ACK: [UNSTABLE][PATCH 0/2] Switch to 3.0 dpkg source format with verified orig tarball

[Emil Renner Berthing]

Dimitri John Ledkov wrote:
> This is a subset of changes proposed by Masahiro during the hackathon,
> and implemented slightly differently as a smaller change.
>
> This updates -rc kernel releases to 3.0 native format (no orig
> tarball), and released kernel versions to 3.0 quilt format (with orig
> tarball) and many options to ensure this new format works with our
> existing workflows. Specifically, git delta is automatically generated
> into a single patch added to the quilt series.
>
> Immediate benefit to the kernel team is much smaller source tarballs
> and thus amount of data to dput, as xz compression is used.
>
> Separately for end-users unpacking source tarball, it is obvious what
> the delta to the source tree is. Also it makes it trivial to add any
> git format-patch to debian/patches/ and rebuild the kernel, just like
> any other Ubuntu source package.
>
> The addition of the watch file and upstream signing key, allows one to
> retrieve upstream published source tarball, and verify its
> authenticity. This should work for any of our kernels irrespective
> where and how they are published.
>
>     $ uscan --download-current-version
>     uscan: Newest version of linux on remote site is 6.7.0, specified download version is 6.7.0
>     gpgv: Signature made Mon Jan  8 05:47:49 2024 GMT
>     gpgv:                using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
>     gpgv: Good signature from "Greg Kroah-Hartman <gregkh at linuxfoundation.org>"
>     gpgv:                 aka "Greg Kroah-Hartman <gregkh at kernel.org>"
>     gpgv:                 aka "Greg Kroah-Hartman (Linux kernel stable release signing key) <greg at kroah.com>"
>     Successfully symlinked ../linux-6.7.tar.xz to ../linux_6.7.0.orig.tar.xz.
>
> You can see unstable (6.8 rc) "3.0 (native)" and released (6.7) "3.0
> (quilt)" source package builds in this ppa (note slightly earlier
> version of this patch, and the tree was not clean in those builds):
>
> https://launchpad.net/~yolo4k/+archive/ubuntu/format-3
>
> One can fetch the .dsc directly with:
>
>     dget https://ppa.launchpadcontent.net/yolo4k/format-3/ubuntu/pool/main/l/linux/linux_6.7.0-3.3.dsc
>     dget https://ppa.launchpadcontent.net/yolo4k/format-3/ubuntu/pool/main/l/linux-unstable/linux-unstable_6.8.0-5.5.dsc
>
> orig tarball goes down in size from 215MB to 135MB, and diff.gz goes
> down from 3.9MB to 2.2MB.
>
> Once this is applied consistently to all our kernels we can start work
> on further improvements - for example moving debian.* directories to
> be subdirs of debian/, reducing our reconstruct script (if not
> eliminating it), and allowing additional tarball components for any
> other additional source code we may ever need, etc. Some of which was
> already previously proposed by the Masahiro patchset.
>
> Dimitri John Ledkov (2):
>   UBUNTU: [Packaging] Switch to 3.0 dpkg source formats
>   UBUNTU: [Packaging] add uscan watch file with GPG verification

I only found a few typos otherwise this looks good to me:

Acked-by: Emil Renner Berthing <emil.renner.berthing at canonical.com>

>
>  debian/rules.d/1-maintainer.mk  |  2 +
>  debian/source/format            |  2 +-
>  debian/source/local-options     | 12 +++++
>  debian/upstream/signing-key.asc | 78 +++++++++++++++++++++++++++++++++
>  debian/watch                    |  3 ++
>  5 files changed, 96 insertions(+), 1 deletion(-)
>  create mode 100644 debian/.gitignore
>  create mode 100644 debian/source/local-options
>  create mode 100644 debian/upstream/signing-key.asc
>  create mode 100644 debian/watch
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team