From 785c4c53d33b354d11b6d8251ecd144b4d488ba5 Mon Sep 17 00:00:00 2001
From: Michael Hudson-Doyle <michael.hudson@canonical.com>
Date: Mon, 15 Sep 2025 09:09:02 +1200
Subject: [PATCH] Fix daily-dangerous builds:

* Fix daily-dangerous builds:
  - Copy hooks.
  - Mangle the channel of seeded snaps to use the edge risk of whichever
    track they are taken from.
  - Update the dangerous model to reference tracks that actually exist.
  - Include providers of content plugs when seeding snaps and creating
    TPMFDE system.
  - Do not attempt to build an UEFI boot image or hyperv desktop image for
    this project/subproject combination.
---
 debian/changelog                              | 14 ++++++++
 live-build/auto/config                        |  3 +-
 live-build/functions                          | 30 ++++++++++++++--
 .../base/disk-image-uefi-non-cloud.binary     |  2 +-
 .../hooks/030-ubuntu-live-system-seed.binary  | 16 +++++----
 .../hooks/040-hyperv-desktop-images.binary    |  2 +-
 .../ubuntu-classic-amd64-dangerous.model      | 36 +++++++++----------
 7 files changed, 73 insertions(+), 30 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 181e2a1c..b8ef3f9e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+livecd-rootfs (25.10.21) UNRELEASED; urgency=medium
+
+  * Fix daily-dangerous builds:
+    - Copy hooks.
+    - Mangle the channel of seeded snaps to use the edge risk of whichever
+      track they are taken from.
+    - Update the dangerous model to reference tracks that actually exist.
+    - Include providers of content plugs when seeding snaps and creating
+      TPMFDE system.
+    - Do not attempt to build an UEFI boot image or hyperv desktop image for
+      this project/subproject combination.
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 15 Sep 2025 09:03:11 +1200
+
 livecd-rootfs (25.10.20) questing; urgency=medium
 
   * edubuntu: use dracut
diff --git a/live-build/auto/config b/live-build/auto/config
index b73dcee3..ce04b39a 100755
--- a/live-build/auto/config
+++ b/live-build/auto/config
@@ -52,6 +52,7 @@ mkdir -p config
 cp -af /usr/share/livecd-rootfs/live-build/functions config/functions
 cp -af /usr/share/livecd-rootfs/live-build/lb_*_layered config/
 cp -af /usr/share/livecd-rootfs/live-build/snap-seed-parse.py config/snap-seed-parse
+cp -af /usr/share/livecd-rootfs/live-build/snap-seed-missing-providers.py config/snap-seed-missing-providers
 cp -af /usr/share/livecd-rootfs/live-build/expand-task config/expand-task
 cp -af /usr/share/livecd-rootfs/live-build/squashfs-exclude-files config/
 
@@ -1520,7 +1521,7 @@ fi
 
 case $PROJECT:${SUBPROJECT:-} in
 	ubuntu-cpc:*|ubuntu-server:live|ubuntu:desktop-preinstalled| \
-		ubuntu-wsl:*|ubuntu-mini-iso:*|ubuntu:|ubuntu-oem:*| \
+		ubuntu-wsl:*|ubuntu-mini-iso:*|ubuntu:|ubuntu:dangerous|ubuntu-oem:*| \
 		ubuntustudio:*|edubuntu:*|ubuntu-budgie:*|ubuntucinnamon:*|xubuntu:*| \
 	        ubuntukylin:*|ubuntu-mate:*|ubuntu-core-installer:*|lubuntu:*)
 		# Ensure that most things e.g. includes.chroot are copied as is
diff --git a/live-build/functions b/live-build/functions
index cf693e2d..7d04ec7d 100644
--- a/live-build/functions
+++ b/live-build/functions
@@ -567,8 +567,8 @@ _snap_post_process() {
             # If the 'core' snap is not present, assume we are coreXX-only and
             # install the snapd snap.
             channel=stable
-            if [ $SUBPROJECT = "dangerous" ]; then
-                channel=$CHANNEL
+            if [ "$SUBPROJECT" = "dangerous" ]; then
+                channel=edge
             fi
             if [ ! -f ${snaps_dir}/core_[0-9]*.snap ]; then
                 _snap_preseed $CHROOT_ROOT snapd "$channel"
@@ -667,7 +667,12 @@ _snap_preseed() {
 		    fi
                 fi
 
