All the output is a duplicate of what is being sent to the root logger
(albeit in a different format) and in e.g. our test suite the output
is entirely redundant.
Signed-off-by: Niels Thykier <niels@thykier.net>
With a bit of code we can replace the manual file-handling for
"upgrade_output" with a logger. This will enable us to refactor other
bits that currently depend on "output_write" by making those bits use
a logger instead.
This also migrates "do_hint" to use the new output logger. This is
due to "do_hint" being the only method relying on writing of partial
lines and maintaining support for that in "output_write" would have
been non-trivial.
To ensure "pretty" formatting to stdout, the messages in
"output_write" are now chopped into multiple lines.
The only visible change is that the output to stdout from
"output_write" now also includes the prefix with a timestamp.
However, then contents of "upgrade_output" remain unchanged
deliberately.
Signed-off-by: Niels Thykier <niels@thykier.net>
We already know the item is successful when we print it and the next
line ("final:") will confirm it any way.
Signed-off-by: Niels Thykier <niels@thykier.net>
At a glance, it looks like the value of "better" variable can be
decided from 3-4 places. However, due to the code flow only two of
those assignments are truly "live"/useful.
Signed-off-by: Niels Thykier <niels@thykier.net>
This commit rewrites the make-shift "log" methods to use the logging
framework without requiring changes to the callers. This will be done
in a latter commit to keep things reviewable.
Signed-off-by: Niels Thykier <niels@thykier.net>
The "Out of date" binaries loop has gotten too complex to also handle
the "unsatisifiable dependency" check. Concretely, we failed to
generate proper excuses for arch:all packages due to this.
Separate the two loops to restore the arch:all check.
Signed-off-by: Niels Thykier <niels@thykier.net>
Add a new "BuildDependsPolicy" that will check the satisfiability of
the build-dependencies listed in the Build-Depends and
Build-Depends-Arch fields. This enables gating of packages based on
missing / broken build-dependencies.
There are some limitations:
* Build-Depends-Indep is ignored for now. Missing or broken packages
listed in Build-Depends-Indep will be continue to be silently
ignored.
* Being a policy check, it does not enforce "self-containedness" as
a package can still migrate before a build-dependency. However,
this can only happen if the build-dependency is ready to migrate
itself. If the build-dependency is not ready (e.g. new RC bugs),
then packages build-depending on it cannot migrate either (unless
the version in testing satisfies there requirements).
Signed-off-by: Niels Thykier <niels@thykier.net>
We basically use them as sets and do not need to rely on the ordering,
so we might as well just turn them into proper sets.
Signed-off-by: Niels Thykier <niels@thykier.net>
The original method confused IntelliJ into thinking that binary_t was
a boolean rather than an object.
Signed-off-by: Niels Thykier <niels@thykier.net>
With this change, Britney can now provide a very brief summary of the
migration via one single value (YAML) or line (HTML). This solves two
issues:
* It provides an aggregated version of the policy decision without
having to loop over all policies (and even those would not give
a full verdict on their own as not all rejections come from
policies)
* It enables a simple way to inform readers of the HTML excuses of
whether a rejection is permanent or not. This should hopefully
make it easier for contributors to understand Britney and react
more pro-actively.
Signed-off-by: Niels Thykier <niels@thykier.net>
In the unlike case that there are multiple removal hints, showing
the first valid hint should be sufficient.
Signed-off-by: Niels Thykier <niels@thykier.net>
Doing this means that you can't use the hint tester for packages with
uppercase characters in the version, e.g.
Version mismatch, dreamchess 0.2.1-rc2-2build1 != 0.2.1-RC2-2build1
Closes: Debian#846141
Signed-off-by: Niels Thykier <niels@thykier.net>
This fixes commit 497edc to really allow policies to see if the excuse has
already been invalidated by previous policies.
Signed-off-by: Niels Thykier <niels@thykier.net>
Cleanly split doop_source into a (small) part about source packages
and a (longer) part about binary packages.
Signed-off-by: Niels Thykier <niels@thykier.net>
Coverage suggests that the conditions are always true. If so, we can
replace the "elif" with a regular "if" - but for now, lets keep an
assert.
Signed-off-by: Niels Thykier <niels@thykier.net>
Add a check to ensure we do not create broken test data (as happened
recently, where the architecture values were swapped for a single
binary). A cold hard failure like this is easier to debug
compared to Britney playing "garbage in, garbage out".
Signed-off-by: Niels Thykier <niels@thykier.net>
Add some "no cover" to some unrecoverable exceptions
(e.g. misconfiguration) or base-class methods that are not intended to
be invoked.
Signed-off-by: Niels Thykier <niels@thykier.net>
This gives Policies the opportunity to see if a previous check
(build/installability) or earlier policies already invalidated the update. This
allows writing policies that work on groups of packages, or skipping expensive
checks (such as triggering autopkgtests while the package is not built or
installable yet).
Signed-off-by: Niels Thykier <niels@thykier.net>
Why duplicate that in the configuration when Britney can just pull it
in the Release file for testing? :)
Closes: Debian/britney2#11
Signed-off-by: Niels Thykier <niels@thykier.net>
As a side effect, remove mips64el from NEW_ARCHES as we no longer need
that as a work around.
