New PPAs are published unsigned if used immediately
Bug #374395 reported by
William Grant
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
High
|
Colin Watson |
Bug Description
New PPAs are sometimes published unsigned, although their +index says that they have a key and are signed. I suspect this happens if a PPA is published before its key is generated. This is very confusing.
Related branches
lp:~cjwatson/launchpad/delay-ppa-publication
- William Grant (community): Approve (code)
-
Diff: 157 lines (+62/-2)5 files modifiedlib/lp/archivepublisher/scripts/publishdistro.py (+1/-1)
lib/lp/archivepublisher/tests/test_publishdistro.py (+38/-1)
lib/lp/services/config/schema-lazr.conf (+5/-0)
lib/lp/soyuz/interfaces/archive.py (+5/-0)
lib/lp/soyuz/model/archive.py (+13/-0)
Changed in soyuz: | |
assignee: | Celso Providelo (cprov) → nobody |
Changed in launchpad: | |
importance: | Medium → High |
Changed in launchpad: | |
assignee: | nobody → Colin Watson (cjwatson) |
status: | Triaged → In Progress |
tags: |
added: qa-ok removed: qa-needstesting |
Changed in launchpad: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Yes, key generation will happen within 20 min (as the publishing) but gpg keys take about 4 minutes long to be generated, so if the user creates a PPA and uploads a source in its first 20 minutes of life it's very likely that it will be published unsigned.
Assuming PPAs are supposed to be always signed, we can delay publications until the signing key gets created. This can be done by activating PPA with the 'publish' flag set to False, and including code to set it to True in the signing-key generation step.