feat: support unmaintained and unstable Ubuntu releases #238
Conversation
|
niemeyer
left a comment
niemeyer
left a comment
There was a problem hiding this comment.
The PR looks very good, thanks. There are a few UX related issues mainly, but the logic is clear and clean.
|
Tests are only failing because the new code expects EDIT: Discussed offline with Cris the spec, maintenance is "optional". |
|
As discussed offline and according to the new version of the spec,
|
| test-key: | ||
| id: ` + archiveKey.ID + ` | ||
| armor: |` + "\n" + testutil.PrefixEachLine(archiveKey.PubKeyArmor, "\t\t\t\t\t\t")) | ||
| rawChiselYaml := testutil.Reindent(testutil.DefaultChiselYaml) |
There was a problem hiding this comment.
[Comment for reviewer]: I have taken the opportunity to finally unify all the defaultYaml strings which were copies of each other but needed to be updated individually every time we wanted to make a change.
niemeyer
left a comment
niemeyer
left a comment
There was a problem hiding this comment.
Looking good, thank you. Another pass, with mostly simple bits.
cmd/chisel/cmd_cut.go
Outdated
| return err | ||
| } | ||
|
|
||
| unmaintained := release.Maintenance.EndOfLife.Before(time.Now()) |
There was a problem hiding this comment.
Logic on the positive tends to be much easier to work with:
maintained := release.Maintenance.EndOfLife.After(time.Now())
There was a problem hiding this comment.
Because we now need to check for both unstable and unmaintained I think its easier if I reverse the check instead of making it positive: time.Now().After(release.Maintenance.EndOfLife).
cmd/chisel/cmd_cut.go
Outdated
| Pro: archiveInfo.Pro, | ||
| CacheDir: cache.DefaultDir("chisel"), | ||
| PubKeys: archiveInfo.PubKeys, | ||
| Unmaintained: unmaintained, |
There was a problem hiding this comment.
Again should be on the positive, Maintained.
With that said, hadn't we agreed to take into account the other stages as well, as being in "legacy" but having no access to the archive is similar to being "end-of-life"?
I suppose we need Maintenance here instead, with proper enum values.
There was a problem hiding this comment.
With that said, hadn't we agreed to take into account the other stages as well, as being in "legacy" but having no access to the archive is similar to being "end-of-life"?
It is my understanding the agreement was that we would add only add them as values for now, the only ones that are used are end-of-life and standard (@cjdcordeiro).
There was a problem hiding this comment.
In short, we have decided to have 4 different maintenance values to reflect 5 different maintenance states (before reaching the standard date, the release is in devel).
At the moment, in https://github.com/canonical/chisel-releases/, we have the releases in the following maintenance states:
- devel
- standard
- expanded
- end-of-life
The CLI option introduced in this PR and the initial scope were aiming to address releases that have reached end-of-life (which in our cases it's only Interim releases at the moment). So this PR should at least address that situation. If it's a PR scoping issue, bare in mind that we know which maintenance fields we want to support (so an enum makes sense), but we still need to discuss the UX for the maintenance states != unmaintained
There was a problem hiding this comment.
This is not even the selection we agreed, though (IIRC, it was: standard, expanded, legacy, end-of-life)?
Given the looseness of the conversation, can we please tune this PR to:
- Use the terms agreed
- Implement logic that we won't have backwards compatibility with
I'm guessing that this can be done without extensive changes, which would be unfortunate as this has been reviewed many times already. If that's not true, let's please sync on it before moving on.
There was a problem hiding this comment.
This was a misunderstanding in the words used. We discussed it offline on Tuesday, to summarize it, we have four dates: standard, expanded, legacy and end-of-life. These four dates create different maintenance status for the release:
- "devel" / "unstable": if today is before
standard. It uses the same archive as "standard". - "standard": if today is after
standardand beforeend-of-life. - "expanded" / "legacy" which are different tiers of support that require different archives, one for ESM and for legacy [1].
- "unmaintained": if today is after
end-of-life.
In Chisel we already have support for ESM working but that does not include the new archives for "legacy". We do not have support for the pro key nor the archive. Furthermore, based on the releases we support right now, the oldest one is 20.04 which will be available in legacy in April 2030. For all these reasons, I think we should treat it as a different feature request different from this PR. This PR will add support for "unmaintained" and "unstable" and only those.
[1]: Confirmed with the pro team.
internal/archive/archive.go
Outdated
| CacheDir string | ||
| PubKeys []*packet.PublicKey | ||
| // This archive belongs to a release that is no longer actively maintained. | ||
| Unmaintained bool |
There was a problem hiding this comment.
See earlier comments. I think we want an enum here that points out the actual status of the archive, and we need to verify that we have access to whatever "maintained" means for that specific status.
niemeyer
left a comment
niemeyer
left a comment
There was a problem hiding this comment.
Pending sorting out the maintenance flags, mainly.
letFunny
changed the title
|
@niemeyer ready for the final review. I summarized the discussion we had on Tuesday in this comment which defines the scope of the PR. |
niemeyer
left a comment
niemeyer
left a comment
There was a problem hiding this comment.
This looks very close now. Some remarks:
|
Per my offline discussion with Gustavo, we will finally separate the concerns. Muddling them up is what has been making this PR hard to follow. There are two distinct ideas:
See also the updated PR description and the "IMPORTANT" disclaimer. |
niemeyer
left a comment
niemeyer
left a comment
There was a problem hiding this comment.
Thanks for the long ride. :)
Let's see how this works out in practice.
3 participants
This commits adds maintenance status to a release as the top-level field
maintenanceinchisel.yaml. The dates there specify the lifecycle of the release in regards to its support status, with and without Ubuntu Pro subscriptions. This enables Chisel to fail if the release and its combination of archives is no longer supported officially and it may lead to security problems. For example, interim releases like mantic and no longer officially supported, and LTSs like focal are only maintained when using ESM which needs an Ubuntu Pro subscription. If no maintained archive is available Chisel will fail, but the user can continue execution by passing--ignore=unmaintainedas a CLI flag.When the dates are into the future it indicates instead that the release is unstable. The user can choose to continue the execution by passing
--ignore=unstableas a CLI flag.Lastly, this commits also allows Chisel to work with interim releases by using the dates described above to change the archive's URL from archive.ubuntu.com to old-releases.ubuntu.com when needed.
Compatibility-wise, Chisel has a list of releases with their default dates so it continues to work with existing
chisel.yaml. There will be a window whenmaintenanceis optional for these releases and chisel-releases will be updated. Then, the field will be mandatory.IMPORTANT: This new version of Chisel will fail to cut Ubuntu 20.04 when Ubuntu Pro is not enabled because the standard archive is unmaintained. Users need to add
--ignore=unmaintainedor move to a more recent release or use the Ubuntu Pro archives.