Replace archive admin shell access with API clients

Registered by Colin Watson on 2011-12-31

The Ubuntu archive administration team has always required direct privileged shell access to the ftpmaster system in order to perform many of its routine tasks. This is a security problem, it prevents us from opening some tasks up to those who are not Canonical employees, and it makes it hard for us to improve our own tools. Improve the Launchpad API to handle all our requirements and write suitable API clients.

We will know we have succeeded when archive admins no longer require shell access to do their jobs.

(Postponed items carried over to https://blueprints.launchpad.net/ubuntu/+spec/foundations-r-replace-archive-admin-shell-access.)

Blueprint information

Status:
Complete
Approver:
Steve Langasek
Priority:
High
Drafter:
Colin Watson
Direction:
Approved
Assignee:
Colin Watson
Definition:
Approved
Series goal:
Accepted for quantal
Implementation:
Implemented
Milestone target:
milestone icon ubuntu-12.10
Started by
Colin Watson on 2012-03-30
Completed by
Colin Watson on 2012-10-05

Whiteboard

== lp_publish ==

WBNI publisher took reliably <30mins
 * run a few things outside the lock?
 * possibly get rid of ls-lR?

== lp_buildd ==

buildd-mass-retry: should be movable to API
add-missing-builds: needs API

(This is not a user-visible feature, and has no associated release notes.)

(?)

Work Items

Work items:
Migrate from sync-source to syncpackage: DONE
Write auto-sync client: DONE
Migrate from backport-source to backportpackage: DONE
Write up webops procedures for upload queue inspection/reprocessing: DONE
Convert sru-release to Archive.copyPackage: DONE
Write an API client to replace lp-remove-package: DONE
Export queue operations over the API: DONE
Write an API client to replace queue: DONE
Fix LP and/or client so that unembargo client can use Archive.copyPackage (http://bazaar.launchpad.net/~ubuntu-bugcontrol/ubuntu-qa-tools/master/view/head:/security-tools/unembargo): DONE
Move sync blacklist to ~ubuntu-archive branch in LP: DONE
Move new-source into new auto-sync client: DONE
Move override helpers into new queue client: DONE
Convert copy-report to Archive.copyPackage: DONE
Obsolete publish-queue in favour of new PackageUpload-based queuebot: DONE
Export enough API to permit writing a populate-archive client: POSTPONED
Write an API client to replace populate-archive: POSTPONED
Fix NewReleaseCycleProcess documentation to say that new-series sanity checking should be done on a mirror: DONE
Fix stale files piling up in /srv/launchpad.net/ubuntu-archive/ubuntu-germinate/: DONE
Look into different copyPackage ACLs for ubuntu-security and ubuntu-archive, so that it doesn't require separate approval: DONE
Write tool to do manual actions arising from copy-report: DONE

Dependency tree

* Blueprints in grey have been implemented.