New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

apt repo: allow insecure repos #1614

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
4 participants
@kyrofa
Copy link
Member

kyrofa commented Oct 12, 2017

  • Have you followed the guidelines for contributing?
  • Have you signed the CLA?
  • If this is a bugfix. Have you checked that there is a bug report open for the issue you are trying to fix on bug reports?
  • If this is a new feature. Have you discussed the design on the forum?
  • Have you successfully run ./runtests.sh static?
  • Have you successfully run ./runtests.sh unit?

In Xenial this was the default behavior, which explains why Snapcraft works. However, in Zesty this behavior changed, causing breakage when using external repositories (e.g. ROS). Instead of relying on defaults, ensure the behavior is consistent across releases.

This is not a long-term fix. We should add a way to ack repository keys.

apt repo: allow insecure repos
In Xenial this was the default behavior, which explains why Snapcraft
works. However, in Zesty this behavior changed, causing breakage when
using external repositories (e.g. ROS). Instead of relying on defaults,
ensure the behavior is consistent across releases.

This is not a long-term fix. We should add a way to ack repository keys.

Signed-off-by: Kyle Fazzari <kyrofa@ubuntu.com>

@kyrofa kyrofa force-pushed the kyrofa:bugfix/allow_insecure_repos branch from 5e7d8bb to ae2d59b Oct 12, 2017

@kalikiana
Copy link
Contributor

kalikiana left a comment

This makes complete sense to me, considering we need consistent behavior, and this matches behavior on LTS.

Maybe log bug report to follow up on how to add keys in the future?

@kyrofa

This comment has been minimized.

Copy link
Member

kyrofa commented Oct 13, 2017

Maybe log bug report to follow up on how to add keys in the future?

Yeah we need to have a discussion about it. Here's a forum post.

@elopio

elopio approved these changes Oct 13, 2017

Copy link
Member

elopio left a comment

Thank you!

@sergiusens
Copy link
Collaborator

sergiusens left a comment

sorry to say that I am in needs fixing mode, but I would expect the default to be the sane one instead of the allow anything in one.

@kalikiana kalikiana referenced this pull request Oct 16, 2017

Merged

tests: add the slow tag for ros snapd integration test #1602

6 of 6 tasks complete
@kyrofa

This comment has been minimized.

Copy link
Member

kyrofa commented Oct 16, 2017

@sergiusens this is causing autopkgtests to fail on zesty and artful today. We need to design a key-handling solution to use the sane default. How would you like to deal with the autopkgtests?

@kyrofa

This comment has been minimized.

Copy link
Member

kyrofa commented Oct 16, 2017

Alright we're going to skip instead.

@kyrofa kyrofa closed this Oct 16, 2017

@kyrofa kyrofa referenced this pull request Jan 11, 2019

Merged

repo,baseplugin: support trusting repo keys #2437

6 of 6 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment