Adapt puppet modules to work into Ubuntu 16.04

RESOLVED FIXED

Status

Infrastructure & Operations
RelOps: Puppet
RESOLVED FIXED
8 months ago
5 months ago

People

(Reporter: dragrom, Assigned: dragrom)

Tracking

(Blocks: 1 bug)

Details

Attachments

(3 attachments, 3 obsolete attachments)

(Assignee)

Description

8 months ago
Added Ubuntu 16.04 capabilities in PuppetAgain
(Assignee)

Updated

8 months ago
Assignee: relops → dcrisan
(Assignee)

Comment 1

8 months ago
Created attachment 8844945 [details] [diff] [review]
puppetagain.patch
(Assignee)

Comment 2

8 months ago
Wed Mar 08 07:40:07 -0800 2017 /Stage[packagesetup]/Packages::Setup/Exec[apt-get-update] (err): Failed to call refresh: Command exceeded timeout
Wed Mar 08 07:40:07 -0800 2017 /Stage[packagesetup]/Packages::Setup/Exec[apt-get-update] (err): Command exceeded timeout

apt-get failed to run. I tried with wget and everything works fine.

I attached the patch that I applied on my environment
(Assignee)

Comment 3

8 months ago
I saw that apt expect to find some packages into repos/apt/custom repository :(. So, from what I understood, I'll need to move bash and other packages in to custom repository (why, because the packages are in Ubuntu-16.04). I cans skip this by moving realize(Packages::Aptrepo[package]) from Ubuntu case in to 12.04 and 14.04 case . I also tried to run apt-get update from the console, only with xenial and xenial-security sources.list files, but I received the Connection timed out error.
(In reply to Dragos Crisan [:dragrom] from comment #3)
> I saw that apt expect to find some packages into repos/apt/custom repository
> :(. So, from what I understood, I'll need to move bash and other packages in
> to custom repository (why, because the packages are in Ubuntu-16.04). I cans
> skip this by moving realize(Packages::Aptrepo[package]) from Ubuntu case in
> to 12.04 and 14.04 case .

Yes, any packages that are attempting to install from custom repos should be separated to a case switch for 16.04. In other words, we should make a best effort to install packages for 16.04 from the 'xenial' and 'xenial-security' repos.  Packages that are being installed from custom repos for 12.04/14.04 were either custom built because the stock package in the ubuntu repo didn't function the way we needed it to (such as missing features) or it may be a added to a custom repo because it was a security update.  As for 16.04, since we are starting fresh, we can safely assume that if a packages is being installed from a custom repo for 12.04/14.04, it probably safe to start out by using default package in the xenial/xenial-sec ubuntu repos.

So for any package you come across that is being install on 16.04, create a case switch and do not include the realized virtual repo (eg. realize(Packages::Aptrepo['eglibc'])).  Simply use the version that is from the xenial or xenial-security repos.

If we later discover that we need to use a custom package because the default package in the xenial/xenial-sec repos does not meet our needs, we can find (or build) a proper package and add a xenial dist that particular custom repo.

So for the time being use default packages and don't use custom repos

I also tried to run apt-get update from the
> console, only with xenial and xenial-security sources.list files, but I
> received the Connection timed out error.

It looks like apt-transport-https wasn't installed. I'll add this to be installed during the kickstart process.  to fix this, I changed the xenial repo to http instead of https and run 'apt-get update|apt-get install apt-transport-https'

Then I ran puppet against your env to undo my changes to /etc/apt/sources.list.d/xenial.list
Comment on attachment 8844945 [details] [diff] [review]
puppetagain.patch

Review of attachment 8844945 [details] [diff] [review]:
-----------------------------------------------------------------

You are on the right track with this! Just make some changes as suggested and resubmit. :-)

::: manifests/moco-nodes.pp
@@ +9,1 @@
>      $slave_trustlevel = 'try'

This node def is for the dead ix host.  Make sure your changes are being applied to the new vm test host instead.

@@ +9,5 @@
>      $slave_trustlevel = 'try'
>      $pin_puppet_server = "releng-puppet2.srv.releng.scl3.mozilla.com"
>      $pin_puppet_env = "dcrisan"
> +#    include toplevel::slave::releng::test::gpu
> +    include toplevel::base

This is perfect! But if you find toplevel::base has too many broken parts, you can also just include the modules declared in topelevel::base one at a time.  This might make it easier for you to fix smaller chunks rather than everything in one big lump.

