/srv/irclogs.ubuntu.com/2014/05/06/#launchpad-dev.txt

xnoxbarry: the latest & greatest way is via lxc container these days =)01:15
wgranthttps://dev.launchpad.net/Running/LXC01:15
wgrantBut which branch?01:15
xnoxbarry: see launchpad dev wiki. I had it running in the container quite quickly without destroying anything.01:15
xnoxwgrant: the one were i add support for header auth on the +access-page.01:16
wgrantOh, right.01:16
xnoxlp:~xnox/launchpad/devel or some such01:16
wgrantYeah, worst branch name ever :)01:16
xnoxwgrant: well i had a normal one, but after the whole branch setup machinery it started to force devel name for me.01:17
xnoxwgrant: anyway, for some reason just by changing the form to either be from headers or from body, results in request token to getting self destroyed when going via header auth.01:18
xnoxthus one can exchange it multiple times.... which is bad.01:18
wgrantxnox: Perhaps the transaction is not being committed in some cases?01:19
wgrantI'd turn on full statement logging in postgresql.conf to see what's going on.01:19
xnoxinteresting. i'll explore that. is there a way to enforce committing transaction either in the view code or in the "story" document?01:22
wgrantA POST should always be committed unless it crashes.01:23
xnoxi see. i do wonder if it is crashing.08:31
cjwatsonwgrant: Your livefs copy_field/export_factory_operation comment about my error in IPersonViewRestricted.createLiveFS: wouldn't doing either of those entail importing ILiveFS into lp.registry.interfaces.person, which is probably suboptimal?09:38
wgrantcjwatson: That's a good point. You could use contributes_to, or better still use something like lp.livefses.new09:39
wgrantWe should avoid bloating IPerson even if it doesn't require layer-violating imports.09:39
cjwatsonMm, right09:41
wgrantAlso, I've realised it's probably a terrible idea to allow random people to request builds of someone's LiveFS. It means a build is half owned by the requester, half by the LiveFS owner, and half by the archive owner.09:45
wgrantRequiring that the requester must be able to operate on behalf of the LiveFS owner solves most of that problem, as the only impact the archive owner can have is deleting their PPA.09:46
Kagetsukihello, I'm trying to set up a PPA and I'm a little confused on some things. First off I have a github repository which builds two debs with cmake - a lib and a command line client. Is there some way to specify this in the control file? should I have two control files? should I have two debian directories?09:46
wgrantIf we eventually open up builds to the world, we probably want some way to easily clone LiveFSes. But the free-for-all nature of projects and recipes isn't ideal, and we can easily avoid introducing the same problems here.09:47
cjwatsonThe use case I was thinking of was somebody in the touch team requesting a build of one of their LiveFSes against a particular PPA, without them having to be authorised to build the primary ones.09:47
wgrantKagetsuki: This channel is for the development of the code that runs Launchpad.net. You probably want #ubuntu-packaging.09:47
cjwatsonPerhaps being able to copy a LiveFS easily is better, indeed.09:47
wgrantcjwatson: Yeah, I see the use cases.09:47
Kagetsuki@wgrant OH! Sorry! Keep up the awesome work!09:47
cjwatson(For the time being that could be an API script without much trouble.)09:48
wgrantExactly.09:48
wgrantThe consumers are so few early on that we can see what happens.09:48
wgrantAnd if it doesn't work out, we can find some way to relax the restriction without introducing the foreseen problems.09:49
wgrantBut it's difficult to reign it in later.09:49
wgrantrein09:49
wgrantGiven that you haven't implemented authorisation yet, I guess the main change this yields is that the paths become something like /~ubuntu-cdimage/+livefs/ubuntu/utopic/desktop/+build/1234, rather than /ubuntu/+archive/primary/+livefsbuild/1234.09:53
cjwatsonThat's better anyway.09:54
wgrantYeah.09:54
cjwatsonWell.  Somebody in ~ubuntu-cdimage (say) could still in theory request a build for a different PPA09:55
wgrantThey could, yes.09:55
cjwatsonBut maybe that's not worth supporting09:55
wgrantWhy is that a problem?09:55
cjwatsonThe per-archive URLs would still make sense in that case09:55
cjwatsonIf we're relying on LiveFS copying to support the touch use cases, I wonder if we shouldn't fold a bunch of stuff from LiveFSBuild back into LiveFS09:56
