- Sponsor
-
Notifications
You must be signed in to change notification settings - Fork 377
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Background API #971
Background API #971
Conversation
I ran "system" tests (the ones that used to run on TravisCI -- see #973 ) and fixed them to make them pass again (they were broken long time ago).
I'm attaching here the full logs for reference. Note that I had to skip some tests which are using deprecated external systems or no-more-existing repositories. We'll have to update and fix those tests in another patch. |
} | ||
|
||
{ | ||
root.POST("/gpg/key", apiGPGAddKey) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is a getter on /gpg/key
not yet implemented?
Also, regarding the path name, I think this is confusing. We are adding public keys for mirror synchronization here, yet a central part of aptly
is signing Release files using GPG (private) keys. Maybe /gpg/publickey
would be a better name? Afaics, those public keys are used by aptly to:
- Validate Release files downloaded on
mirror update
- Verify imported packages on
repo include
The current path could be mistaken for the (not yet present) private key upload endpoint.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's a fair point. @neolynx do you see problems with renaming? Probably Molior will have to adapt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ping @neolynx
) | ||
|
||
// POST /api/gpg | ||
func apiGPGAddKey(c *gin.Context) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would love this function to also be able to just import a key I throw at it via HTTP. Has this just been not a need of yours, or where there problems implementing this functionality?
Please disregard this, I overlooked the GpgKeyArmor string and the --import
part.
However, I am still unsure what would happen if I specify GpgKeyArmor and GpgKeyID attributes. Ideally, I could specify the KeyIDs to be imported from my ASC-File.
I would expect an error if any keys not found, ideally there would be an informational message about present keys that were not specified.
Relevant documentation would need to be updated separately so folks can use these changes, at least before the (desperately awaited) next release, or did I miss it? (PR is huge) There should be another MR against aptly-dev/www.aptly.info. If you would like some help with that, I can try to prepare something not too wrong for you. ;) Thanks for the good work, btw. |
Thanks! Definitely we need to document these changes properly. We are still in the process of getting credentials and operational knowledge from previous maintainers about how to do a release, how to update the website, etc. It's taking longer than we would have liked unfortunately. If you have time for a documentation PR I would gladly accept it! |
Note to self: rebase this massive branch against master to fix conflicts. |
Just rebased this branch to master. |
15c10ff
to
d23b78a
Compare
I definitely have time for this starting from the weekend of 2021-11-27, before that point I am uncertain, just so you know. :) |
f519a12
to
326bc8c
Compare
this is needed so concurrent reads and writes are possible.
This way db usage is safe.
Progress is not safe so for api its always nil and code needs to take care of this
PublishRepo26Test fails to run because something in the CI environment forces gpg to ask for the user's password. Try to require gpg1 for the test, which seems to run fine in other environments.
@ximon18 As you can see, the CI is not running once I merged your GHA PR. Shall we maybe change the "branch" key in the |
Hi @lbolla, yes I mentioned this here. It depends on the branching policy for development in this repository and when you want the checks to be run:
|
Related to this discussion, on PR #1011 @randombenj just said:
The downside to this is when the PR is a work-in-progress and pushes are used as a sort of status update for collaborators and/or as a sort of backup, a lot of notifications can be annoying. It may also not make sense to keep running a workflow that takes a long time if not every result is going to be considered important/interesting, but instead only the final state of the branch prior to merge is interesting. I also don't know how many GH Actions credits this project has and if running very often will consume them. |
It may happen that aptly retries to download data during tests (maybe because of a network issue), but our fixtures doesn't account for it. So, we strip those irrelevant lines before comparison.
Various improvements implemented in Molior fork.
See https://github.com/molior-dbs/aptly/tree/molior