It is totally up to you and you don't have to get a review to change node defs.  Instead of r=, you can write a=nodechange in the comment if it is only a node change.

You can also, make these changes local in your puppet env in order to quickly test them, especially since it is pinned.

::: modules/packages/manifests/bash.pp
@@ +47,1 @@
>                              ensure => '4.3-7ubuntu1.4';

Move the realize(Packages::Aptrepo['bash']) to both 12.04 and 14.04 case blocks.  16.04 case block doesn't need it because it's version should be the one provided by the default (xenial/xenial-security) repos.

@@ +49,5 @@
>                  }
> +                16.04: {
> +                    package {
> +                        "bash":
> +                            ensure => '4.3-14ubuntu1.1';

Make sure this version is what is provided from the ubuntu (xenial/xenial-security) repos

::: modules/packages/manifests/collectd.pp
@@ +18,4 @@
>  
>          Ubuntu: {
>              case $::operatingsystemrelease {
> +                12.04, 14.04, 16.04: {

16.04 should have it's own case and the version should be which ever is provided from the 'xenial/xenial-security' repos.

::: modules/packages/manifests/libc.pp
@@ +42,4 @@
>                              ensure => '2.19-0ubuntu6.7';
>                      }
>                  }
> +                16.04: {

You can probably not include the 16.04 case and let 'default' pass.  Usually, we would want to be explicit with the version and package being installed but libc6 is a core package and it is safe to assume it is installed.  If there ever comes a time when we need to upgrade it, we can add that 16.04 case in.

::: modules/packages/manifests/mozilla/git.pp
@@ +39,4 @@
>                          "git":
>                              ensure => '1:2.7.4-0ppa1~ubuntu14.04.1';
>                      } -> Anchor['packages::mozilla::git::end']
> +                16.04: {

Good use of a case here, but we can remove the 'realize(Packages::Aptrepo['git'])' and install the default version provided by the ubuntu mirrors (xenial/xenial-security).

Once again, if we find the stock git packages do not meet our needs, we can revisit this later and add custom packages to the custom repo.

::: modules/packages/manifests/openssl.pp
@@ +49,4 @@
>                              ensure => '1.0.1f-1ubuntu2.18';
>                      }
>                  }
> +                16.04: {

In this case, you should move the 'realize(Packages::Aptrepo['openssl'])' into each switch case expect for '16.06' since it should be using the default package provided by the ubuntu mirrors 'xenial/xenial-security'

@@ +51,5 @@
>                  }
> +                16.04: {
> +                    package {
> +                        ["openssl", "libssl1.0.0", "libssl-dev"]:
> +                            ensure => '1.0.2g-1ubuntu4.6';

Make sure this version is what ever is provided by the default repos.
Attachment #8844945 - Flags: review-
(Assignee)

Comment 6

8 months ago
Failed o fetch data from Ubuntu16 repository using https, I received the following error when run apt-get update:
"Data from such a repository can't be authenticated and is therefore potentially dangerous to use"

To unlock me, I changed from https to http, into  modules/packages/manifests/aptrepo.pp. I'll revert changes after we will fix the https access
Does running 'apt-key update' help?  If not, and the error message includes the missing pubkeys, try running 'apt-key adv --keyserver keyserver.ubuntu.com --recv-keys <KEY>' ?

Comment 8

8 months ago
:dragrom could you paste or attach the full `apt-get update` output?
(Assignee)

Comment 9

8 months ago
W: The repository 'https://puppetagain-apt.pvt.build.mozilla.org/repos/apt/Ubuntu-16.04 xenial Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://puppetagain-apt.pvt.build.mozilla.org/repos/apt/Ubuntu-16.04/dists/xenial/main/binary-amd64/Packages  
E: Some index files failed to download. They have been ignored, or old ones used instead.
(Assignee)

Comment 10

8 months ago
Created attachment 8845516 [details] [diff] [review]
puppetagain.patch
Attachment #8844945 - Attachment is obsolete: true
Attachment #8845516 - Flags: review?(jwatkins)
Comment on attachment 8845516 [details] [diff] [review]
puppetagain.patch

Review of attachment 8845516 [details] [diff] [review]:
-----------------------------------------------------------------

This patch is a conditional r+, meaning it is approved if the changes requested below are made before landing it. There is no need to re-submit for review unless you make changes outside of the conditional requests.

Conditions:
1. Remove the commented out node definition.  There should only be one.
2. Remove the vmware-install.pl lines change, open a new bug and describe why the change is needed and what it does in the new bug.

