Re: Auto-update for sid? Auto-backport?
Steffen Möller writes ("Re: Auto-update for sid? Auto-backport?"):
> On 18.11.17 01:12, Jeremy Bicha wrote:
> But you are right, an external service is a safe bet as a first start that
> we do not need to vote about - nor would I need to ask ;) However,
> any such automation is something, if brought closer to Debian, that
> has the potential to change us quite a bit. I felt that more than one
> individual should be involved and at least should I myself be the
> one to set it up, I would want (most of) you (all) to want it.
Personally, I think this general direction has so much potential that
it might even become so good that I would use it for packages for
which I am myself the upstream.
For now, though, the right next step is to probably have a general
purpose automatic thing running on DSA infrastructure, with enough
compartmentalisation between different packages that it doesn't have
to trust them all.
As for automatically uploading to Debian: we already have the right
technical infrastructure in the core parts of the project. It's very
simple, conceptually: we make a trusted "approval" machine which:
verifies upstream signatures and source code operations, based on
information in the existing version of teh package in sid
automatically makes a signature on the source-only upload
using its own gpg key
And the upload goes through because
the auto-puller's gpg key is in the DM keyring
the auto-puller's service name and email address
is in the Uploaders for the package
the package has DM uploads enabled
Oh, I have one more wishlist item: pls make it use dgit for its
Ian Jackson <ijackson@xxxxxxxxxxxxxxxxxxxxxx> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.