Skip to content

Apt debstyle882 support, bug-fixes in cache evaluation & manipulation #273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 44 commits into from
Nov 19, 2024
Merged

Apt debstyle882 support, bug-fixes in cache evaluation & manipulation #273

merged 44 commits into from
Nov 19, 2024

Conversation

kjohn-msft
Copy link
Collaborator

@kjohn-msft kjohn-msft commented Oct 21, 2024
edited
Loading

  1. Moves away from using UUID for custom sources because it makes diagnosis very hard - moving to a fixed timestamp model + unique characteristics model to help with logs.
  2. Adds additional logging to help understand what the cache state is at any point.
  3. Adds full support for debstyle882 sources.
  4. Adds full support for sourceparts to ensure support in Ubuntu 23.10, 24.04, 24.10+.
  5. Reworked getting custom sources to spec to better and correctly benefit from the cached state.
  6. Snapshot support is integrated deeper into the stack and supports more repo types as part of this rework.
  7. Security repo support extends fully to debstyle882 sources.
  8. Pro client logging is improved to help with clarity on discrepancies in lists.
  9. Integrates relevant code from the code debt erasure PR to align with the north star monitoring, alerting and investigation story.
    - Stable code is deprioritized.
    - Log origination is made clear with tagging & without having to look at code.
    - IDE hinting on types are introduced.
    - Customer environment errors are called out explicitly as such.

@codecov Codecov
Copy link

codecov bot commented Oct 21, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 95.66667% with 13 lines in your changes missing coverage. Please review.

Project coverage is 92.09%. Comparing base (234fc37) to head (fe2c1bc).
Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
...ore/src/package_managers/AptitudePackageManager.py 93.98% 11 Missing ⚠️
.../tests/Test_AptitudePackageManagerCustomSources.py 98.19% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #273      +/-   ##
==========================================
+ Coverage   92.03%   92.09%   +0.05%     
==========================================
  Files          90       91       +1     
  Lines       15760    15953     +193     
==========================================
+ Hits        14505    14692     +187     
- Misses       1255     1261       +6
Flag Coverage Δ
python27 92.09% <95.66%> (+0.05%) ⬆️
python39 92.09% <95.66%> (+0.05%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚨 Try these New Features:

@kjohn-msft kjohn-msft changed the title Apt deb-style sources mitigation Apt debstyle882 support, bug-fixes in cache evaluation & manipulation Nov 4, 2024
@kjohn-msft kjohn-msft requested a review from feng-j678 November 4, 2024 17:03
feng-j678
feng-j678 previously approved these changes Nov 11, 2024
View reviewed changes
rane-rajasi
rane-rajasi reviewed Nov 12, 2024
View reviewed changes
rane-rajasi
rane-rajasi requested changes Nov 12, 2024
View reviewed changes
Copy link
Contributor

@rane-rajasi rane-rajasi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comments inline

@kjohn-msft kjohn-msft enabled auto-merge (squash) November 19, 2024 18:36
@kjohn-msft kjohn-msft disabled auto-merge November 19, 2024 18:37
@kjohn-msft kjohn-msft merged commit 530dec2 into master Nov 19, 2024
7 checks passed
@kjohn-msft kjohn-msft deleted the kjohn-aptsources branch November 19, 2024 18:37
@janv8000 janv8000 mentioned this pull request Nov 20, 2024
Closed
@feng-j678 feng-j678 mentioned this pull request Nov 26, 2024
Merged
@kjohn-msft kjohn-msft mentioned this pull request Apr 16, 2025
Merged
kjohn-msft added a commit that referenced this pull request Apr 20, 2025
@kjohn-msft
Bugfix: Mitigate external Ubuntu Pro Client issues (#308)
1e997cc 
**Background:** For VMs that are Ubuntu Pro client capable, there are 2
sets of issues that manifest as required security updates not getting
installed on machines_ (some machines).

1. Canonical is aware of packages normally seen as updates in the
default flow not being shown as required in pro client scans. There is
an explanation for this but the way we have taken a tight dependency on
pro client when it's functional causes these updates no to get
installed.

2. There are cases where wide swathes of security updates are not
getting detected by pro client. It was not clear if this was a pro
client issue in the past or an issue with our code. The additional code
that went in November helped identify that this was a pro client issue
when newer reports came in:
#273

Both problems listed above are being resolved by not fully relying on
pro client and using a combined overlay of the default scanning
mechanism with whatever pro client reports. This is the 'best of both
worlds' approach. Extensive logging additions will help further reviews
with Canonical on pro client behaviors without affecting any customer
while a multi-stage resolution is ironed out.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rane-rajasi rane-rajasi rane-rajasi approved these changes

@najams najams Awaiting requested review from najams najams is a code owner

+1 more reviewer

@feng-j678 feng-j678 feng-j678 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kjohn-msft @rane-rajasi @feng-j678