improve Launchpad's internal tracking of the history of archive index files. At the moment, the only feasible interface we could offer would be that the entity scheduling livefs builds would need to work out the SHA-256 hashes of all the relevant InRelease files and tell Launchpad what to use. This is cumbersome and hard to automate. Instead, it would be much better to make it work by timestamp (perhaps even simply having an option to pick whatever's current when the builds are scheduled), but to do that we need to convert ArchiveFile into a history table, adding date_created and date_superseded columns so that we can work out which version was live at any given time.

3) Once both 1) and 2) are done, we can add the relevant options to Launchpad's livefs build code to cause the correct sources.list to be dispatched.

Related branches

lp:~cjwatson/launchpad/db-archive-file-history
Rejected for merging into lp:launchpad/db-devel
Stuart Bishop: Pending (db) requested
Launchpad code reviewers: Pending (db) requested
Diff: 17 lines (+13/-0)
1 file modified
database/schema/patch-2209-74-1.sql (+13/-0)
lp:~cjwatson/launchpad/archive-file-history
Rejected for merging into lp:launchpad
Launchpad code reviewers: Pending requested
Diff: 771 lines (+248/-178)
5 files modified
lib/lp/archivepublisher/publishing.py (+43/-22)
lib/lp/archivepublisher/tests/test_publisher.py (+94/-61)
lib/lp/soyuz/interfaces/archivefile.py (+12/-9)
lib/lp/soyuz/model/archivefile.py (+37/-47)
lib/lp/soyuz/tests/test_archivefile.py (+62/-39)
~cjwatson/launchpad:db-archive-file-date-indexes
William Grant: Approve (db)
Diff: 22 lines (+16/-0)
1 file modified
database/schema/patch-2211-15-0.sql (+16/-0)
~cjwatson/launchpad:db-archive-file-date-indexes
Superseded for merging into launchpad:db-devel
William Grant: Needs Information (db)
Diff: 22 lines (+16/-0)
1 file modified
database/schema/patch-2211-15-0.sql (+16/-0)
~cjwatson/launchpad:archive-file-history-backfill
Colin Watson (community): Approve
Ioana Lasc: Pending requested
Diff: 184 lines (+97/-1)
4 files modified
database/schema/security.cfg (+1/-0)
lib/lp/archivepublisher/publishing.py (+1/-0)
lib/lp/scripts/garbo.py (+36/-0)
lib/lp/scripts/tests/test_garbo.py (+59/-1)
~cjwatson/launchpad:archive-file-history
William Grant: Approve (code)
Diff: 742 lines (+203/-237)
5 files modified
lib/lp/archivepublisher/publishing.py (+21/-31)
lib/lp/archivepublisher/tests/test_publisher.py (+92/-80)
lib/lp/soyuz/interfaces/archivefile.py (+15/-14)
lib/lp/soyuz/model/archivefile.py (+30/-62)
lib/lp/soyuz/tests/test_archivefile.py (+45/-50)
~wgrant/launchpad:archive-file-history-refactor
Rejected for merging into launchpad:master
Launchpad code reviewers: Pending requested
Diff: 269 lines (+98/-98)
2 files modified
lib/lp/archivepublisher/publishing.py (+95/-98)
lib/lp/archivepublisher/tests/test_publisher.py (+3/-0)
~cjwatson/launchpad:archive-file-history-backfill
Superseded for merging into launchpad:master
Ioana Lasc (community): Approve
Diff: 170 lines (+83/-1)
4 files modified
database/schema/security.cfg (+1/-0)
lib/lp/archivepublisher/publishing.py (+1/-0)
lib/lp/scripts/garbo.py (+34/-0)
lib/lp/scripts/tests/test_garbo.py (+47/-1)
~cjwatson/launchpad:merge-db-stable
Colin Watson (community): Approve
Diff: 106 lines (+62/-0)
3 files modified
database/schema/patch-2210-09-0.sql (+13/-0)
database/schema/patch-2210-12-0.sql (+45/-0)
database/schema/security.cfg (+4/-0)
~cjwatson/launchpad:archive-file-history
Superseded for merging into launchpad:master
Launchpad code reviewers: Pending requested
Diff: 766 lines (+242/-172)
5 files modified
lib/lp/archivepublisher/publishing.py (+43/-22)
lib/lp/archivepublisher/tests/test_publisher.py (+88/-55)
lib/lp/soyuz/interfaces/archivefile.py (+12/-9)
lib/lp/soyuz/model/archivefile.py (+37/-47)
lib/lp/soyuz/tests/test_archivefile.py (+62/-39)
~cjwatson/launchpad:db-archive-file-history
William Grant: Approve (db)
Diff: 19 lines (+13/-0)
1 file modified
database/schema/patch-2210-09-0.sql (+13/-0)
Colin Watson (cjwatson)
Changed in launchpad:
status: Triaged → In Progress
assignee: nobody → Colin Watson (cjwatson)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in livecd-rootfs (Ubuntu):
status: New → Confirmed
Francis Ginther (fginther)
tags: added: id-5b296c1ea29e35b30684caed
Francis Ginther (fginther)
tags: added: id-5e5451e0091a4c48a5bf3c57
Francis Ginther (fginther)
tags: added: id-5e724267b2a8370b605b1367
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Is the status of this bug accurate? across xenial..focal spectrum?

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

so apt in xenial doesn't have support for inrelease-path, which i guess is pre-requisite to build xenial images at point-in-time.

but other series have that, and can be used.

Revision history for this message
Colin Watson (cjwatson) wrote :

The status of this bug is accurate. Please see the linked merge proposals for more information; the current blocker is me dealing with a complex set of review feedback on https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/373971. After that, it will still remain for somebody to work out how to integrate this usefully into livecd-rootfs.

As far as I know, nobody has yet worked out how to eliminate magic-proxy entirely. What the pending Launchpad work will give you is a mechanism to query Launchpad for the state of a given metadata file in a given suite at a given point in time, which provides enough information to start the process. However, until PS5 exists (and a significant amount of development work on top of that) we won't actually be able to provide snapshot archives that are directly usable by apt, so livecd-rootfs is still going to have to do a fair amount of massaging of live-build, and somebody needs to dig into the exact details there.

Ayub (zeezo0)
information type: Public → Public Security
information type: Public Security → Public
information type: Public → Private Security
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Ayub, please do not change the status of bug reports. Thanks.

information type: Private Security → Public
Zahid Hasan (akkim31-deactivatedaccount)
information type: Public → Private Security
Colin Watson (cjwatson)
information type: Private Security → Public
Bryant Keith Upton (keithupton7496)
Changed in livecd-rootfs (Ubuntu):
assignee: nobody → Bryant Keith Upton (keithupton7496)
Steve Langasek (vorlon)
Changed in livecd-rootfs (Ubuntu):
assignee: Bryant Keith Upton (keithupton7496) → nobody
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

@colin watson

After fighting with magicproxy & iptables issues. again. I am interested in getting magic proxy doing more-or-less things that might one day make things "nice".

I.e.
make magic proxy, talk to launchpad proxy to access authenticated archives without explicit username/password.

drop iptables nat rules, and instead try to simply export proxy for apt to use.

try to drop proxy, and instead make magic-proxy write out in-release-path stanzas for apt to use based on the passed in timestamp, and make livebuild / debootstrap use all that.

eventually "just" accept the mapping of archive/suites = hash as collected via launchpad api before dispatching the build.

Hopefully above things will make certain things easier as we go along.

Alternatively, maybe we could merge magic-proxy into the proxy that launchpad exports for the builds? I guess probably not, cause all of that is quite hackish.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.