def do_Approve(): sudo("A", _do_Approve, True)
def _do_Approve():
- # 1. use process-policy to go through the COMMENTS dir
- spawn("dak process-policy embargo")
- spawn("dak process-policy disembargo")
- newstage=get_policy_queue('newstage')
-
- # 2. sync the stuff to ftpmaster
- print "Sync stuff for upload to ftpmaster"
- spawn("rsync -a -q %s/. /srv/queued/ftpmaster/." % (newstage.path))
-
- # 3. Now run process-upload in the newstage dir
- print "Now put it into the security archive"
- spawn("dak process-upload -a -d %s" % (newstage.path))
-
- # 4. Run all the steps that are needed to publish the changed archive
- print "Domination"
- spawn("dak dominate")
- print "Generating filelist for apt-ftparchive"
- spawn("dak generate-filelist")
- print "Updating Packages and Sources files... This may take a while, be patient"
- spawn("/srv/security-master.debian.org/dak/config/debian-security/map.sh")
- spawn("apt-ftparchive generate %s" % (utils.which_apt_conf_file()))
- print "Updating Release files..."
- spawn("dak generate-releases")
- print "Triggering security mirrors... (this may take a while)"
- spawn("/srv/security-master.debian.org/dak/config/debian-security/make-mirror.sh")
- spawn("sudo -u archvsync -H /home/archvsync/signal_security")
- print "Triggering metadata export for packages.d.o and other consumers"
- spawn("/srv/security-master.debian.org/dak/config/debian-security/export.sh")
+ print "Locking unchecked"
+ lockfile='/srv/security-master.debian.org/lock/unchecked.lock'
+ spawn("lockfile -r42 {0}".format(lockfile))
+
+ try:
+ # 1. Install accepted packages
+ print "Installing accepted packages into security archive"
+ for queue in ("embargoed",):
+ spawn("dak process-policy {0}".format(queue))
+
+ # 3. Run all the steps that are needed to publish the changed archive
+ print "Domination"
+ spawn("dak dominate")
+ print "Updating Packages and Sources files... This may take a while, be patient"
+ spawn("/srv/security-master.debian.org/dak/config/debian-security/map.sh")
+ spawn("dak generate-packages-sources2 -a security")
+ print "Updating Release files..."
+ spawn("dak generate-releases -a security")
+ print "Triggering security mirrors... (this may take a while)"
+ spawn("/srv/security-master.debian.org/dak/config/debian-security/make-mirror.sh")
+ spawn("sudo -u archvsync -H /home/archvsync/signal_security")
+ print "Triggering metadata export for packages.d.o and other consumers"
+ spawn("/srv/security-master.debian.org/dak/config/debian-security/export.sh")
+ finally:
+ os.unlink(lockfile)
+ print "Lock released."
########################################################################
########################################################################
if not cnf.has_key("Security::Options::%s" % (i)):
cnf["Security::Options::%s" % (i)] = ""
- changes_files = apt_pkg.ParseCommandLine(cnf.Cnf, Arguments, sys.argv)
+ changes_files = apt_pkg.parse_commandline(cnf.Cnf, Arguments, sys.argv)
- Options = cnf.SubTree("Security::Options")
+ Options = cnf.subtree("Security::Options")
if Options['Help']:
usage()
Options["Sudo"] = ""
if not Options["Sudo"] and not Options["No-Action"]:
- Logger = daklog.Logger(cnf.Cnf, "security-install")
+ Logger = daklog.Logger("security-install")
session = DBConn().session()
acceptfilename="%s/COMMENTS/ACCEPT.%s_%s" % (os.path.dirname(os.path.abspath(changes[0])), dbchange.source, version)
acceptfiles[acceptfilename]=1
+ print "Would create %s now and then go on to accept this package, if you allow me to." % (acceptfiles.keys())
if Options["No-Action"]:
- print "Would create %s now and then go on to accept this package, but No-Action is set" % (acceptfiles.keys())
sys.exit(0)
+ else:
+ raw_input("Press Enter to continue")
for acceptfilename in acceptfiles.keys():
accept_file = file(acceptfilename, "w")
projects / dak.git / blobdiff