Closes: Debian/britney2#12
Signed-off-by: Niels Thykier <niels@thykier.net>
It is unwieldy to have one half of output data generation in the policy but not
the other half of updating the excuse. Now that apply_policy() gets the excuse
object as argument we can move everything there.
Signed-off-by: Niels Thykier <niels@thykier.net>
This allows tests to check whether there are any missing builds or old
binaries, so that expensive actions such as "trigger an autopkgtest" are not
done too early/in vain.
Signed-off-by: Niels Thykier <niels@thykier.net>
For future policies such as running autopkgtests it is important to know
whether a package has built, so that expensive actions such as "trigger an
autopkgtest" are not done too early/in vain.
This requires dropping the "age != 0" check for adding the out-of-date-ness to
the Excuse, as the policies now run later. But this check only applied to an
infinitesimal age, and even with age == 0 it is still a valid excuse that there
are missing binaries.
Signed-off-by: Niels Thykier <niels@thykier.net>
FAILED/SUCCESS lines would be separated by a whitespace from the list
of architectures, but not itself followed by whitespace. This is slightly
confusing, as one could interpret it as being a heading for the following
block of tested packages, rather that the final result of the previous
block.
This includes refining "HINTS_ALL" to cover all hints added at
runtime.
Currently, it is not very useful. However, a later commit will allow
policies to use this feature.
Signed-off-by: Niels Thykier <niels@thykier.net>
For items not having an age requirements (e.g. urgency=critical)
always list the "missing build" note if present.
Signed-off-by: Niels Thykier <niels@thykier.net>
This hint will block all "new" source migrations. Source migrations
for packages already in testing will be affected by this. As usual,
this hint can be overruled by an unblock hint.
Closes: GH#8
Signed-off-by: Niels Thykier <niels@thykier.net>
Reduce a "loop over all valid items" to a "loop over an item's
dependencies + reverse dependencies". For sparse graphs, this
is much more efficient.
Signed-off-by: Niels Thykier <niels@thykier.net>
python-apt's "TagFile" seems to cut the field short if it meets a
comment. Therefore allow comments in the actual field value to avoid
this nasty behaviour.
Signed-off-by: Niels Thykier <niels@thykier.net>
Packages in main should not need them. Presuming we eventually make
Britney enforce separation between components, "non-free" seems like a
better default.
Signed-off-by: Niels Thykier <niels@thykier.net>
If there is a regression in "present-and-installable" constraints (on
non-break architectures), then discard the item even if the nuninst
counters have improved.
Signed-off-by: Niels Thykier <niels@thykier.net>
For (non-hint) migrations, split the set of affected into two
parts; one for reverse dependencies and one "negative dependencies"
(e.g. Conflicts).
If there are only regressions in the nuninst after checking the first
set, then there is no reason to continue with the second set (as
"negative dependencies" can only make it worse at that point).
Signed-off-by: Niels Thykier <niels@thykier.net>
Ideally we would reject all items with known unsatisfiable
dependencies as they would not be installable in testing. However,
there are a few known corner cases where we still want to migrate them
(notably when they are already broken in testing).
This commit is an attempt to weed out some of the "obviously" broken
items that will not successfully migrate.
Signed-off-by: Niels Thykier <niels@thykier.net>
In the next commit, the binary packages will be turned into
namedtuples and will become immutable objects.
Signed-off-by: Niels Thykier <niels@thykier.net>
In an architecture only migration, we currently see two notes for
every arch:all packages:
* Ignoring "new" arch:all package
* Ignoring "removal" of arch:all package
But a closer look at the situation is that the arch:all packages is
generally the same in both testing and the source suite.
This commit removes these notes when the arch:all is the same in both
suites.
Signed-off-by: Niels Thykier <niels@thykier.net>
There was an implicit assumption in Britney that was violated recently
(presumbly in 12d9ae8). This assumption is that a source package will
reference the *latest* version of an arch:all package; even if that
version is not built by that source (version).
Image the following packages:
* p-all/1 and p-all/2 are arch:all packages.
- p-all/1 is generally superseded by p-all/2 except it has not
been removed yet (regardless of why that happens).
* src-a/2 builds p-all/2.
When Britney loads the packages (assuming packages are sorted[1]):
* p-all/1 is read and associated with src-a/2 (despite not being
built from that source)
* p-all/2 is read afterwards. It would replace p-all/1 and be
assoicated with src-a/2 as well.
- Prior to 12d9ae8, the assoication would be "pkg, arch" and
therefore the same.
- In 12d9ae8a and after, the association would include version
and both would be associated at the same time.
* Since p-all/1 is discarded, it is never added to the
installability tester (nor the solver). It then promptly throws
an exception when asked to deal with a package it believe does
not exist.
- This can trivially be solved by removing the association
between p-all/1 and src-a/2 when p-all/2 is read.
So far so good. Unfortunately, this adds another another problem!