-                _snap_preseed $CHROOT_ROOT $core_snap stable
+                local core_channel=stable
+                if [ "$SUBPROJECT" = "dangerous" ]; then
+                    core_channel=edge
+                fi
+
+                _snap_preseed $CHROOT_ROOT $core_snap $core_channel
             fi
             ;;
     esac
@@ -796,6 +801,14 @@ snap_preseed() {
         esac
     fi
 
+    if [ "$SUBPROJECT" = "dangerous" ]; then
+       # For the dangerous ISOs we want to include edge versions of all the
+       # snaps. Many snaps have a channel like "1/stable/ubuntu-X.Y" in the
+       # seed but the ubuntu-X.Y branches don't usually exist in the edge
+       # channel so strip that off as well.
+       CHANNEL=$(echo $CHANNEL | sed -e s/stable.*/edge/)
+    fi
+
     # At this point:
     # SNAP_NAME is just the snap name
     # SNAP is either $SNAP_NAME or $SNAP_NAME/classic for classic confined
@@ -854,6 +867,17 @@ snap_validate_seed() {
     fi
 
     if [ -e "${CHROOT_ROOT}/var/lib/snapd/seed/seed.yaml" ]; then
+        if [ "${SUBPROJECT}" = "dangerous" ]; then
+            # When we include a snap from edge instead of stable, it may have
+            # require different content provider snaps to be installed and it
+            # is not reasonable to have the seed contain this. So run this
+            # script which figures out which content provider snaps are
+            # missing and include them.
+            ./config/snap-seed-missing-providers "${CHROOT_ROOT}/var/lib/snapd/seed/" >> config/missing-providers
+            while read snap; do
+                _snap_preseed chroot "${snap}" edge
+            done < config/missing-providers
+        fi
         snap debug validate-seed "${CHROOT_ROOT}/var/lib/snapd/seed/seed.yaml"
         /usr/lib/snapd/snap-preseed --reset $(realpath "${CHROOT_ROOT}")
         /usr/lib/snapd/snap-preseed $(realpath "${CHROOT_ROOT}")
diff --git a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi-non-cloud.binary b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi-non-cloud.binary
index 09d767fe..2c35e13b 100755
--- a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi-non-cloud.binary
+++ b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi-non-cloud.binary
@@ -30,7 +30,7 @@ if [ "$ARCH" = "riscv64" ]; then
 fi
 
 case ${PROJECT:-}:${SUBPROJECT:-} in
-    ubuntu:)
+    ubuntu:|ubuntu:dangerous)
         echo "We don't create EFI images for Ubuntu Desktop."
         exit 0
         ;;
diff --git a/live-build/ubuntu/hooks/030-ubuntu-live-system-seed.binary b/live-build/ubuntu/hooks/030-ubuntu-live-system-seed.binary
index ead333ce..e233ce80 100644
--- a/live-build/ubuntu/hooks/030-ubuntu-live-system-seed.binary
+++ b/live-build/ubuntu/hooks/030-ubuntu-live-system-seed.binary
@@ -12,11 +12,6 @@ case ${PASS:-} in
         ;;
 esac
 
-if [ -n "${SUBPROJECT:-}" ]; then
-    echo "We don't run Ubuntu Desktop hooks for this project."
-    exit 0
-fi
-
 . config/binary
 . config/functions
 
