Page MenuHomePhabricator
Create Task
Maniphest T235405

Build cergen for buster
Closed, ResolvedPublic
Actions

Description

cergen needs to be build for buster. I'll most probably need some code changes, the current setup.py specifies "networkx < 2", which Buster has 2.2.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
signer: update networkx and python3-cryptography supportcergenmaster+8 -10
Install python3-lib2to3 on busteroperations/puppetproduction+4 -0
Create a separate component/cergenoperations/puppetproduction+1 -0
Customize query in gerrit

Related Objects

Event Timeline

MoritzMuehlenhoff created this task.Oct 14 2019, 7:42 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 14 2019, 7:42 AM
jbond added a comment.Oct 14 2019, 8:41 AM

I started on a path for this here but i ran into a further problem i couldn't easily fix https://gerrit.wikimedia.org/r/c/cergen/+/541796

gerritbot added a comment.Oct 14 2019, 9:40 AM

Change 541796 had a related patch set uploaded (by Jbond; owner: John Bond):
[cergen@master] signer: update networkx and python3-cryptography support

https://gerrit.wikimedia.org/r/541796

gerritbot added a project: Patch-For-Review.Oct 14 2019, 9:40 AM
gerritbot added a comment.Oct 14 2019, 11:32 AM

Change 542901 had a related patch set uploaded (by Muehlenhoff; owner: Muehlenhoff):
[operations/puppet@production] Create a separate component/cergen

https://gerrit.wikimedia.org/r/542901

gerritbot added a comment.Oct 14 2019, 12:23 PM

Change 542901 merged by Muehlenhoff:
[operations/puppet@production] Create a separate component/cergen

https://gerrit.wikimedia.org/r/542901

Stashbot added a comment.Oct 14 2019, 1:26 PM

Mentioned in SAL (#wikimedia-operations) [2019-10-14T13:26:11Z] <moritzm> imported python-networkx 1.11-2~wmf1 to component/cergen for buster-wikimedia T235405

Stashbot added a comment.Oct 14 2019, 1:48 PM

Mentioned in SAL (#wikimedia-operations) [2019-10-14T13:48:20Z] <moritzm> imported cergen 0.2.4-1+deb10u1 to component/cergen for buster-wikimedia T235405

jijiki triaged this task as Medium priority.Oct 14 2019, 3:49 PM
Stashbot added a comment.Oct 14 2019, 3:57 PM

Mentioned in SAL (#wikimedia-operations) [2019-10-14T15:57:10Z] <moritzm> imported cergen 0.2.4-1+deb10u2 to component/cergen for buster-wikimedia T235405

Stashbot added a comment.Oct 14 2019, 4:07 PM

Mentioned in SAL (#wikimedia-operations) [2019-10-14T16:07:47Z] <moritzm> imported cergen 0.2.4-1+deb10u3 to component/cergen for buster-wikimedia T235405

gerritbot added a comment.Oct 14 2019, 4:19 PM

Change 542987 had a related patch set uploaded (by Muehlenhoff; owner: Muehlenhoff):
[operations/puppet@production] Install python3-lib2to3 on buster

https://gerrit.wikimedia.org/r/542987

gerritbot added a comment.Oct 14 2019, 4:48 PM

Change 542987 merged by Muehlenhoff:
[operations/puppet@production] Install python3-lib2to3 on buster

https://gerrit.wikimedia.org/r/542987

MoritzMuehlenhoff added a comment.Oct 14 2019, 5:01 PM

networkx has some breaking API changes between 1.x and 2.x which are non-trivial to resolve. To unbreak the use of cergen on buster the build has been adapted to use a forward-ported 1.11 package on a separate component for buster-wikimedia (component/cergen, which now also includes cergen itself).

MoritzMuehlenhoff closed this task as Resolved.Oct 16 2019, 12:43 PM
MoritzMuehlenhoff claimed this task.
elukey subscribed.Oct 30 2019, 4:59 PM

CERGEN=yes DIST=buster-wikimedia pdebuild is needed to build the package in case anybody needs it :)

Ottomata added a comment.Oct 30 2019, 5:48 PM

Huh, can you add that to the debian/README?

elukey added a comment.Oct 30 2019, 5:56 PM
In T235405#5620530, @Ottomata wrote:

Huh, can you add that to the debian/README?

Yep yep already planning to, will do it tomorrow!

elukey added a comment.Oct 31 2019, 6:30 AM

On puppetmaster2001 I cannot see /etc/apt/sources.list.d/buster-cergen.list, hence the new package version seems not available.. expected?

MoritzMuehlenhoff added a comment.Nov 4 2019, 7:46 AM
In T235405#5622193, @elukey wrote:

On puppetmaster2001 I cannot see /etc/apt/sources.list.d/buster-cergen.list, hence the new package version seems not available.. expected?

Yes, it's only installed on the active Puppet CA, i.e. currently puppetmaster1001.eqiad.wmnet

gerritbot added a comment.Nov 3 2020, 8:44 PM

Change 541796 abandoned by Jbond:
[cergen@master] signer: update networkx and python3-cryptography support

Reason:

https://gerrit.wikimedia.org/r/541796

MatthewVernon mentioned this in T356412: Consolidate TLS cert puppetry for ms and thanos swift frontends.Feb 1 2024, 2:33 PM
MoritzMuehlenhoff mentioned this in T357750: Phase out cergen.Feb 16 2024, 9:40 AM
Maintenance_bot removed a project: Patch-For-Review.Feb 16 2024, 10:30 AM
MoritzMuehlenhoff mentioned this in T360412: Phase out cergen for Data Platform services.Mar 19 2024, 10:25 AM
MoritzMuehlenhoff mentioned this in T360413: Phase out cergen for Collaboration Services services.Mar 19 2024, 10:33 AM
MoritzMuehlenhoff mentioned this in T360414: Phase out cergen for Observability services.Mar 19 2024, 10:50 AM
MoritzMuehlenhoff mentioned this in T360439: Phase out cergen for Search Platform services.Mar 19 2024, 2:43 PM
MoritzMuehlenhoff mentioned this in T360506: Migrate purged away from cergen-issued certificate.Mar 20 2024, 9:41 AM
MoritzMuehlenhoff mentioned this in T360636: Phase out cergen for ServiceOps services.Mar 21 2024, 1:55 PM
MoritzMuehlenhoff mentioned this in T360778: Move maps/karthoterian to PKI/cfssl.Mar 22 2024, 1:51 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits