From 79ee61d958cdea43aec9ce7e63cbe88254641472 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Fri, 10 Oct 2014 11:27:54 -0400
Subject: [PATCH] stable suite changes

* Avoid encoding the current stable suite in propellor's code,
  since that poses a difficult transition around the release,
  and can easily be wrong if an older version of propellor is used.
  Instead, the os property for a stable system includes the suite name
  to use, eg Stable "wheezy".
* stdSourcesList uses the stable suite name, to avoid unwanted
  immediate upgrades to the next stable release.
---
 config-joey.hs                                | 15 +++++----
 debian/changelog                              | 12 +++++++
 src/Propellor/Property/Apt.hs                 | 32 +++++++++++--------
 src/Propellor/Property/Obnam.hs               |  6 ++--
 .../Property/SiteSpecific/GitAnnexBuilder.hs  |  5 +--
 src/Propellor/Types/OS.hs                     | 11 +++----
 6 files changed, 51 insertions(+), 30 deletions(-)

diff --git a/config-joey.hs b/config-joey.hs
index ff09c2b..2e0a757 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -162,7 +162,7 @@ kite = standardSystemUnhardened "kite.kitenet.net" Unstable "amd64"
 		]
 
 diatom :: Host
-diatom = standardSystem "diatom.kitenet.net" Stable "amd64"
+diatom = standardSystem "diatom.kitenet.net" (Stable "wheezy") "amd64"
 	[ "Important stuff that needs not too much memory or CPU." ]
 	& ipv4 "107.170.31.195"
 
@@ -282,28 +282,28 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
 containers :: [Host]
 containers =
 	-- Simple web server, publishing the outside host's /var/www
-	[ standardContainer "webserver" Stable "amd64"
+	[ standardStableContainer "webserver"
 		& Docker.publish "80:80"
 		& Docker.volume "/var/www:/var/www"
 		& Apt.serviceInstalledRunning "apache2"
 
 	-- My own openid provider. Uses php, so containerized for security
 	-- and administrative sanity.
-	, standardContainer "openid-provider" Stable "amd64"
+	, standardStableContainer "openid-provider"
 		& alias "openid.kitenet.net"
 		& Docker.publish "8081:80"
 		& OpenId.providerFor ["joey", "liw"]
 			"openid.kitenet.net:8081"
 
 	-- Exhibit: kite's 90's website.
-	, standardContainer "ancient-kitenet" Stable "amd64"
+	, standardStableContainer "ancient-kitenet"
 		& alias "ancient.kitenet.net"
 		& Docker.publish "1994:80"
 		& Apt.serviceInstalledRunning "apache2"
 		& Git.cloned "root" "git://kitenet-net.branchable.com/" "/var/www"
 			(Just "remotes/origin/old-kitenet.net")
 	
-	, standardContainer "oldusenet-shellbox" Stable "amd64"
+	, standardStableContainer "oldusenet-shellbox"
 		& alias "shell.olduse.net"
 		& Docker.publish "4200:4200"
 		& JoeySites.oldUseNetShellBox
@@ -354,6 +354,9 @@ standardSystemUnhardened hn suite arch motd = host hn
 	& Apt.removed ["exim4", "exim4-daemon-light", "exim4-config", "exim4-base"]
 		`onChange` Apt.autoRemove
 
+standardStableContainer :: Docker.ContainerName -> Host
+standardStableContainer name = standardContainer name (Stable "wheezy") "amd64"
+
 -- This is my standard container setup, featuring automatic upgrades.
 standardContainer :: Docker.ContainerName -> DebianSuite -> Architecture -> Host
 standardContainer name suite arch = Docker.container name (dockerImage system)
@@ -370,7 +373,7 @@ standardContainer name suite arch = Docker.container name (dockerImage system)
 dockerImage :: System -> Docker.Image
 dockerImage (System (Debian Unstable) arch) = "joeyh/debian-unstable-" ++ arch
 dockerImage (System (Debian Testing) arch) = "joeyh/debian-unstable-" ++ arch
-dockerImage (System (Debian Stable) arch) = "joeyh/debian-stable-" ++ arch
+dockerImage (System (Debian (Stable _)) arch) = "joeyh/debian-stable-" ++ arch
 dockerImage _ = "debian-stable-official" -- does not currently exist!
 
 myDnsSecondary :: Property
diff --git a/debian/changelog b/debian/changelog
index cb83b12..1ce5440 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+propellor (0.9.0) UNRELEASED; urgency=medium
+
+  * Avoid encoding the current stable suite in propellor's code,
+    since that poses a difficult transition around the release,
+    and can easily be wrong if an older version of propellor is used.
+    Instead, the os property for a stable system includes the suite name
+    to use, eg Stable "wheezy".
+  * stdSourcesList uses the stable suite name, to avoid unwanted
+    immediate upgrades to the next stable release.
+
+ -- Joey Hess <joeyh@debian.org>  Fri, 10 Oct 2014 11:08:55 -0400
+
 propellor (0.8.3) unstable; urgency=medium
 
   * The Debian package now includes a single-revision git repository in
diff --git a/src/Propellor/Property/Apt.hs b/src/Propellor/Property/Apt.hs
index 7e02a33..d82eaed 100644
--- a/src/Propellor/Property/Apt.hs
+++ b/src/Propellor/Property/Apt.hs
@@ -20,14 +20,14 @@ type Section = String
 type SourcesGenerator = DebianSuite -> [Line]
 
 showSuite :: DebianSuite -> String
-showSuite Stable = "stable"
+showSuite (Stable s) = s
 showSuite Testing = "testing"
 showSuite Unstable = "unstable"
 showSuite Experimental = "experimental"
-showSuite (DebianRelease r) = r
 
