Foundations Team Updates - Thursday 2024/10/03

Previous status: Foundations Team Updates - Thursday 2024/09/26
Next status: Foundations Team Updates - Thursday 2024/10/10f

1 Like

Short week. Two days off

subiquity

distro

1 Like
1 Like

ubuntu-image

  • Setting up a way to rebuild the snap in latest/stable
  • PR # 248 - Deduplicate snaps from seeds
    • Merged
  • Released 3.4.1 (deduplicating snaps from seeds)
  • PR # 246 - Rework grub setup
    • Review cycle in progress. This is shifting how we handle boot assets when dealing with grub so this is spurring discussions.
  • Submitted PR # 14561 on snapd - gadget: add a Size method to Volume
    • In review.
  • PR # 251 - Fix UC image size (fixing LP: #2077572)
    • Waiting for the snapd PR to land to use the newly added method on volume.
  • PR # 252 - Split spread tests
    • The idea is to get a clear view of current “buildability” of the latest release and devel one on various series.
    • Discussed with Sergio Cazzolato from the snapd team to add more runners. He will soon deploy 4 more.
    • In review.
  • Bootloader handling in ubuntu-image/imagecraft brainstorm
  • PR # 247 - Spread test riscv64 ubuntu server image
    • Working on 24.04. Now investigating build failures on older series (may be unrelated to RISCV).

imagecraft

  • Threat Model - Review cycle in progress
  • Filled “Documentation/product alignment: Imagecraft”
  • Vulnerability scanning and result analysis
  • PR #59 - Rename the UbuntuSeed plugin as UbuntuBootstrap
    • Merged

Distro

1 Like

Distro

  • fixed a number of stupid mistakes in my gsasl and libgcrypt20 MRs for FTBFS and @enr0n sponsored them
  • investigated test issues with gsasl on armhf but didn’t succeed; my main suspect is glibc but several months ago unfortunately

Misc

  • Studied the python cryptographic libraries ecosystem, especially for TLS; they tend to set their own default cipher list which obviously ruins any consistency set at the distribution levelr. It looks like changes are only needed in python’s ssl and the rust openssl bindings (mostly used by pyopenssl; yes, that’s quite an unexpected detour!)
  • Studied the gnutls28 autopkgtest which doesn’t use the upstream testsuite mechanism but a home-grown, which sometimes leads to surprises and makes reporting bugs upstream more difficult. Patches in progress.
  • Worked along @upils on https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2081684
  • Wrote a tool to dump text from Boox’ .note proprietary fileformat and threw it on the web: https://ubuntu.dcln.fr/boox-note-dump/
1 Like

Short week. Was at All Systems Go! conference last week.

Distro

Misc

  • Hiring/interviews
  • Reviewing specs
1 Like

Oracular

  • Tested 6.11 kernel on desktop image
  • Refreshed merge request to clean up handling of oem-config-prepare in image builds
  • Filed merge request to remove (redundant) cloud-initramfs-growroot
  • Filed merge request to remove (duplicated) seeded snaps from desktop image definition

Noble

  • SRU of Python 3.12 fix for Kodi (LP: #2079914)
  • Tested backport of mesa fixes for D0 stepping of the Pi 5 2712 (LP: #2082072)
  • Filed merge request to remove (redundant) cloud-initramfs-growroot

Jammy

  • Sponsored SRU of FK_FORCE_EFI fix for flash-kernel (LP: #2011536)

General

1 Like

General

  • short week (illness)
  • promotion committees
  • patch pilot shift; unproductive due to server outage
  • 25.04 planning

Archive

1 Like

Rust

  • Some more roadmap planning for the next cycle

Distro

+1 Maintenance

  • freerdp2
  • dolfin (took several days to investigate)
1 Like

curtin

  • Got the Github CI green \o/

meta-release

  • Worked on improving the CI on the meta-release files, to prevent another accident like this to happen again.

auto-upgrade-testing

  • Got that back on track after the loss of venonat, our good old Jenkins runner. Got replaced by @paride, but needed a bit of tuning to get everything to work.

autopkgtest

  • Reviewed and tested an MR by @paride, adding support for adding PPA easily.

autopkgtest-cloud

MIR retry

  • Finally got the promotion for retry (MIR). Many thanks @didrocks who was very reactive through all that adventure:
    • You cannot promote a package in $release, it needs to be in $release-updates.
    • That means an SRU.
      • Obviously with version number shenanigans when Noble and Oracular have the same version.
    • You apparently cannot promote a package that is in $release-updates, but also still in $release-proposed. The cleanup is not automatic.
      For a simple MIR at first glance, I definitely learned a lot in the process! And now we’ll finally be able to SRU autopkgtest to Jammy and Noble with long awaited bug fixes!

