On 06/05/10 03:33, Denis A. Altoé Falqueto wrote:
On Wed, May 5, 2010 at 3:51 AM, Allan McRae<[email protected]> wrote:
5.2 devtools
I don't know them, so I can't comment. But the upload and repo.db
generation will be affected, for sure.
repo-add is also mostly good to go (there are some TODOs left, e.g. aborting
when the signature verification of the repo fails before adding the
package).
There needs to be discussion about signing the repo database itself and how
that is handled. Does the last person to add a package sign the lot? That
might be reasonable given the package signatures have been verified in some
sort of chain to the initial signing. But it does mean that developers are
signing the entire db when they are only responsible for a small part. I
guess that would also require private keys be available on the server
creating the repo dbs.... That needs thought. How do other distros handle
that?
Yes, this is a little troublesome right now. I don't know the workflow
of the package upload and repo.db creation, but I presume that
there'is a script to do it, right? Does repo-add run locally or
remotely? I believe that it is run remotely. In that case, is there
any synchronization scheme? Because we can have race conditions if two
developers are calling it at the same time.
I was thinking about generating the sha1 hash of the repo.db on the
server and to sign locally just the hash, so the exchange of data
between the server and the local machine is minimized. A digital
signature is basically just that anyway. We could have a script to
help the process, together with synchronization of the repo.db, to
avoid race conditions. But that depends on the workflow of the
uploading process. Could you explain it to me?
This is the current Arch package upload procedure. Of course, it is not
set in stone and if it requires changes for signing then that is fine.
1) packages are built locally, committed to SVN and uploaded to a
staging directory on the main server.
2) on the main server, the dev runs a script that adds the packages in
the dev staging area to the repos and updates the repo database. This
script does some sort of locking to prevent races conditions.
Allan
