Updates dom0 repo URL #349
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 4 commits
November 21, 2019 15:22
Migrating away from the S3-bucket hosting for RPMs, and towards a git-lfs-backed solution, same as we're using for the deb packages. Purges the "publish-rpm" logic, since that's no longer necessary. Updated documentation where appropriate.
We were only declaring Python requirements in order to pull in AWS tooling for managing S3 buckets. Since we've migrated to git-lfs for hosting the RPM packages, these requirements are no longer necessary. Hat tip to @creviera & @redshiftzero for the hard work on migrating Pipfile -> requirements.txt so recently.
The line was being appended every time, rather than being enforced as present once. Closes #347.
dom0/sd-dom0-files.sls
Outdated
| @@ -38,7 +38,7 @@ dom0-workstation-rpm-repo: | |||
| gpgcheck=1 | |||
| gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-securedrop-workstation-test | |||
| enabled=1 | |||
| baseurl=https://dev-bin.ops.securedrop.org/dom0-rpm-repo/ | |||
| baseurl=https://yum.securedrop.org/workstation/dom0/f25 | |||
There was a problem hiding this comment.
ah yeah you're right we should make this yum-test so it's clear this is not for production use
There was a problem hiding this comment.
Roger, agreed: I'll update the URL here and re-ping for review.
There was a problem hiding this comment.
Updated, ready for full review.
There was a problem hiding this comment.
I wish for it to be rpm.securedrop.org as yum is already obsolete.
There was a problem hiding this comment.
I wish for it to be
rpm.securedrop.orgas yum is already obsolete.
The only reason I chose "yum{,-test}" is that's what the Qubes repo use: https://yum.qubes-os.org/ Since we're still in dev, we can change the URL again in the near future, but it'll take some coordination with the backend.
We'll reserve the non-test URLs for stable versions. For now, we're still slinging nightlies around, so let's be clear about expectations.
kushaldas
approved these changes
Nov 25, 2019
redshiftzero
approved these changes
Nov 25, 2019
conorsch
pushed a commit
that referenced
this pull request
Nov 26, 2019
Should have been included as part of #349. That's what I get for omitting `make test` as part of the test plan. =)
emkll
added a commit
that referenced
this pull request
Nov 27, 2019
Reflects yum repo changes introduced in #349
emkll
added a commit
that referenced
this pull request
Nov 27, 2019
Reflects yum repo changes introduced in #349
emkll
added a commit
that referenced
this pull request
Nov 27, 2019
Reflects yum repo changes introduced in #349
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Moves the package backend for dom0-specific RPM hosting from S3 buckets to git-lfs-backed storage. Now, PRs into https://github.com/freedomofpress/securedrop-workstation-dev-rpm-packages-lfs will result in packages automatically being served up to dom0.
Since the S3 buckets (for the purposes of RPM hosting) are obsolete after merge of this PR, we also remove the scripting in this repo required to push packages manually from developer workstations (see #342).
Also includes some minor fixes, therefore:
make cloneshould default tosd-devVM #334Review
Before performing functional review, consider the following:
https://yum.securedrop.org/workstation/dom0/f25/; perhaps we shold be using the "yum-test" subdomain, to distinguish between prod/test, same as we do with e.g.apt{,-test}.freedom.press.Testing
In order to test that the repo is correctly configured, you must purge RPM packages from dom0. It'll take a while to pull in and install the new ones, so consider obtaining caffeine through your favorite method while the below tasks are running.