@@ -38,9 +33,18 @@ fi
 # env SNAPPY_STORE_NO_CDN=1 snap known --remote model series=16 brand-id=canonical model=ubuntu-classic-2410-amd64 > config/classic-model.model
 model=/usr/share/livecd-rootfs/live-build/${PROJECT}/ubuntu-classic-amd64.model
 
+prepare_args=
+
 # for the dangerous subproject, we need the dangerous model!
 if [ $SUBPROJECT = "dangerous" ]; then
+    # As with the "classically" seeded snaps, snaps from the edge channel may
+    # require different content snaps to be installed, so they must be
+    # included in the system as well. We just use the same list as was
+    # computed in snap_validate_seed.
     model=/usr/share/livecd-rootfs/live-build/${PROJECT}/ubuntu-classic-amd64-dangerous.model
+    while read snap; do
+        prepare_args="$prepare_args --snap=${snap}=edge"
+    done < config/missing-providers
 fi
 
 channel=""
@@ -52,7 +56,7 @@ fi
 # snap versions regardless of phasing status
 
 env SNAPPY_STORE_NO_CDN=1 UBUNTU_STORE_COHORT_KEY="+" snap prepare-image \
-    --classic $model $channel chroot
+    --classic $model $channel ${prepare_args:+$prepare_args} chroot
 
 mv chroot/system-seed/systems/* chroot/system-seed/systems/enhanced-secureboot-desktop
 rsync -av chroot/system-seed/{systems,snaps} chroot/var/lib/snapd/seed
diff --git a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary
index b10536b9..347bec9b 100755
--- a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary
+++ b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary
@@ -3,7 +3,7 @@
 echo "Creating Hyper-V image with Desktop..."
 
 case ${SUBPROJECT:-} in
-    minimized|"")
+    minimized|dangerous|"")
         echo "We don't create minimized images for $0."
         exit 0
         ;;
diff --git a/live-build/ubuntu/ubuntu-classic-amd64-dangerous.model b/live-build/ubuntu/ubuntu-classic-amd64-dangerous.model
index 957e4609..b5453af6 100644
--- a/live-build/ubuntu/ubuntu-classic-amd64-dangerous.model
+++ b/live-build/ubuntu/ubuntu-classic-amd64-dangerous.model
@@ -40,55 +40,55 @@ snaps:
     name: bare
     type: base
   -
-    default-channel: 1/edge/ubuntu-25.10
+    default-channel: 1/edge
     id: EI0D1KHjP8XiwMZKqSjuh6W8zvcowUVP
     name: firmware-updater
     type: app
   -
-    default-channel: 1/edge/ubuntu-25.10
+    default-channel: 1/edge
     id: FppXWunWzuRT2NUT9CwoBPNJNZBYOCk0
     name: desktop-security-center
     type: app
   -
-    default-channel: 1/edge/ubuntu-25.10
+    default-channel: 1/edge
     id: aoc5lfC8aUd2VL8VpvynUJJhGXp5K6Dj
     name: prompting-client
     type: app
   -
-    default-channel: 2/edge/ubuntu-25.10
+    default-channel: 2/edge
     id: gjf3IPXoRiipCu9K0kVu52f0H56fIksg
     name: snap-store
     type: app
   -
-    default-channel: latest/edge/ubuntu-25.10
+    default-channel: latest/edge
     id: jZLfBRzf1cYlYysIjD2bwSzNtngY0qit
     name: gtk-common-themes
     type: app
   -
-    default-channel: latest/edge/ubuntu-25.10
+    default-channel: latest/edge
     id: 3wdHCAVyZEmYsCMFDE9qt92UV8rC8Wdk
     name: firefox
     type: app
   -
-    default-channel: latest/edge/ubuntu-25.10
+    default-channel: latest/edge
     id: lATO8HzwVvrAPrlZRAWpfyrJKlAJrZS3
     name: gnome-42-2204
     type: app
   -
-    default-channel: latest/edge/ubuntu-25.10
+    default-channel: latest/edge
     id: IrwRHakqtzhFRHJOOPxKVPU0Kk7Erhcu
     name: snapd-desktop-integration
     type: app
 timestamp: 2025-05-01T12:00:00.0Z
 sign-key-sha3-384: 9tydnLa6MTJ-jaQTFUXEwHl1yRx7ZS4K5cyFDhYDcPzhS7uyEkDxdUjg9g08BtNn
 