When Britney migrates a binNMU, she currently removes *all* binary
packages on that architecture - *including* the arch:all packages.
This works out in the end because the arch:all packages be re-added
since they associated with the source package.
At first glance, this appears to be a non-issue until you add
hijacking to the mix. This is *exactly* the case behind #709460.
However, now we end up in a situation where the arch:all package is
removed during binNMU and not re-added (because the arch:all package
is not associated with *that* source any more).
This commit fixes all of the above by:
1) Correctly disassociating superseded arch:all packages from their
source packages
2) Falsely associating the "new" arch:all package to the source that
provided the superseded arch:all package (to avoid issues with
binNMUs and hijacked packages).
- This should probably be undone at some point when Britney does
not need this "hack" any more.
This fix is currently relying on the packages being sorted. But so
did the fix for #709460 (see [1] again). It might be prudent to fix
that as well (or at least reject the packages file rather than produce
"random" results).
[1] Which is another assumption we have been relying and that is
currently satisfied.
Signed-off-by: Niels Thykier <niels@thykier.net>
* A package being removed is *not* affected
- It will just be filtered out later in "check_packages"
* Since all transitive reverse dependencies will be added to
"affected" at the end of the method, there is no reason to
find the immediate set of reverse dependencies of a package
if the package is added itself as well.
Signed-off-by: Niels Thykier <niels@thykier.net>
Adds a --components command line argument (and corresponding config file
option). If specified, package info is expected to be in the usual Debian
mirror layout, ie:
testing/source/Sources
testing/binary-${ARCH}/Packages
(nthykier: Squashed, rebased and did some porting to Python3)
Signed-off-by: Niels Thykier <niels@thykier.net>
A package can have old cruft no longer in testing, which can't
migrate because it depends on old libraries or packages that
aren't in testing anymore, preventing migration.
There's no point in trying to migrate old cruft that has already
been removed in testing anyway, so don't do that.
Signed-off-by: Emilio Pozuelo Monfort <pochu@debian.org>
Signed-off-by: Niels Thykier <niels@thykier.net>
The "include_hijacked" parameter of "_compute_groups" was always
false, so there was little point in having it.
Signed-off-by: Niels Thykier <niels@thykier.net>
The same_source is supposed to compare two versions and (if needed)
"massage" a binNMU version into a source version. This extra feature
of same_source happens to be unused (and not generally applicable):
1) We always compare two source versions, so there is never a
binNMU version in the first place.
2) binary versions are *not* always equal to their source version
(even with the binNMU suffix stripped). This happens when
packages use "dpkg-gencontrol -v<version>".
Note this causes results from some live-data tests to change, because
there has been a sourceful upload with a binNMU version. It was
intended as a binNMU, but was uploaded with the source as well. As
Britney no longer works around this issue, it makes her remove the
affected packages in the end (as their source version does not match
the version in testing).
Signed-off-by: Niels Thykier <niels@thykier.net>
This bug involves a corner case that involves:
* source orig providing liborig1 and orig-doc in testing
* source orig providing liborig2 and orig-doc in unstable
* source hijack providing liborig2 and orig-doc in both testing and unstable,
where the versions of hijack's binaries has a higher version than those of
"orig".
The arch:all packages are needed to trigger this, because Britney
flags an arch:any package as "out of date" and stops the migration
there. However, she is more lenient with arch:all packages.
What happens is that Britney realises that src:orig need to be updated
in testing (to remove liborig1). This leaves src:orig with no
binaries left in testing (as the orig-doc from hijack is used) and it
is therefore removed as an obsolete source. The obsolete removal then
exploded because Britney was also trying to remove the liborig1
package, which is no longer there.
Signed-off-by: Niels Thykier <niels@thykier.net>
With this patch, Britney will correctly parse (and deparse) a
versioned Provides. Furthermore, she will allow it to satisfy any
unversioned dependency on the provided package.
This is the easy half of #786803.
Signed-off-by: Niels Thykier <niels@thykier.net>
It can be used to A) to make the mismatch check more efficient and B)
share identical binaries between suites.
Signed-off-by: Niels Thykier <niels@thykier.net>
Previously whether such packages received excuses, and the specific
content of such excuses, was dependent on the order in which their
binary packages were considered.
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
This made iter_packages_hint a thin wrapper around try_migration, so
it was inlined into its only caller "do_all".
Signed-off-by: Niels Thykier <niels@thykier.net>
The callers of get_dependency_solvers need to do those table lookups
anyway. By moving it out, it is now possible to reuse the results.
Signed-off-by: Niels Thykier <niels@thykier.net>
Rely on the Installability tester to locate all of the affected
packages plus their transitive reverse dependencies. As the
InstallabilityTester is suite agnostic, the set of affected packages
now includes (versions of) packages not in testing, which is filtered
out during the check.
Signed-off-by: Niels Thykier <niels@thykier.net>
If we have an up-to-date arch all package available for this architecture,
that doesn't mean this architecture has an up-to-date build. We need an
architecture specific up-to-date package for that.
Signed-off-by: Ivo De Decker <ivodd@debian.org>