Skip to content

import-debian-package issues during package import

Description

import-debian-package is an independent and self-contained tool, that can simplify the process of importing a Deb type package and pushing it into the Apertis Ecosystem.

Below is a real run of the tool, while importing a bunch of package for Apertis.

rrs@priyasi:~/.../apertis-infrastructure (main)$ import-debian-package --package conmon --upstream bullseye --downstreams apertis/v2023:apertis/v2022 --component target --gitlab-server-url https://gitlab.apertis.org/ --gitlab-api-token XXXXXXXXX --push-remote --reason "Fresh import for task T9696"
/home/rrs/bin/import-debian-package:267: DeprecationWarning: pathlib.Path.__enter__() is deprecated and scheduled for removal in Python 3.13; Path objects as a context manager is a no-op
  with Path(".git/info/attributes") as f:
dget: retrieving https://deb.debian.org/debian/pool/main/c/conmon/conmon_2.0.25+ds1-1.1.dsc
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2129  100  2129    0     0   7222      0 --:--:-- --:--:-- --:--:--  7216
dget: retrieving https://deb.debian.org/debian/pool/main/c/conmon/conmon_2.0.25+ds1.orig.tar.xz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 53504  100 53504    0     0   137k      0 --:--:-- --:--:-- --:--:--  138k
dget: retrieving https://deb.debian.org/debian/pool/main/c/conmon/conmon_2.0.25+ds1-1.1.debian.tar.xz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  4188  100  4188    0     0  13757      0 --:--:-- --:--:-- --:--:-- 13776
I: Version '2.0.25+ds1-1.1' imported under '/home/rrs/rrs-home/devel/Collabora/Apertis/apertis-infrastructure/conmon'
I: Adding Apertis delta
/home/rrs/bin/import-debian-package:211: DeprecationWarning: pathlib.Path.__enter__() is deprecated and scheduled for removal in Python 3.13; Path objects as a context manager is a no-op
  with Path('debian/apertis/component') as f:
I: Storing the original tarballs
I: Adding the new version to the changelog
/home/rrs/bin/import-debian-package:169: DeprecationWarning: pathlib.Path.__enter__() is deprecated and scheduled for removal in Python 3.13; Path objects as a context manager is a no-op
  with Path("debian/changelog") as f:
I: Creating additional branches
I: Creating new remote repository
I: Pushing remote branches and tags
I: Applying Gitlab rules
Failed to run /usr/bin/gitlab-rulez --gitlab-instance apertis --gitlab-server-url https://gitlab.apertis.org/ --gitlab-api-token XXXXXXXXX apply /tmp/tmplxjljyby/gitlab-scripts/rulez.yaml --filter pkg/conmon:

The above is caused by:

def apply_gitlab_rulez(gitlab_instance, gitlab_server_url, gitlab_api_token, package):
    with TemporaryDirectory() as infrastructuredir:
        git.clone(APERTIS_INFRASTRUCTURE_REPO, infrastructuredir)
        args = []
        if gitlab_instance:
            args += ['--gitlab-instance', gitlab_instance]
        if gitlab_server_url:
            args += ['--gitlab-server-url', gitlab_server_url]
        if gitlab_api_token:
            args += ['--gitlab-api-token', gitlab_api_token]
        args += ['apply', f'{infrastructuredir}/gitlab-scripts/rulez.yaml', '--filter', f'{APERTIS_GITLAB_GROUP}/{package}']
        gitlab_rulez(args)

where tempfile.TemporaryDirectory is mapped to infrastructuredir and then further makes the assumption that the f'{infrastructuredir}/gitlab-scripts/rulez.yaml' file is available.

As an independent tool, import-debian-pacakge, which is shipped as part of a real package apertis-dev-tools, the rulez.yaml should be fed explicitly.

Or much better, to not rely on the rulez.yaml shipped in the apertis-infrastructure repository because that file in the repository tracks the current development version, which currently is at #v2024dev2. While, for my use case that uncovered this bug, I was importing packages for #v2023 and #v2022. As such, setting the default branch to apertis/v2023 would not be the right thing to do.

Essentially, for this tool, what we'd want is a very minimalist rulez.yaml, preferably embedded in this tool itself. Something like the below or much lesser:

rules:
  - description: Set default settings
    matches:
      - apertis/*
      - appfw/*
      - docs/*
      - hmi/*
      - infrastructure/*
      - sample-applications/*
      - tests/*
      - pkg/*
    settings:
      remove_source_branch_after_merge: true
      merge_method: ff
      only_allow_merge_if_all_discussions_are_resolved: true
      shared_runners_enabled: yes

  - description: Set defaults for CI enabled projects
    matches:
      - docs/*
      - infrastructure/*
      - pkg/*
      - tests/*
    settings:
      builds_access_level: enabled
      only_allow_merge_if_pipeline_succeeds: true
      shared_runners_enabled: yes
 - description: Set versioned branches
    matches:
      - apertis/*
      - appfw/*
      - docs/*
      - hmi/*
      - infrastructure/*
      - sample-applications/*
      - tests/apertis-test-cases
      - tests/apertis-test-cases-web
      - tests/common
      - tests/helper-tools
    protected_branches:
      - name: 18.*
        merge_access_level: DEVELOPER_ACCESS
        push_access_level: NO_ACCESS
      - name: apertis/*
        merge_access_level: DEVELOPER_ACCESS
        push_access_level: NO_ACCESS
 - description: Set deployment branches
    matches: *deployable_repositories
    protected_branches:
      - name: apertis/*
        merge_access_level: DEVELOPER_ACCESS
        push_access_level: NO_ACCESS
    default_branch: apertis/production

  - description: Protect packaging branches
    matches:
      - pkg/*
    protected_branches:
      - name: apertis/*
        merge_access_level: DEVELOPER_ACCESS
        push_access_level: NO_ACCESS
      - name: debian/*
        merge_access_level: DEVELOPER_ACCESS
        push_access_level: MAINTAINER_ACCESS # can't be NO_ACCESS as the CI pipeline needs to push directly
      - name: upstream/*
        merge_access_level: DEVELOPER_ACCESS
        push_access_level: MAINTAINER_ACCESS # can't be NO_ACCESS as the CI pipeline needs to push directly
      - name: pristine-lfs
        merge_access_level: DEVELOPER_ACCESS
        push_access_level: MAINTAINER_ACCESS # can't be NO_ACCESS as the CI pipeline needs to push directly

  - description: Set up packaging CI
    matches:
      - pkg/*
    settings:
      ci_config_path: ci-package-builder.yml@infrastructure/ci-package-builder
      lfs_enabled: yes
      visibility: public
      operations_access_level: enabled
      build_access_level: disabled
      merge_requests_enabled: true

Management data

This section is for management only, it should be the last one in the description.

Phabricator link: https://phabricator.apertis.org/T9871