Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom Repo Fixes #434

Merged
merged 7 commits into from
Nov 13, 2024
Merged

Custom Repo Fixes #434

merged 7 commits into from
Nov 13, 2024

Conversation

adamperlin
Copy link
Contributor

@adamperlin adamperlin commented Nov 13, 2024
edited
Loading

What this PR does / why we need it:

This PR adds a few fixes for the custom repos feature.

  1. Adds code to fill defaults in the extra_repos section of the spec.
  2. Adds a permissions field to the http source. This allows us to fill in the permissions by default if they are on an http source that is nested under a key. It is important that fetched gpg keys have the proper permissions, otherwise apt cannot import them properly. Assuming that they do have proper permissions, apt can handle both .asc and .gpg keys just fine. This makes the explicit de-armor step unnecessary and means we no longer need gpg as a dependency in the jammy worker images.
  3. Adds armored and de-armored key test variants to the custom repo tests to ensure everything is working properly.

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):
Fixes #425

Special notes for your reviewer:

@adamperlin adamperlin requested a review from a team as a code owner November 13, 2024 18:57
@cpuguy83
Copy link
Member

So this is no longer dearmoring keys at all?

@adamperlin
Copy link
Contributor Author

So this is no longer dearmoring keys at all?

Yes. It should not be needed as long as the file extension on the keys is correct.

@cpuguy83
Copy link
Member

There may be something in the docs about this, can you update that?

@adamperlin
Fix default filling behavior for extra_repos section of spec
aeb85ac
@adamperlin
Fix jammy GPG key bug by allowing for permissions field on HTTP sourc…
6b03836 
…es. This way

we can fill in permissions by default if they are on an http source that is nested under a key,
and let apt handle the key based on its format (though the file extension still must be correct).

Remove worker parameter for GetRepoKeys as dearmoring is no longer needed
@adamperlin
Fix some stray whitespace, rename repo platform config globals
2124558
@adamperlin
Add armored and dearmored variants of key import tests for custom repos
a75fa8d
@adamperlin
Fix ineffectual assignment
7ed48d9
@adamperlin
update json schema
808cd76
@adamperlin
Update docs to clarify file extensions for gpg key file names
22330ce 
Update http source docs now that digest verification and file permissions are supported options
@adamperlin
Copy link
Contributor Author

Docs are now updated

@cpuguy83 cpuguy83 merged commit 363d043 into Azure:main Nov 13, 2024
10 checks passed
@adamperlin adamperlin deleted the adamperlin/custom-repo-fixes branch November 13, 2024 20:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpuguy83 cpuguy83 cpuguy83 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fill defaults for sources in the extra_repos section of the spec
2 participants
@adamperlin @cpuguy83