Feature #13656

Upgrade bitcoind on bitcoin.lizard

Added by groente 2017-08-19 14:33:20 . Updated 2018-10-01 13:29:38 .

Status:
Resolved
Priority:
Elevated
Assignee:
Category:
Infrastructure
Target version:
Tails_3.9.1
Start date:
2017-08-19
Due date:
% Done:

100%

Feature Branch:
Type of work:
Sysadmin
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Bitcoind from sid requires libstdc++6 > 7.0, which is not available in stretch. It would make sense to completely upgrade to buster, given how essential this library is.

Subtasks

Related issues

Related to Tails - Bug #14928: Warn about the SegWit2x hard fork on our donate page Rejected 2017-11-07
Blocks Tails - Feature #13242: Core work: Sysadmin (Maintain our already existing services) Confirmed 2017-06-29

History

#1 Updated by intrigeri 2017-08-19 15:39:12

I guess the next step is to check what’s cheaper between:

  1. running Debian testing on this system, which implies 1. making all our Puppet stuff support Buster (it’s on my plate for 2018-2019 but we’re not quite there yet; ); 2. dealing with the fact that testing has no security support, i.e. monitor & cherry-pick important security updates continuously;
  2. maintaining a (custom, unofficial) backport of bitcoind, which implies to monitor new uploads to sid (e.g. we could subscribe to some RSS feed on tracker.d.o or similar) and rebuild + upload when needed.

I suspect the latter is much more realistic.

#2 Updated by intrigeri 2017-09-01 12:47:00

  • Status changed from New to Confirmed

#3 Updated by intrigeri 2017-09-04 17:33:23

  • Subject changed from Upgrade bitcoin to buster to Upgrade bitcoind on bitcoin.lizard
  • QA Check deleted (Info Needed)

In 2017 bitcoind was upload twice (so far) to sid. In 2016 it was uploaded 4 times. So the custom, unofficial backport indeed seems much cheaper than the “Upgrade to Buster” option => retitling accordingly.

Next step is to verify that the package builds fine in a clean Stretch chroot, and then create a dedicated APT suite, upload there, and configure bitcoin.lizard to pull the package from there.

(Bonus points if we move most of the corresponding code from the private manifests to a tails::bitcoin class, in passing: except a few local class parameters that should be passed via Hiera, and a couple resources that are really tied to lizard’s setup, I don’t see anything that’s worth keeping hidden in that node definition.)

#4 Updated by intrigeri 2017-09-04 17:59:40

  • Status changed from Confirmed to In Progress
  • Assignee changed from bertagaz to groente
  • % Done changed from 0 to 10

intrigeri wrote:
> Next step is to verify that the package builds fine in a clean Stretch chroot,

0.14.2~dfsg-1~exp2 does. Technically this is on groente’s plate (he was on duty when the breakage started). groente currently lacks upload rights to our custom APT repo, but with sysadmin credentials he could bypass this limitation.

groente, how at ease are you with building Debian packages cleanly for a given distro (using pbuilder, sbuild, you name it)? If that’s not something you’re used to doing, please reassign to your mentor during the week 33 shift i.e. bertagaz: you’ll have to learn these skills at some point, but let’s not block on it right now :)

#5 Updated by groente 2017-09-07 13:37:42

  • blocks Feature #13233: Core work 2017Q3: Sysadmin (Maintain our already existing services) added

#6 Updated by intrigeri 2017-09-14 17:33:41

The last upload to sid saved the day! bitcoind is now up-to-date. However, this is only by pure luck thanks to that temporary workaround:

bitcoin (0.15.0~~rc2~dfsg-1~exp2) experimental; urgency=medium

  * Temporarily use gcc-6 and g++-6 to avoid FTBFS on mips64el (see
    bug#871514).
    Build-depend on gcc-6 g++-6.

 -- Jonas Smedegaard <dr@jones.dk>  Thu, 24 Aug 2017 10:37:05 +0200

So the problem will come back, and probably soon since the bug this change workarounds has been fixed in sid a week or so ago (it affected packages of mine) => feel free to reschedule the fix to “whenever it’s needed”, but 1. let’s keep this ticket open; 2. it’s never too early to learn how to build backports in a proper way :)

#7 Updated by anonym 2017-09-28 18:29:41

  • Target version changed from Tails_3.2 to Tails_3.3

#8 Updated by intrigeri 2017-10-01 10:01:03

  • blocks Feature #13242: Core work: Sysadmin (Maintain our already existing services) added

#9 Updated by intrigeri 2017-10-01 10:01:06

  • blocked by deleted (Feature #13233: Core work 2017Q3: Sysadmin (Maintain our already existing services))

#10 Updated by intrigeri 2017-11-07 14:20:01

  • related to Bug #14928: Warn about the SegWit2x hard fork on our donate page added

#11 Updated by anonym 2017-11-15 11:30:55

  • Target version changed from Tails_3.3 to Tails_3.5

#12 Updated by intrigeri 2017-11-19 09:15:22

  • Assignee changed from groente to bertagaz

intrigeri wrote:
> groente, how at ease are you with building Debian packages cleanly for a given distro (using pbuilder, sbuild, you name it)? If that’s not something you’re used to doing, please reassign to your mentor during the week 33 shift i.e. bertagaz: you’ll have to learn these skills at some point, but let’s not block on it right now :)

2.5 months after asking this, and 2 weeks after our monitoring system told us that the package can’t be upgraded, I’ll go ahead and reassign as suggested. What I believe is the best plan is documented in Feature #13656#note-3.

