Replace archive admin shell access with API clients

Registered by Colin Watson

The Ubuntu archive administration team has always required direct privileged shell access to the ftpmaster system in order to perform many of its routine tasks. This is a security problem, it prevents us from opening some tasks up to those who are not Canonical employees, and it makes it hard for us to improve our own tools. Improve the Launchpad API to handle all our requirements and write suitable API clients.

We will know we have succeeded when archive admins no longer require shell access to do their jobs.

(Postponed items carried over to

Blueprint information

Steve Langasek
Colin Watson
Colin Watson
Series goal:
Accepted for quantal
Milestone target:
milestone icon ubuntu-12.10
Started by
Colin Watson
Completed by
Colin Watson


== lp_publish ==

WBNI publisher took reliably <30mins
 * run a few things outside the lock?
 * possibly get rid of ls-lR?

== lp_buildd ==

buildd-mass-retry: should be movable to API
add-missing-builds: needs API

(This is not a user-visible feature, and has no associated release notes.)


Work Items

Work items:
Migrate from sync-source to syncpackage: DONE
Write auto-sync client: DONE
Migrate from backport-source to backportpackage: DONE
Write up webops procedures for upload queue inspection/reprocessing: DONE
Convert sru-release to Archive.copyPackage: DONE
Write an API client to replace lp-remove-package: DONE
Export queue operations over the API: DONE
Write an API client to replace queue: DONE
Fix LP and/or client so that unembargo client can use Archive.copyPackage ( DONE
Move sync blacklist to ~ubuntu-archive branch in LP: DONE
Move new-source into new auto-sync client: DONE
Move override helpers into new queue client: DONE
Convert copy-report to Archive.copyPackage: DONE
Obsolete publish-queue in favour of new PackageUpload-based queuebot: DONE
Export enough API to permit writing a populate-archive client: POSTPONED
Write an API client to replace populate-archive: POSTPONED
Fix NewReleaseCycleProcess documentation to say that new-series sanity checking should be done on a mirror: DONE
Fix stale files piling up in /srv/ DONE
Look into different copyPackage ACLs for ubuntu-security and ubuntu-archive, so that it doesn't require separate approval: DONE
Write tool to do manual actions arising from copy-report: DONE

Dependency tree

* Blueprints in grey have been implemented.