Launchpad itself

Distro security updates in Launchpad

Registered by Adam Conrad on 2006-06-09

At present, due to soyuz being "not quite there yet" as far as supporting security embargos and other fun stuff, we use a hideous hack involving uploading security uploads to a katie instance, then publishing them to soyuz when we do the release announcement.

This spec should discuss, among the soyuz team and the security team, what precisely needs to be addressed and tested in soyuz so that we can ditch the above hack and move to using soyuz directly for security. Not only will this drastically reduce complexity, but it has the added bonus of giving me my buildds back. :)

Read the full specification

Blueprint information

Status:: Complete

Approver:: None

Priority:: High

Drafter:: Celso Providelo

Direction:: Needs approval

Assignee:: Julian Edwards

Definition:: Pending Approval

Series goal:: Accepted for 2.1

Implementation:: Implemented

Milestone target:: None

Started by: Julian Edwards on 2007-11-26

Completed by: Julian Edwards on 2008-05-06

Related branches

Related bugs

Bug #240546: Source upload changesfile should be accessible to the uploader	Fix Released
Bug #240698: Allow post-release pocket uploads in private PPAs	Invalid
Bug #240702: unembargo-package.py fails for architecture-independent binaries	Fix Released

Sprints

Whiteboard

Julian 2008-04-28 - Ready to roll once IS implements RT #30241
Julian 2008-03-20 - Beta available on dogfood
Julian 2007-11-26 - Waiting for private PPA infrastructure, which will be used to implement the embargoed archive.
Julian 2007-07-30 - Once Soyuz commercial repo is implemented (which introduces multiple archives per distro), we can write a tool that copies packages across archives, in this case from "embargoed" to "primary".
sabdfl 30/06/06 this is important but does not trump PPA's, reducing to High priority
malcc 5/11/06: Re-opening for discussion at MTV.
kamion 2006-11-08: review OK
cprov 2007-08-20: will be implemented in 1.1.9 after having Commercial-Repo (and its infrastructure in place).

mdz 2006-11-09: says in one place that the publishing may or may not be handled by the security script, then later that it will be. Please clarify.

malcc 2006-11-09: clarified to say it won't be; there's a future issue already listed for changing it so that it will be.

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information

Everyone can see this information.

Subscribers

Adam Conrad

Celso Providelo

Colin Watson

James Troup

Jeff Bailey

Julian Edwards

Malcolm Cleaton

Martin Pitt

Matt Zimmerman

Robert Collins

Scott James Remnant (Canonical)

Simon Law

Sivan Greenberg

Stuart Bishop

Tollef Fog Heen

William Grant