wgrantLiveFSBuild has to have archive on either way, it's mostly a matter of whether requestBuild takes the arg or not.09:56
cjwatsonThough I think we still want to have the same LiveFS for a pre-release build against the release pocket and a post-release build against -proposed09:57
wgrantHm, I guess it doesn't have to, actually, if we decide that LiveFSBuilds are solely owned by the LiveFS owner.09:57
wgrantRight, we should support that. That's a common case that doesn't cross any trust boundaries.09:57
wgrantChanging the archive also doesn't really cross any trust boundaries. It's mostly a matter of whether we want to support it.09:57
cjwatsonAnd of course the DAS should still be on LiveFSBuild.09:57
wgrantI believe the only thing in question is Archive.09:58
cjwatsonSo I guess we don't gain much, because LiveFS would still be a partial specification.09:58
cjwatsonI would like to avoid the whole question of how privacy of livefs vs. archive owner interact, if possible.09:58
cjwatsonSo saying that if you want a different archive then you must copy the livefs is somewhat appealing.09:59
wgrantThat problem will always exist. We just have to minimise the impact.09:59
wgrantThe LiveFS owner could lose access to the P3A either way.09:59
cjwatsonOh, and other members of the LiveFS-owning team might not be able to see a private Archive even if the member of the team who created the LiveFS can.10:00
wgrantHaving LiveFSBuilds live in a hierarchy under the LiveFS means that the owner could still traverse to them, they just wouldn't be able to see the archive field.10:00
cjwatsonYeah.  In that case I'm inclined to leave the DB layout the way it is10:00
wgrantThe only way you could totally avoid it is by requiring archive.owner == livefs.owner, which isn't going to happen10:01
cjwatsonBeing able to request a build into some other archive is convenient for one-off tests10:01
cjwatsonSorry, I should stop saying into10:01
cjwatsonagainst some other archive10:01
wgrantRight, I think the only change we want from the old design is that the LiveFSBuild requester must participate in the LiveFS owner at the time of the request.10:01
cjwatsonAnd the hierarchy change10:02
wgrantEr yes, that too.10:02
cjwatsonSounds doable then.10:03
cjwatson/livefses is a messy plural, but whatever10:05
wgrantIndeed, and it's unfortunate having a collection with one method, but it's better than having every create method ever on IPerson or IProduct. Really makes things difficult to understand, with all the layering violations.10:06
barryxnox: cool.  i have a few other things to do this morning, but will take another look later today13:03
cjwatsonwgrant: FWIW I've thought about it and I think we have to keep LiveFSBuilds against private Archives themselves private.  Otherwise you can run a livefsbuild of your choice against a private archive and find out what's in it even after you've lost access to it.  And if you don't have access to the archive then none of the artifacts on livefsbuild are going to be any use to you, so there isn't much point in being able to traverse to it ...13:38
cjwatson... either.13:39
wgrantYeah, I realised that a couple of hours ago as well.13:39
cjwatsonUgh, the build system isn't happy with this /livefses top-level collection14:33
wgrantcjwatson: Oh, howso?14:33
cjwatsonhttp://paste.ubuntu.com/7404885/14:33
cjwatsonSomething to do with there being no non-devel methods, maybe?14:34
cjwatsonThe traceback is not wholly transparent14:34
wgrantYeah, TALES is great. Suppresses everything into a LocationError.14:34
wgrantTry exporting LiveFS and LiveFSBuild on >=beta, rather than >=devel14:34
cjwatsonAh, https://bugs.launchpad.net/lazr.restful/+bug/76084914:37
_mup_Bug #760849: No way to restrict export_as_webservice_collection to a given API version <api> <lazr.restful:Triaged> <https://launchpad.net/bugs/760849>14:37
wgrantAh, yeah, I remember that now.14:39
cjwatsonwgrant: Thanks, better now.15:00
=== marcoceppi_ is now known as marcoceppi
cjwatsonxnox: devel> rocketfuel-{setup,get} etc. force devel for the main LP devel branch, but you aren't expected to work there; you're expected to "bzr branch devel some-proper-name" and do your work in there.18:24
cjwatson(And run "utilities/link-external-sourcecode && make" in the new branch in an appropriate container.)18:27
xnoxok.18:30

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!