-backportSuite :: String
-backportSuite = showSuite stableRelease ++ "-backports"
+backportSuite :: DebianSuite -> Maybe String
+backportSuite (Stable s) = Just (s ++ "-backports")
+backportSuite _ = Nothing
 
 debLine :: String -> Url -> [Section] -> Line
 debLine suite mirror sections = unwords $
@@ -42,12 +42,17 @@ stdSections :: [Section]
 stdSections = ["main", "contrib", "non-free"]
 
 binandsrc :: String -> SourcesGenerator
-binandsrc url suite
-	| isStable suite = [l, srcLine l, bl, srcLine bl]
-	| otherwise = [l, srcLine l]
+binandsrc url suite = catMaybes
+	[ Just l
+	, Just $ srcLine l
+	, bl
+	, srcLine <$> bl
+	]
   where
 	l = debLine (showSuite suite) url stdSections
-	bl = debLine backportSuite url stdSections
+	bl = do
+		bs <- backportSuite suite
+		return $ debLine bs url stdSections
 
 debCdn :: SourcesGenerator
 debCdn = binandsrc "http://cdn.debian.net/debian"
@@ -128,13 +133,14 @@ installed' params ps = robustly $ check (isInstallable ps) go
 installedBackport :: [Package] -> Property
 installedBackport ps = trivial $ withOS desc $ \o -> case o of
 	Nothing -> error "cannot install backports; os not declared"
-	(Just (System (Debian suite) _))
-		| isStable suite -> 
-			ensureProperty $ runApt $ 
-				["install", "-t", backportSuite, "-y"] ++ ps
-	_ -> error $ "backports not supported on " ++ show o
+	(Just (System (Debian suite) _)) -> case backportSuite suite of
+		Nothing -> notsupported o
+		Just bs -> ensureProperty $ runApt $ 
+			["install", "-t", bs, "-y"] ++ ps
+	_ -> notsupported o
   where
 	desc = (unwords $ "apt installed backport":ps)
+	notsupported o = error $ "backports not supported on " ++ show o
 
 -- | Minimal install of package, without recommends.
 installedMin :: [Package] -> Property
diff --git a/src/Propellor/Property/Obnam.hs b/src/Propellor/Property/Obnam.hs
index b5c6d77..1e7c2c2 100644
--- a/src/Propellor/Property/Obnam.hs
+++ b/src/Propellor/Property/Obnam.hs
@@ -105,12 +105,12 @@ installed = Apt.installed ["obnam"]
 latestVersion :: Property
 latestVersion = withOS "obnam latest version" $ \o -> case o of
 	(Just (System (Debian suite) _)) | isStable suite -> ensureProperty $
-		Apt.setSourcesListD stablesources "obnam"
+		Apt.setSourcesListD (stablesources suite) "obnam"
 			`requires` toProp (Apt.trustsKey key)
 	_ -> noChange
   where
-	stablesources = 
-		[ "deb http://code.liw.fi/debian " ++ Apt.showSuite stableRelease ++ " main"
+	stablesources suite = 
+		[ "deb http://code.liw.fi/debian " ++ Apt.showSuite suite ++ " main"
 		]
 	-- gpg key used by the code.liw.fi repository.
 	key = Apt.AptKey "obnam" $ unlines
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 1d4ea4b..056578a 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -109,8 +109,8 @@ androidAutoBuilderContainer dockerImage crontimes timeout =
 -- Android is cross-built in a Debian i386 container, using the Android NDK.
 androidContainer :: (System -> Docker.Image) -> Docker.ContainerName -> Property -> FilePath -> Host
 androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.container name
-	(dockerImage $ System (Debian Stable) "i386")
-	& os (System (Debian Stable) "i386")
+	(dockerImage osver)
+	& os osver
 	& Apt.stdSourcesList
 	& Apt.installed ["systemd"]
 	& User.accountFor builduser
@@ -131,6 +131,7 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe
 	chrootsetup = scriptProperty
 		[ "cd " ++ gitannexdir ++ " && ./standalone/android/buildchroot-inchroot"
 		]
+	osver = System (Debian (Stable "wheezy")) "i386"
 
 -- armel builder has a companion container using amd64 that
 -- runs the build first to get TH splices. They need
diff --git a/src/Propellor/Types/OS.hs b/src/Propellor/Types/OS.hs
index 23cc8a2..2529e7d 100644
--- a/src/Propellor/Types/OS.hs
+++ b/src/Propellor/Types/OS.hs
@@ -13,15 +13,14 @@ data Distribution
 	| Ubuntu Release
 	deriving (Show, Eq)
 
-data DebianSuite = Experimental | Unstable | Testing | Stable | DebianRelease Release
+-- | Debian has several rolling suites, and a number of stable releases,
+-- such as Stable "wheezy".
+data DebianSuite = Experimental | Unstable | Testing | Stable Release
 	deriving (Show, Eq)
 
--- | The release that currently corresponds to stable.
-stableRelease :: DebianSuite
-stableRelease = DebianRelease "wheezy"
-
 isStable :: DebianSuite -> Bool
-isStable s = s == Stable || s == stableRelease
+isStable (Stable _) = True
+isStable _ = False
 
 type Release = String
 type Architecture = String