[Secure-testing-commits] r1676 - / bin data/DTSA data/DTSA/hints website

Joey Hess joeyh at costa.debian.org
Sat Aug 27 18:59:58 UTC 2005 

Author: joeyh
Date: 2005-08-27 18:59:54 +0000 (Sat, 27 Aug 2005)
New Revision: 1676

Added:
   bin/dtsasync
   data/DTSA/hints/
   data/DTSA/hints/README
   data/DTSA/hints/joeyh
Modified:
   TODO
   website/index.html
Log:
added dtsasync


Modified: TODO
===================================================================
--- TODO	2005-08-27 18:13:22 UTC (rev 1675)
+++ TODO	2005-08-27 18:59:54 UTC (rev 1676)
@@ -1,12 +1,5 @@
 * Set up for DTSAs
 
-  - Need a way for team members to hint packages from etch-proposed-updates
-    to etch on secure-testing-master. Hint files similar to those used by
-    release team?
-
-  - Need a way to do an advisory for some arches and then auto-sync the
-    rest as they get built.
-
   - Web display of DTSAs.
 
   - Better integrate DTSAs into checklist script, so it stops listing holes

Added: bin/dtsasync
===================================================================
--- bin/dtsasync	2005-08-27 18:13:22 UTC (rev 1675)
+++ bin/dtsasync	2005-08-27 18:59:54 UTC (rev 1676)
@@ -0,0 +1,64 @@
+#!/usr/bin/perl
+# Processes hints files in the specified directory.
+use strict;
+use warnings;
+
+my $dir=shift || die "need a hint directory\n";
+
+my $fromsuite="etch-proposed-updates ";
+my $tosuite="etch";
+my $archive="/org/secure-testing.debian.net/";
+my $heidicmd="sudo -u katie heidi -a $tosuite";
+
+my $run_dinstall=0;
+
+print "dtsasync started at ".localtime(time)."\n\n";
+
+foreach my $hint ("$dir/*") {
+	next if $hint =~/\/README$/;
+	if (! open (IN, $hint)) {
+		print "Cannot read $hint\n";
+		next;
+	}
+	print "Processing $hint\n";
+	while (<IN>) {
+		s/#*//;
+		chomp;
+		s/^\s+//;
+		s/\s+$//;
+		next unless length;
+
+		if (/^sync\s+(.*)\/(.*)/) {
+			my $sync_package=$1;
+			my $sync_version=$2;
+
+			print "Syncing $sync_package/$sync_version";
+			print "Current status:\n";
+			system("madison", "-S", $sync_package);
+			my @toheidi;
+			foreach my $line (system("madison", "-s", $fromsuite, "-f", "heidi", "-S", $sync_package)) {
+				my ($pkg, $version, $arch)=split(' ', 3);
+				next unless $version eq $sync_version;
+				push @toheidi, $line;
+			}
+			if (! @toheidi) {
+				print "Already in sync, doing nothing.\n";
+				next;
+			}
+			open(HEIDI, "| $heidicmd") || print "$heidicmd failed!\n";
+			foreach (@toheidi) {
+				print HEIDI "$_\n";
+			}
+			close HEIDI || print "$heidicmd exited nonzero!\n";
+			$run_dinstall=1;
+		}
+		else {
+			print "$hint: parse failure on line $.\n";
+		}
+	}
+	close IN;
+}
+
+if ($run_dinstall) {
+	system("touch", "$archive/RUN-DINSTALL");
+}


Property changes on: bin/dtsasync
___________________________________________________________________
Name: svn:executable
   + *

Added: data/DTSA/hints/README
===================================================================
--- data/DTSA/hints/README	2005-08-27 18:13:22 UTC (rev 1675)
+++ data/DTSA/hints/README	2005-08-27 18:59:54 UTC (rev 1676)
@@ -0,0 +1,6 @@
+This directory contains hint files that are used by the dtsasync program
+on secure-testing-master to control use of the archive there.
+
+sync package/version
+	Causes all available builds of that package and version to be
+	synced from etch-proposed-uodates to etch.

Added: data/DTSA/hints/joeyh
===================================================================
--- data/DTSA/hints/joeyh	2005-08-27 18:13:22 UTC (rev 1675)
+++ data/DTSA/hints/joeyh	2005-08-27 18:59:54 UTC (rev 1676)
@@ -0,0 +1,7 @@
+# pending builds
+#sync centericq/4.20.0-8etch1
+#sync clamav/0.86.2-4etch1
+#sync ekg/1:1.5+20050808+1.6rc3-0etch1
+#sync gaim/1:1.4.0-5etch2
+
+sync kismet/2005.08.R1-0.1etch1

Modified: website/index.html
===================================================================
--- website/index.html	2005-08-27 18:13:22 UTC (rev 1675)
+++ website/index.html	2005-08-27 18:59:54 UTC (rev 1676)
@@ -129,13 +129,11 @@
 		<li>Make sure everything is ready.
 		<li>cd data/DTSA; ./mkadvisory</li>
 		<li>svn add DTSA-n-1; svn commit</li>
-		<li>Contact a secure-testing-master admin to move the upload from etch-proposed-updates to
-		etch (using something like this, but the procedure is still being worked out:
-		madison -s etch-proposed-updates -f heidi -S $package | sudo -u katie heidi -a etch; touch /org/secure-testing.debian.net/RUN-DINSTALL)
-		and send the signed DTSA to secure-testing-announce.
-		</li>
-		<li>Make sure that the debs are in place. Note that
-		dinstall runs at 20 and 50 past the hour.
+		<li>Edit data/DTSA/hints/yourname, and add a hint to make dtsasync
+		propigate the update from etch-proposed-updates to etch.
+		Commit the file and wait 15 minutes for the dtsasync run,
+		then check the <a href="logs/dtsasync">log file</a> and/or
+		upgrade a test machine.</li>
 		<li>cd data/DTSA; ./sndadvisory DTSA-n-1</li>
 	</ol>
 	</p>

More information about the Secure-testing-commits mailing list