[Bug 1936640] Re: Download signed version from versioned URL

Fri Jul 16 15:16:17 UTC 2021

Hello Julian, or anyone else affected,

Accepted shim-signed into hirsute-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/shim-
signed/1.50 in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
hirsute to verification-done-hirsute. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-hirsute. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: shim-signed (Ubuntu Hirsute)
       Status: New => Fix Committed

** Tags added: verification-needed verification-needed-hirsute

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shim-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1936640

Title:
  Download signed version from versioned URL

Status in shim-signed package in Ubuntu:
  New
Status in shim-signed source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]
  shim-signed uploads FTBFS for a couple hours after upload on arm64, as the arm64 builders are behind a proxy with caching, and the proxy caches the old version for the current/ url.

  Switch the download-signed script to extract the current version from
  the apt cache and download from that instead of the unversioned
  symlink. This means it will 404 on first try, and then hopefully the
  404 is not cached for hours.

  [Test plan]
  Check it downloads versioned script during build

  [Where problems could occur]
  I can imagine that if the version number of "shim" contains special characters, they might need URL escaping. At the moment, we don't have special characters, so it should just work.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1936640/+subscriptions