::: manifests/moco-nodes.pp
@@ +1016,5 @@
>      include toplevel::server::pushapkscriptworker
>  }
>  
>  ## Loaners
>  

You can just go ahead and remove this.  There is no need to have 2 node definitions for the same host even if one is commented out. This helps keep things neat and orderly.

::: modules/vmwaretools/manifests/install/exec.pp
@@ +48,5 @@
>        cwd     => $vmwaretools::working_dir,
>        command => "tar -xf ${vmwaretools::working_dir}/VMwareTools-${vmwaretools::version}.tar.gz",
>        notify  => Exec['install_vmwaretools'];
>      'install_vmwaretools':
> +      command => "${vmwaretools::working_dir}/vmware-tools-distrib/vmware-install.pl -d -f",

This doesn't have any context in the bug as to why this change is needed.  I would suggest you remove it from this patch, open a new bug and explain why this change is needed.
Attachment #8845516 - Flags: review?(jwatkins) → review+
(Assignee)

Comment 12

8 months ago
:dividehex. I found the mig-agent package in repos/apt/custom/mig-agent repository.... Is this a customized package? 
Another thing that I'll need to resolve on Monday is to determine the right fonts, in Ubuntu 16, for some languages.
Remained to fix the python execution and X11 execution, but I suspect that the error is related about mig-agent installation error.

Today I added capabilities for Ubuntu 16 into around 12 packages.

I attached for review a intermediate patch.
(Assignee)

Comment 13

8 months ago
Created attachment 8845913 [details] [diff] [review]
puppetagain.patch
Attachment #8845516 - Attachment is obsolete: true
Attachment #8845913 - Flags: review?
Comment on attachment 8845913 [details] [diff] [review]
puppetagain.patch

When submitting a patch for review, don't forget to assign the "Requestee" field otherwise it doesn't show up on my dashboard ;-)
Attachment #8845913 - Flags: review? → review?(jwatkins)
(In reply to Dragos Crisan [:dragrom] from comment #12)
> :dividehex. I found the mig-agent package in repos/apt/custom/mig-agent
> repository.... Is this a customized package? 

Yes, mig is a security tool developed within mozilla. http://mig.mozilla.org/

I've filed bug 1346303 to add 16.04 compatible mig-agent packages to the custom repo
Comment on attachment 8845913 [details] [diff] [review]
puppetagain.patch

Review of attachment 8845913 [details] [diff] [review]:
-----------------------------------------------------------------

I have a few general comments.  First, we should try to specify the package version as much as possible.  This helps prevent a package from accidentally being upgraded solely on adding a new package to a repo.  If someone later on needs to upgrade a package, they must change the version defined here in addition to adding the package to a repo.  That little extra effort prevents accidents.  It also makes it easier to see exactly what version the package is on a system, rather than having to go to the system and look it up.

Second, it is very important to add default case statements to switches. We want to be very explicit in our definitions.  This makes it a lot easier when setting up a new operating systems in the future because it will fail loudly rather than be silent and have you assume a package got installed when it didn't.  You never know, you might be the one setting up 18.04 years from now :-)

Last, I noticed you merged the last patch that I had already reviewed ( and gave r+ to) into this patch.  This makes it harder for the person reviewing your code, as they have to look past everything they have already reviewed to find the new code.  If I had given an r- then you would have just fixed what was asked and re-submited it for review.  Adding more scope to the patch makes it more difficult to review.

Also, small patches are better than big patches.  Small patches also make it easier to back out changes in smaller chunks when there are error or mistakes.

Otherwise, keep up the good work.  You have actually made a lot of progress!

::: manifests/moco-nodes.pp
@@ +2,5 @@
>  # License, v. 2.0. If a copy of the MPL was not distributed with this
>  # file, You can obtain one at http://mozilla.org/MPL/2.0/.
>  
>  ## testers
> +node "jwatkins-1330169.srv.releng.scl3.mozilla.com" {

Already reviewed

::: modules/packages/manifests/bash.pp
@@ +47,5 @@
>                          "bash":
>                              ensure => '4.3-7ubuntu1.4';
>                      }
>                  }
> +                16.04: {

Already reviewed.

