asf-tooling commented on issue #201:
URL:
https://github.com/apache/tooling-trusted-releases/issues/201#issuecomment-4410432832
<!-- gofannon-issue-triage-bot v2 -->
**Automated triage** — analyzed at `main@2da7807a`
**Type:** `discussion` • **Classification:** `no_action` •
**Confidence:** `medium`
**Application domain(s):** `artifact_upload`, `cryptographic_keys`,
`announcement_publishing`
### Summary
This is an ongoing architectural planning issue about integrating ATR into
the rsync distribution path for SVN dist artifacts. The approach has evolved
through discussion from 'transition 2' to '2b' to the latest decision by
@dave2wave (2026-02-15) to use 'transition 1b'. The concrete work involves
making the ATR container access a sparse checkout of the dist release SVN
server and using it as DOWNLOADS_STORAGE_DIR. Work is tracked across multiple
sub-issues (#19, #245, #649, #753), with @sbp most recently (16 days ago)
pointing to relevant notes in #753.
### Where this lives in the code today
#### `atr/svn/commits.py` — `handle` (lines 34-39)
_currently does this_
Handles PubSub SVN commit notifications and updates a local working copy -
part of the mechanism to keep ATR's view of SVN dist in sync.
```python
async def handle(payload: dict, working_copy_root: pathlib.Path) -> None:
pubsub_path = str(payload.get("pubsub_path", ""))
# Ignore commits outside dist/dev or dist/release
if pubsub_path.startswith(_WATCHED_PREFIXES):
log.debug(f"PubSub payload: {payload}")
await _process_payload(payload, working_copy_root)
```
#### `atr/svn/__init__.py` — `commit` (lines 94-115)
_currently does this_
SVN commit capability - ATR can already write to SVN, which would be used in
the transition to push release artifacts to dist.
```python
async def commit(path: pathlib.Path, url: str, username: str, revision: str,
message: str) -> str:
log.debug(f"running svn commit for user '{username}' to '{url}'")
# The username here is the ASF UID of the committer
svn_token = config.get().SVN_TOKEN
if svn_token is None:
raise ValueError("SVN_TOKEN must be set")
return await _run_svnmucc_command(
"put",
str(path),
url,
"--username",
username,
"--password",
svn_token,
"--non-interactive",
"--with-revprop",
f"asf:tool={_ASF_TOOL}",
"-r",
revision,
"-m",
message,
)
```
#### `atr/svn/__init__.py` — `update` (lines 165-167)
_currently does this_
SVN update of working copy - used by the PubSub handler to keep ATR's local
SVN checkout current.
```python
async def update(path: pathlib.Path) -> str:
log.debug(f"running svn update for '{path}'")
return await _run_svn_command("update", str(path), "--parents")
```
#### `atr/ssh.py` — `_step_07a_process_validated_rsync_read` (lines 578-592)
_extension point_
Rsync read handler that serves files from release directories - would need
to also serve from the SVN dist checkout path under transition 1b.
```python
async def _step_07a_process_validated_rsync_read(
process: asyncssh.SSHServerProcess,
argv: list[str],
release: sql.Release,
file_patterns: list[str] | None,
) -> None:
"""Handle a validated rsync read request."""
exit_status = 1
try:
# Determine the source directory based on the release phase and
revision
source_dir = paths.release_directory(release)
log.info(
f"Identified source directory for read: {source_dir} for release
"
f"{release.key} (phase {release.phase.value})"
)
```
### Where new code would go
- `atr/config.py` — after existing config fields
A DOWNLOADS_STORAGE_DIR config field would be needed to point to the
sparse SVN checkout path, as described by @dave2wave.
- `atr/svn/working_copy.py` — new file
Management of the sparse SVN checkout lifecycle (initialization, update,
path resolution) may warrant a dedicated module.
### Proposed approach
This is an umbrella issue with work tracked across sub-issues (#649, #753,
#19, #245). The latest decision (transition 1b per @dave2wave on 2026-02-15)
involves configuring the ATR container with access to a sparse SVN checkout of
the dist release repository, using this as the DOWNLOADS_STORAGE_DIR. The
PubSub-driven update mechanism in atr/svn/commits.py already provides the
foundation for keeping the working copy in sync.
No single diff would resolve this issue. The work involves: (1)
container/infrastructure configuration for SVN checkout access, (2)
configuration additions for DOWNLOADS_STORAGE_DIR, (3) modifications listed in
#649, and (4) integration with the rsync read path. Given that @sbp just
pointed to additional notes in #753, this remains in active
planning/implementation phase.
### Open questions
- What specific code changes are tracked in #649 that relate to this issue?
- What does 'transition 1b' specifically entail vs the earlier transition
2/2b approaches?
- What is the status of the dependencies on #19 and #245?
- What are the relevant notes in #753 that @sbp referenced?
- Is there a test SVN dist repository available yet (as @dave2wave mentioned
needing in Jan 2026)?
- What is the DOWNLOADS_STORAGE_DIR config mechanism - does it already exist
or need to be created?
_The agent reviewed this issue and is not proposing patches in this run.
Review the existing-code citations and open questions above before deciding
next steps._
### Files examined
- `atr/tasks/svn.py`
- `atr/ssh.py`
- `atr/post/upload.py`
- `atr/storage/writers/ssh.py`
- `atr/svn/__init__.py`
- `atr/get/upload.py`
- `atr/shared/upload.py`
- `atr/svn/commits.py`
---
*Draft from a triage agent. A human reviewer should validate before merging
any change. The agent did not run tests or verify diffs apply.*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