-AcLBXAQAAQoABgUCaKKyiQAKCRDgT5vottzAEt+LD/9GTgoaYQg0qYohdnYYQkiWJbtNcZgLRpUf
-gPswZsBzmDLbH0XyLWB9h32gDyZ6Gdt3c9uK2hqCaNTaLJyf5eGs/7zjs9lVmEf3MNSr9FGx6Vek
-i+NPeOEjrmwjMXzi9FnTDTJzW0cMzCEzYiTHWRF8K5WCVumuzMMUCihZbuHvZCjXoIJ+RrSBMvbE
-udzmJ0NIEgCGA+r32kEkcauNTrMwXdosdTYhrKy/dcy6SrACaZzvQAwPYXy3UJEDmz6qQQ/94G9s
-5P/bqrOZVoL22H9a/6WnEulHyCNAVlotpbY3Dij1yHp5KEiFCuREP/MauLdONCY+snimwxpItm7L
-B4D92BTkhe9noiyRbSU3fLrMJGY//PKCxkQMVyvkx/aUnyqeySRCP6U7U6t09P2/WzmJULT+a+9N
-pgXrXt3k69zqI0U74R3+JwiU/VrZq6cssdwx8unKYtoOT5O3G0b7q50Lv2RyNHQSjrlSU397HKkQ
-Gnnb/w4caV+O/cKlDlXNXijZI/kxfP+tKqRHMSRLmV3I8W+/nh6YE4/NMiXVicej3tTaPtWlBI+9
-hj0Chtlk+wWD+9MjC1suJh4XLHAXbYJczSFdb3qcQq7f64v70sNoLzW4ekGUlSpbazNaX7P+Liov
-VBGXSpziQJuF4y/BSU8tCweJExhkibFEBar5SCKbvw==
+AcLBXAQAAQoABgUCaL9OoAAKCRDgT5vottzAEnYyD/9CfnhmFu+aiOSDMf14Ws6xgxlwJ24wKbR9
+DHLlO5LO47pgA46Yt3NO8ev8ZAvnMZmypiNnDE9o0m2cPpdEsg5nFZ4y8DTjedj7J2islGbFKrZk
+o7oejqGYWtwHGV4D5RAEgBAwlo/dOkKkG/7rMivqXuCd/L7vlVNnULt+nOZimh/QSZxxMY0WpPeg
++8wXWV4IOlqyJR/DseY86/COvP05cj+YosBHjdP8y6r5CKXi7RLBeG03n6SIJy+d4gxytfYdUE0F
+gubBkFJDVwHkIyyFfZHtSaMc/hgOrTG3XOHfSdHya4aEGFBa7VcfsGnIZrvrvVBOTgyW/SPY+w6T
+ffFXRf0bMF60H31LYyDvva783hMhpY3mDWl4w31aMF7Om9ZeF7p52Yc6w2Es4tkwJnyXX9TD4cts
++0HxKupORpZe5WvJasLZKq6SQaeF19XCjW8YVgNCMVP9O/nBCdu4uDlu0Gmo9PMEPU2LHBXYsXyw
+hfGew+ORbaEj9iBQwFNMUXKgOhNa9KubYLo4GgjpN4HY5BXqw0f9hPHlsWg28QxC0BqyK3B8Ujhv
+NGZTTg9OJ2h/EVJXwrOaYv0S/3xRyy/1tNHvKchL6x3mjLOVt/EwkkkW8WmxxUHV1LFTvKxEs+jC
+j1Z5SNRDTMAoW0IQpt81dhLqHqSQ8blNiDU3w0ZQqA==