[Bug 2077162] Re: [FFe/SRU] add-apt-repository --refresh-keys
Julian Andres Klode
2077162 at bugs.launchpad.net
Fri Aug 16 12:08:36 UTC 2024
** Description changed:
[Impact]
We want to provide an easy tool to allow users to refresh signing keys. This feature works for both deb822 sources and classic sources.
[Test plan]
For all releases:
1. Add a weak PPA, ensure its key is refreshed.
2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login
3. Add a second private PPA and ensure that we only see a single login request with --login
+ 4. Ensure non-PPA repositories are notified about as not being refreshable
+ 5. Ensure key files not refreshable via PPA mechanism are notified
For 24.04:
A. Add a weak PPA as a .list (23.10), ensure its key is refreshed.
B. Add a superflous key for a deb822 source with Signed-By and observe key file deletion.
+
[Where problems could occur]
The new feature could not work in all cases.
The launchpad login caching could possibly cause some problems, there
may be bugs there, but our test plan checks for both non-login and login
cases.
** Description changed:
[Impact]
We want to provide an easy tool to allow users to refresh signing keys. This feature works for both deb822 sources and classic sources.
[Test plan]
For all releases:
1. Add a weak PPA, ensure its key is refreshed.
- 2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login
- 3. Add a second private PPA and ensure that we only see a single login request with --login
+ 2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login, ensure we only see one login request.
4. Ensure non-PPA repositories are notified about as not being refreshable
- 5. Ensure key files not refreshable via PPA mechanism are notified
+ 5. Ensure key files not refreshable via PPA mechanism are notified
For 24.04:
A. Add a weak PPA as a .list (23.10), ensure its key is refreshed.
B. Add a superflous key for a deb822 source with Signed-By and observe key file deletion.
-
[Where problems could occur]
The new feature could not work in all cases.
The launchpad login caching could possibly cause some problems, there
may be bugs there, but our test plan checks for both non-login and login
cases.
** Description changed:
[Impact]
We want to provide an easy tool to allow users to refresh signing keys. This feature works for both deb822 sources and classic sources.
[Test plan]
For all releases:
1. Add a weak PPA, ensure its key is refreshed.
2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login, ensure we only see one login request.
- 4. Ensure non-PPA repositories are notified about as not being refreshable
- 5. Ensure key files not refreshable via PPA mechanism are notified
+ 3. Ensure non-PPA repositories are notified about as not being refreshable
+ 4. Ensure key files not refreshable via PPA mechanism are notified
For 24.04:
A. Add a weak PPA as a .list (23.10), ensure its key is refreshed.
B. Add a superflous key for a deb822 source with Signed-By and observe key file deletion.
[Where problems could occur]
The new feature could not work in all cases.
The launchpad login caching could possibly cause some problems, there
may be bugs there, but our test plan checks for both non-login and login
cases.
** Description changed:
[Impact]
We want to provide an easy tool to allow users to refresh signing keys. This feature works for both deb822 sources and classic sources.
[Test plan]
For all releases:
1. Add a weak PPA, ensure its key is refreshed.
2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login, ensure we only see one login request.
3. Ensure non-PPA repositories are notified about as not being refreshable
4. Ensure key files not refreshable via PPA mechanism are notified
For 24.04:
A. Add a weak PPA as a .list (23.10), ensure its key is refreshed.
B. Add a superflous key for a deb822 source with Signed-By and observe key file deletion.
[Where problems could occur]
- The new feature could not work in all cases.
+ The new feature could not work in all cases. It is luckily self contained in one (too) large function
The launchpad login caching could possibly cause some problems, there
may be bugs there, but our test plan checks for both non-login and login
cases.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to software-properties in Ubuntu.
https://bugs.launchpad.net/bugs/2077162
Title:
[FFe/SRU] add-apt-repository --refresh-keys
Status in software-properties package in Ubuntu:
New
Bug description:
[Impact]
We want to provide an easy tool to allow users to refresh signing keys. This feature works for both deb822 sources and classic sources.
[Test plan]
For all releases:
1. Add a weak PPA, ensure its key is refreshed.
2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login, ensure we only see one login request.
3. Ensure non-PPA repositories are notified about as not being refreshable
4. Ensure key files not refreshable via PPA mechanism are notified
For 24.04:
A. Add a weak PPA as a .list (23.10), ensure its key is refreshed.
B. Add a superflous key for a deb822 source with Signed-By and observe key file deletion.
[Where problems could occur]
The new feature could not work in all cases. It is luckily self contained in one (too) large function
The launchpad login caching could possibly cause some problems, there
may be bugs there, but our test plan checks for both non-login and
login cases.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/2077162/+subscriptions
More information about the foundations-bugs
mailing list