::: modules/packages/manifests/bridge-utils.pp
@@ +15,5 @@
> +                    package {
> +                        "bridge-utils":
> +                            ensure => present;
> +                    }
> +                }

This $::operatingsystemrelease switch needs a default case with a fail() message

::: modules/packages/manifests/collectd.pp
@@ +31,5 @@
>                  }
> +                16.04: {
> +                    package {
> +                        ["collectd-core", "collectd", "libcollectdclient1", "collectd-utils"]:
> +                            ensure => present;

pin version

::: modules/packages/manifests/cpu-checker.pp
@@ +13,5 @@
> +                }
> +                16.04: {
> +                    package {
> +                        "cpu-checker":
> +                            ensure => present;

Pin version

::: modules/packages/manifests/fonts.pp
@@ +21,5 @@
> +                        "fonts-indic", "fonts-kanda", "fonts-dejavu",
> +                        "fonts-oriya", "fonts-punjabi", "fonts-arphic",
> +                        "fonts-paktype", "fonts-stix", "fonts-unfonts-core",
> +                        "fonts-unfonts-extra", "fonts-vlgothic", "fonts-sazanami-mincho"]:
> +                            ensure => latest;

Pin the version; don't use latest or present

@@ +23,5 @@
> +                        "fonts-paktype", "fonts-stix", "fonts-unfonts-core",
> +                        "fonts-unfonts-extra", "fonts-vlgothic", "fonts-sazanami-mincho"]:
> +                            ensure => latest;
> +                    }
> +                }

Also, needs a default case with fail() message

::: modules/packages/manifests/gstreamer.pp
@@ +20,5 @@
> +                      # In ubuntu 16.04, gstreamer0.10-ffmpeg was replaced with gstreamer1.0-libav
> +                        [ "gstreamer1.0-libav", "gstreamer1.0-plugins-base",
> +                          "gstreamer1.0-plugins-good", "gstreamer1.0-plugins-ugly",
> +                          "gstreamer1.0-plugins-bad"]:
> +                            ensure => latest;

Although, 'ensure => latest' is already defined for 12.04, it is bad practice to use 'latest' going forward with 16.04.  Please specify the version(s) for this new 16.04 case.  You do not need to change the 'latest' under 12.04.  Also, thank you for commenting on the package name change.  Comments are always encouraged for things like that.

@@ +22,5 @@
> +                          "gstreamer1.0-plugins-good", "gstreamer1.0-plugins-ugly",
> +                          "gstreamer1.0-plugins-bad"]:
> +                            ensure => latest;
> +                    }
> +                }

Needs default with fail msg.

::: modules/packages/manifests/ia32libs.pp
@@ +11,5 @@
> +                    case $::hardwaremodel {
> +                        "x86_64": {
> +                            package {
> +                                "ia32-libs":
> +                                    ensure => latest;

Use exact verions, not latest

@@ +20,5 @@
> +                16.04: {
> +                    # In ubuntu 16.04, ia32-libs was replaced with lib32z1 lib32ncurses5
> +                    # When I tried to install ia32-libs, I received the error:
> +                    # However the following packages replace it:
> +                    # lib32z1 lib32ncurses5

Excellent note here! Thanks

@@ +27,5 @@
> +                            package {
> +                                "lib32ncurses5":
> +                                    ensure => latest;
> +                            }
> +                        }

Needs default with fail() msg.

::: modules/packages/manifests/libc.pp
@@ +43,5 @@
>                      }
>                  }
>                  default: {
>                      # default version is fine
> +                    package {

Previously reviewed.

::: modules/packages/manifests/libxcb1.pp
@@ +14,5 @@
> +                }
> +                16.04: {
> +                    package {
> +                        "libxcb1":
> +                            ensure => latest;

pin version instead of latest.

@@ +16,5 @@
> +                    package {
> +                        "libxcb1":
> +                            ensure => latest;
> +                    }
> +                }

default/fail msg needed

::: modules/packages/manifests/mozilla/py27_mercurial.pp
@@ +57,5 @@
> +                    } -> Anchor['packages::mozilla::py27_mercurial::end']
> +
> +                    # Some things want to find hg in /usr/bin, so symlink
> +                    # but only if its not present from another package
> +                    file {

This is ok but it might be a little repetitive.  You could create a virtual resource at the bottom of this file and Realize the resource in both cases.