#13 Updated by intrigeri 2017-12-10 16:20:46

  • blocks #15040 added

#14 Updated by intrigeri 2017-12-10 16:21:12

  • Priority changed from Elevated to High

(blocks a high prio ticket)

#15 Updated by bertagaz 2017-12-20 15:06:41

  • Assignee changed from bertagaz to intrigeri
  • % Done changed from 10 to 60
  • QA Check set to Ready for QA

intrigeri wrote:
> 2.5 months after asking this, and 2 weeks after our monitoring system told us that the package can’t be upgraded, I’ll go ahead and reassign as suggested. What I believe is the best plan is documented in Feature #13656#note-3.

Uploaded a backport for Stretch and installed with commit puppet-tails:3656bb3 and follower. I’ve hosted the bitcoin repo for the Debian package on https://git-tails.immerda.ch.

#16 Updated by intrigeri 2017-12-22 06:51:18

  • Assignee changed from intrigeri to bertagaz
  • Priority changed from High to Elevated
  • QA Check changed from Ready for QA to Dev Needed

Puppet code changes LGTM and it fixes the immediate problem we had so downgrading priority. But the future maintenance aspect seems to have been slightly overlooked:

  • How will we monitor new uploads to sid? See Feature #13656#note-1.
  • Please document the new Vcs-Git repo (I would put it in the description of our bitcoin service on our website) so the next person who prepares this backport does not have to guess.
  • There’s a problem with version numbers: 0.15.1~dfsg-1tails1 >> 0.15.1~dfsg-1 so assuming Buster was released today with 0.15.1~dfsg-1, we would keep running our own Stretch backport instead of upgrading to the version in Buster. Don’t bother rebuilding/replacing the package you’ve already uploaded and installed but please find some way to avoid such mistakes next times we prepare an updated custom backport (whatever works, possibly documentation?).

#17 Updated by intrigeri 2017-12-22 07:33:48

  • blocked by deleted (#15040)

#18 Updated by anonym 2018-01-23 19:52:47

  • Target version changed from Tails_3.5 to Tails_3.6

#19 Updated by bertagaz 2018-03-14 11:32:15

  • Target version changed from Tails_3.6 to Tails_3.7

#20 Updated by bertagaz 2018-05-10 11:09:21

  • Target version changed from Tails_3.7 to Tails_3.8

#21 Updated by intrigeri 2018-06-26 16:27:57

  • Target version changed from Tails_3.8 to Tails_3.9

#22 Updated by intrigeri 2018-09-05 16:26:55

  • Target version changed from Tails_3.9 to Tails_3.10.1

#23 Updated by bertagaz 2018-09-06 14:31:52

  • % Done changed from 60 to 70

intrigeri wrote:
> Puppet code changes LGTM and it fixes the immediate problem we had so downgrading priority. But the future maintenance aspect seems to have been slightly overlooked:
>
> * How will we monitor new uploads to sid? See Feature #13656#note-1.

I’ve subscribed tails-sysadmins@ to the Debian PTS to get notifications on new source uploads.

> * Please document the new Vcs-Git repo (I would put it in the description of our bitcoin service on our website) so the next person who prepares this backport does not have to guess.

Done.

> * There’s a problem with version numbers: 0.15.1~dfsg-1tails1 >> 0.15.1~dfsg-1 so assuming Buster was released today with 0.15.1~dfsg-1, we would keep running our own Stretch backport instead of upgrading to the version in Buster. Don’t bother rebuilding/replacing the package you’ve already uploaded and installed but please find some way to avoid such mistakes next times we prepare an updated custom backport (whatever works, possibly documentation?).

There’s been a new upload a few days ago that went into Buster. I’ll backport it next week, with a correct version number.

#24 Updated by bertagaz 2018-09-11 13:43:25

  • Assignee changed from bertagaz to intrigeri
  • QA Check changed from Dev Needed to Ready for QA

bertagaz wrote:
> There’s been a new upload a few days ago that went into Buster. I’ll backport it next week, with a correct version number.

Built, uploaded and installed the new backported bitcoind (with a better versioning), so I think all left overs here have been tackled.

#25 Updated by intrigeri 2018-09-11 14:00:20

  • Status changed from In Progress to Resolved
  • Assignee deleted (intrigeri)
  • % Done changed from 70 to 100
  • QA Check changed from Ready for QA to Pass

#26 Updated by intrigeri 2018-10-01 13:29:38

  • Target version changed from Tails_3.10.1 to Tails_3.9.1