Error Tracker

  • Fixed and deployed two missing lines for noble and oracular. This was a good way of investigating how to actually deploy code in production in the error tracker.
  • Explored how this whole thing is wired. Started a personal note to track the no less than 7 repositories that hold the code, excluding apport and whoopsie.
  • Got a ping from @ballot to see about cleaning the Cassandra DB storing the data. I still need to level up with all these scripts, tables, and data everywhere, but I’ve figured something.
1 Like

Short week - PTO and bank holiday

Documentation

TCK - completed all the planned internal user docs
OpenSSL FIPS Provider - README and blog-post WIP

OpenJDK CRaC

OpenJDK CRaC + Rockcraft demo WIP

Misc

Adoptium WG meeting
Code reviews

1 Like
  • Had my remaining +1 changes sponsored (nose, efitools)
  • Shim-signed with (for now optional) NX support in archive
  • cd-boot-images containing shim-signed 1.59 in archive
  • Reviewed Secure Boot documentation PR
  • Currently working on addressing comments in upstream GRUB NX series
1 Like

Slightly shorter week with Monday off.

Subiquity

Distro

  • upgrade quirk for ubuntu-release-upgrader

  • Investigating lintian FTBFS on amd64

    • Failing due to a single test failure on the LP builders, but passes locally?
    • However the package also fails to build locally for different reasons I haven’t figured out yet!
1 Like

hardware installer testing

  • continuing enabling new machines
  • debugging edge case bugs in test cases
  • organised meeting with hardware certification team to discuss displaying iso test results on test observer

iso testing

  • tpm fde install tests for oracular
  • snap tracking upgrade tests from noble to oracular

new jenkins

  • bunch of firewall MPs enabling various jenkins jobs that we have

autopkgtest-cloud

  • debugging issues with apache2 auto-restarting

iso promotion

  • kicked server ppc64el oracular to migrate from pending to current
1 Like

Netplan

  • Prepared an RFC with a new format for the networkmanager.passthrough block PR#522 LP#2080301
  • Back-ported all the recent SR-IOV handling improvements from Netplan 1.0 and 1.1 to Jammt LP#2083008
1 Like
  • nbd-client autopkgtests: fix MP up, but turns out that resizing /tmp on canonical autopkgtests infrastructure doesn’t work. Looking for workarounds (like changing cwd) or will just ask QA to increase the /tmp size
  • Investigating the inhibition of growroot-almost during first boot
  • Making rpi-imager snap to bump it to v1.9
  • Got the FTBFS MPs merges
  • Pi planning with @waveform
    Had a public holiday on 2nd Oct.
1 Like

autopkgtest

  • Continue to try and replicate the tmpfs bug, which has proven to be some trouble. There are some other lingering issues w/r/t /tmp being a tmpfs, with prior assumptions about the fs type no longer being valid.
  • Before /tmp was a tmpfs, the directory was cleared “manually” at boot by the system. Now that the default is different /tmp does not get cleared, which is at odds with some assumptions autopkgtest makes about the system.
  • Some misc improvements with dependencies and chasing down a possible dependency bug in autopkgtest-build-lxd.

autopkgtest-cloud

  • Still moving the statistics calculations out of the webserver itself into a systemd unit, but requirements are better defined now and an MP is forthcoming.

Misc

  • Working on getting access to the engineering bastion to add some firewall rules.
  • Made a first-pass change to the git-ubuntu CI using @rbasak’s snap-other-archs.py script to build git-ubuntu for non-amd64 systems.
1 Like

Documentation

Netplan

  • Review & fixes: PR #520: Fix docs directory structure to reflect diátaxis
    • PR #1: Meson and docs-validation updates to reflect new docs dir structure
    • PR #3: Fix paths to reference docs for link and spellcheck

Subiquity

  • PR #2078: Update Sphinx extensions and RTD config
  • Review: PR #2095: security overview

Developer Guide

  • PR #11: Various small fixes
  • Review: PR #12: add how-to guides for Go

Packaging Guide

  • Review: PR #74: Integrate external sru docs

Governance Docs

(Ubuntu Tech Board)

1 Like
  • Compliance training
  • Implementing HTTP in U-boot, most of the week
  • Manual testing of riscv QEMU images
  • Experimenting with RISC-V RVA23
  • Sync with the team on RISC-V planning
1 Like

This report contains the work from the last two weeks.

Distro

Sponsoring

other

1 Like