Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add command to auto-update package lists #137

Open
tkilias opened this issue Apr 25, 2022 · 0 comments
Open

Add command to auto-update package lists #137

tkilias opened this issue Apr 25, 2022 · 0 comments
Labels
feature Product feature

Comments

@tkilias
Copy link
Collaborator

tkilias commented Apr 25, 2022
edited by tomuben
Loading

Background

  • We pinned almost all packages
  • Ubuntu packages with a Security issue get revoked and replaces by a new one
  • Since end of last year we collected 34 security issues, each of them takes us at least 2 person hours and forces a context switch
  • Often, we need to update multiple packages in different build steps and need to build the flavor multiple times to find all packages which need updates
  • When we split the flavors into repositories we have to do this in several repos, which increases the workload
  • An auto-update command helps to reduce the necessary manual effort.

How could it work?

  • We introduce an update mode for the build, which runs the build, but first checks in the package installation scripts if packages have updates.
  • If there are updates available, the build fails and logs machine-readable which package file and which packages need to be updated.
  • exaslct then fixes the packages files and retries the build of the build step
  • If no packages updates are available, it tries to install the packages, if an error happens it tries to analyze the output to check if a packages got updated
  • if not, it fails and the user has to fix the packages manually., if yes, it repeats the build of the build step
  • if a build step build is successful, exaslct continues with the next one.
  • Currently, we implement the build in following luigi task
  • We probably need to extract build itself and introduce a new luigi task for updates and call their build and analyze the output
  • In this task, we create the build task, we would have to add the update task there.
  • One important thing, the images we generate during the updates have the wrong hashes, because the hash calculation happens before we even create build tasks. This means we need to remove the images after we created them.

Acceptance Criteria

  • A command for the auto-update was added
  • The auto-update either updated the packages files or throws an error if this is not possible, or both if it was able to do it partially
@tkilias tkilias added the feature Product feature label Apr 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature Product feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tkilias