** Description changed: This is a new package for which Canonical is the upstream. The purpose is to create profiles of cryptography configuration that will be used across software in the distribution. I'd like to have it uploaded to universe. There is a pretty complete specification is at https://discourse.ubuntu.com/t/spec-crypto-config-a-framework-to-manage- crypto-related-configurations-system-wide/54265 - Since crypto-config implies a link with pretty much every software, the + Since crypto-config implies a link with many different packages, the system has been designed to avoid hard dependencies in order to ease integration and eliminate SPOFs. This means the upload is particularly low-risk. There is no Depends nor Recommends and the package isn't seeded. This should change in the future but only after it moves to main. - Some of the interesting use cases of crypto-config can only be properly achieved if the package is in Ubuntu. For instance, the system allows selecting the cryptography profile very early during setup, either through cloud-init, or container creation. Adding a PPA is an additional step that is a burden, and which is problematic when combined with cloud-init (see + Some of the interesting use cases of crypto-config can only be properly achieved if the package is in Ubuntu. For instance, the system allows selecting the cryptography profile very early during setup, either through cloud-init, or container creation. Adding a PPA is an additional step that is a burden, and which is problematic when combined with cloud-init (see https://github.com/canonical/cloud-init/issues/3218 ). Moreover, main and recommends/seeding are ultimately a target: universe is a step in that direction. Crypto-config uses a dpkg postinst trigger and as such could wreak havoc but: - 1- the shell script code is shellcheck clean - 2- the worst that should happen is that the system doesn't work, not that the system is nuked + 1- the shell script code is shellcheck-clean and even with every warning enabled, there is nothing important + 2- the worst that should happen is that the settings are not used, not that the system does not work or is nuked 3- I've started rewriting that in Rust - 4- let's face, it's not going to see world-wide usage during plucky + 4- let's face, this package is not going to see world-wide usage during plucky There is a PPA at https://launchpad.net/~adrien/+archive/ubuntu/crypto- config/+packages Sources are at https://github.com/canonical/crypto-config + I've set up debian/watch and published signed releases. I've checked + that uscan is happy. + Documentation should be rather good. There's a small catch-22 though because some examples and demos make more sense with a package that is in the archive rather than in a PPA and I'll expand these after the upload. - Lintian only reports no non-pedantic issue. I recently added a d/watch - file and it currently does not verify the signature but it should do - soon. + Lintian only reports pedantic issues. I recently added a d/watch file + and it currently does not verify the signature but it should do so soon. + + Piuparts also looks happy. I don't have automated tests at the moment sadly (in part due to the issue with cloud-init which complicates things somewhat). This is something I want to work on however and I am aware it is a requirement for inclusion in main. - I think the packaging looks good overall but forgive me if I've missed - something as there are so many different things to pay attention to with - new packages. + I think the packaging looks good overall but please forgive me if I've + missed something as there are so many different things to pay attention + to with new packages. :)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2098879 Title: crypto-config: please accept new package in universe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2098879/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
