SB: signing service questions

To: Ansgar Burchardt <ansgar@debian.org>, Joerg Jaspert <joerg@debian.org>, debian-efi@lists.debian.org, Luke Faraone <lfaraone@debian.org>, Ben Hutchings <ben@decadent.org.uk>, Tollef Fog Heen <tfheen@err.no>, Philipp Hahn <hahn@univention.de>, Julien Cristau <jcristau@debian.org>, Steve McIntyre <steve@einval.com>
Subject: SB: signing service questions
From: Helen Koike <helen.koike@collabora.com>
Date: Mon, 16 Apr 2018 13:24:58 -0300
Message-id: <[🔎] 13433257-5ed8-8cd1-a763-29745db6efb1@collabora.com>

Hello,

Thank you all for participating in the SB sprint.

I am writing this email to clarify the current status of the signingservice and to discuss some things that were not clear.


Current state of the signing service:

- We successfully tested signing and preparing the source package forshim, fwupdate and linux kernel (we didn't tested grub)

- We didn't test submitting the package with dput thought
- We didn't test integration with dak

- We have an audit log where we log all the files that are being signed(this table grows forever)


Things I want to discuss/clarify:
- State table (incomplete/failed/signed/submitted):

We didn't implemented the way it was written in the etherpad, westarted discussing this on Sunday but some people had already left.* We decided to not remove anything from the table, so we can savethe error messages and leave the history there.QUESTION: should we remove them as we previously discussed (removingolder versions)? Or letting it grow forever is ok?

  * Our current table is composed by:

  	id = Column(Integer, primary_key=True)
  	ts = Column(DateTime, default=datetime.datetime.now)
  	template_package_name = Column(String)
  	template_package_version = Column(String)
  	state = Column(String(64), nullable=False)
  	error_msg = Column(String) # empty if state is not "failed"
  	suite = Column(String)
  	architecture = Column(String)

* We still don't have a counter to save how many time we failed (thisis a TODO), the idea is to notify when we failed more the X times.* We are not (re)signing a package if it has the same[template_package_name, template_package_version, architecture, suite],and has "failed" or "submitted" state (but we need to change that toconsider how many times we failed)NOTE: we ignore the archive, because the packages submitted tosecurity-master are submitted to dak again to ftp-master latter, and wedon't want to sign the package twiceQUESTION: shouldn't we drop the suite as well? Or is it possible tohave different packages in the same suite with the samepackage+version+architecture? Whena package migrate from unstable to testing does it goes through dakagain? When a package gets uploaded from security-master to ftp-masteris the suite always the same?QUESTION: can't we drop the architecture as well? The architecture isalready part of the name of the template package no? Well, doesn't hurtto leave it there thought


Thanks again
Helen

Reply to:

Follow-Ups:
- Re: SB: signing service questions
  - From: Philipp Hahn <hahn@univention.de>

Prev by Date: Re: Bug#820129: grub2: Disallow booting unsigned kernels when Secure Boot is enabled
Next by Date: Re: SB: signing service questions
Previous by thread: fwupdate_10-3~bpo9+1_amd64.changes ACCEPTED into stretch-backports, stretch-backports
Next by thread: Re: SB: signing service questions
Index(es):
- Date
- Thread