::: modules/packages/manifests/mozilla/python27.pp
@@ +83,5 @@
> +                        16.04: {
> +                            Anchor['packages::mozilla::python27::begin'] ->
> +                            package {
> +                                [ "python2.7", "python2.7-dev"]:
> +                                    ensure => present;

Pin version

@@ +86,5 @@
> +                                [ "python2.7", "python2.7-dev"]:
> +                                    ensure => present;
> +                            } -> Anchor['packages::mozilla::python27::end']
> +
> +                            # Create symlinks for compatibility with other platforms

Maybe this could be a virtual resource for both cases

::: modules/packages/manifests/nodejs.pp
@@ +35,5 @@
> +                        "/usr/bin/node":
> +                            ensure => link,
> +                            target => "/usr/bin/nodejs";
> +                    }
> +                }

Needs default/fail msg

::: modules/packages/manifests/puppet.pp
@@ +41,5 @@
> +                            ensure => "3.8.5-2";
> +                        ["facter"]:
> +                            ensure => "2.4.6-1";
> +                    }
> +                }

Needs default/fail msg

::: modules/packages/manifests/qemu-kvm.pp
@@ +13,5 @@
> +                }
> +                16.04: {
> +                    package {
> +                        "qemu-kvm":
> +                            ensure => latest;

Pin version instead of latest

@@ +15,5 @@
> +                    package {
> +                        "qemu-kvm":
> +                            ensure => latest;
> +                    }
> +                }

Needs default/fail msg

::: modules/packages/manifests/sox.pp
@@ +13,5 @@
> +                }
> +                16.04: {
> +                    package {
> +                        ["libsox-fmt-alsa", "libsox-fmt-base", "libsox2", "sox"]:
> +                            ensure => latest;

Pin version.

@@ +15,5 @@
> +                    package {
> +                        ["libsox-fmt-alsa", "libsox-fmt-base", "libsox2", "sox"]:
> +                            ensure => latest;
> +                    }
> +                }

Default fail/msg needed

::: modules/packages/manifests/unzip.pp
@@ +19,5 @@
> +                }
> +                16.04: {
> +                    package {
> +                        "unzip":
> +                            ensure => present;

Pin version

@@ +21,5 @@
> +                    package {
> +                        "unzip":
> +                            ensure => present;
> +                    }
> +                }

Default fail/msg needed

::: modules/packages/manifests/wget.pp
@@ +27,5 @@
> +                16.04: {
> +                    Anchor['packages::wget::begin'] ->
> +                    package {
> +                        "wget":
> +                            ensure => present;

pin version

@@ +30,5 @@
> +                        "wget":
> +                            ensure => present;
> +                    } -> Anchor['packages::wget::end']
> +                }
> +            }

default fail/msg needed
Attachment #8845913 - Flags: review?(jwatkins) → review-
(Assignee)

Comment 17

7 months ago
Created attachment 8846684 [details] [diff] [review]
puppetagain.patch

Applied all changes required by :dividehex. If this patch will be reviewed with r+ I'll land it and continue my work with little patches.
Attachment #8845913 - Attachment is obsolete: true
Attachment #8846684 - Flags: review?(jwatkins)
Attachment #8846684 - Flags: review?(dhouse)
(Assignee)

Comment 18

7 months ago
Today I fixed the fonts module. In Ubuntu 16, some fonts were renamed and I needed to made many changes in puppet code to add Ubuntu 16 capabilities. I added version for each fonts. Unfortunately, I cannot grouped the fonts, because each font has it's own package.

Comment 19

7 months ago
Comment on attachment 8846684 [details] [diff] [review]
puppetagain.patch

looks good. There are some alerts for the jwatkins-1330169 host to the puppet mailing list, but that looks unrelated to this configuration. So I'm giving this a +1
Attachment #8846684 - Flags: review?(dhouse) → review+
(Assignee)

Updated

7 months ago
Depends on: 1347129
(Assignee)

Comment 20

7 months ago
Comment on attachment 8846684 [details] [diff] [review]
puppetagain.patch

Pushed by :aselagea
https://hg.mozilla.org/build/puppet/rev/3fb7746a39e6
https://hg.mozilla.org/build/puppet/rev/39acbc10e945
Attachment #8846684 - Flags: checked-in+
(Assignee)

Updated

7 months ago
Attachment #8846684 - Flags: review?(jwatkins)
(Assignee)

Updated

7 months ago
Status: NEW → ASSIGNED
(Assignee)

Comment 21

7 months ago
Created attachment 8854451 [details] [diff] [review]
puppetagain_gstreamer_quemu.patch

Needed to change the packages version
Attachment #8854451 - Flags: review?(jwatkins)
(Assignee)

Comment 22

7 months ago
Created attachment 8854452 [details] [diff] [review]
puppetagain_pythonvirtualenv.patch

I applied this change manually to the server during investigation, and I forgot to implement it in puppet
Attachment #8854452 - Flags: review?(jwatkins)
(Assignee)

Comment 23

7 months ago
Regard the gstream patch. During the kickstart, I received the following errors: 

Tue Apr 04 05:11:17 -0700 2017 Puppet (err): Could not update: Execution of '/usr/bin/apt-get -q -y -o DPkg::Options::=--force-confold --force-yes install gstreamer1.0-plugins-bad=1.8.2-1ubuntu0.2' returned 100: Reading package lists...
Building dependency tree...
Reading state information...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 gstreamer1.0-plugins-bad : Depends: libgstreamer-plugins-bad1.0-0 (= 1.8.2-1ubuntu0.2) but 1.8.3-1ubuntu0.2 is to be installed
                            Depends: gstreamer1.0-plugins-bad-videoparsers (= 1.8.2-1ubuntu0.2) but 1.8.3-1ubuntu0.2 is to be installed
                            Depends: gstreamer1.0-plugins-bad-faad (= 1.8.2-1ubuntu0.2) but 1.8.3-1ubuntu0.2 is to be installed
E: Unable to correct problems, you have held broken packages.

Looks like the dependencies are newer that package requirement (found new packages in xenial-updates repository).In Ubuntu 12.04, we have set the ensure => latest. In ubuntu 16.04, I defined the version for each package. To fix this we have 2 options: 
- First, If we will need a specific version of a package, we will need to define the version for each dependencies packages.
- Second, we can use latest, like in Ubuntu 12.04, if we don't need a custom version. 

For the previous Version, we don't have the updates repository, so the chance to install the newest packages are low to 0.

The same approach for quemu-kvm:

Tue Apr 04 05:11:14 -0700 2017 /Stage[main]/Packages::Qemu-kvm/Package[qemu-kvm]/ensure (err): change from purged to 1:2.5+dfsg-5ubuntu10.6 failed: Could not update: Execution of '/usr/bin/apt-get -q -y -o DPkg::Options::=--force-confold --force-yes install qemu-kvm=1:2.5+dfsg-5ubuntu10.6' returned 100: Reading package lists...
Building dependency tree...
Reading state information...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 qemu-kvm : Depends: qemu-system-x86 (= 1:2.5+dfsg-5ubuntu10.6)
E: Unable to correct problems, you have held broken packages.
Flags: needinfo?(jwatkins)
Attachment #8854452 - Flags: review?(jwatkins) → review+
Attachment #8854451 - Flags: review?(jwatkins) → review+
(In reply to Dragos Crisan [:dragrom] from comment #23)

> Looks like the dependencies are newer that package requirement (found new
> packages in xenial-updates repository).In Ubuntu 12.04, we have set the
> ensure => latest. In ubuntu 16.04, I defined the version for each package.
> To fix this we have 2 options: 
> - First, If we will need a specific version of a package, we will need to
> define the version for each dependencies packages.
> - Second, we can use latest, like in Ubuntu 12.04, if we don't need a custom
> version. 
> 
> For the previous Version, we don't have the updates repository, so the
> chance to install the newest packages are low to 0.
> 

As you know, we prefer to be explicit with packages because having 'ensure => latest' can cause problems if a package is added or updated in a repo.  It also ensures there is a record of the version change in the vcs where a bug number and person can be tracked to the package change.  Now, that all being said, package dependencies can be hell and pinning may be even worse.  So setting 'ensure => latest' shouldn't be completely ruled out.

If you can get it to work with pinned packages and pinned dependencies, then let's do that.  But, if it is really too much trouble, just set 'ensure => latest' and move on. :-)
Flags: needinfo?(jwatkins)
(Assignee)

Comment 25

7 months ago
Comment on attachment 8854452 [details] [diff] [review]
puppetagain_pythonvirtualenv.patch

https://hg.mozilla.org/build/puppet/rev/d14e56129ea7
Attachment #8854452 - Flags: feedback+
(Assignee)

Comment 26

7 months ago
Comment on attachment 8854451 [details] [diff] [review]
puppetagain_gstreamer_quemu.patch

https://hg.mozilla.org/build/puppet/rev/5d8bd655c962
Attachment #8854451 - Flags: feedback+
(Assignee)

Updated

7 months ago
Attachment #8854451 - Flags: feedback+ → checked-in+
(Assignee)

Updated

7 months ago
Attachment #8854452 - Flags: feedback+ → checked-in+
(Assignee)

Updated

7 months ago
Status: ASSIGNED → RESOLVED
Last Resolved: 7 months ago
Resolution: --- → FIXED
Blocks: 1366828
You need to log in before you can comment on or make changes to this bug.