search

buzzfeed / sso

sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
MIT License
3.07k stars 187 forks source link

sso: fixup for debian bullseye repo changes #324

Closed danbf closed 2 years ago

danbf commented 2 years ago

Problem

debian:stable-slim is broken by a repo change but debian:buster-slim works

https://www.mail-archive.com/search?l=debian-user@lists.debian.org&q=subject:%22what%27s+wrong+with+my+%5C%22%5C%2Fetc%5C%2Fapt%5C%2Fsources.list%5C%22%5C%3F+Updating+from+such+a+repository+can%27t+be+done+securely%2C+and+is+therefore+disabled+by+default%22&o=newest&f=1

Solution

5.1.3. Changed security archive layout For bullseye, the security suite is now named bullseye-security instead of codename/updates and users should adapt their APT source-list files accordingly when upgrading.

The security line in your APT configuration may look like:

deb https://deb.debian.org/debian-security bullseye-security main contrib If your APT configuration also involves pinning or APT::Default-Release, it is likely to require adjustments as the codename of the security archive no longer matches that of the regular archive. An example of a working APT::Default-Release line for bullseye looks like:

APT::Default-Release "/^bullseye(|-security|-updates)$/"; which takes advantage of the undocumented feature of APT that it supports regular expressions (inside /).

from: https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#upgrade-specific-issues

Notes

Please see http://go/pr-reviews in the engineering guide for tips on crafting a PR for review!

codecov[bot] commented 2 years ago

Codecov Report

Merging #324 (2b4047a) into main (a1b1b74) will increase coverage by 0.22%. The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##             main     #324      +/-   ##
==========================================
+ Coverage   62.73%   62.96%   +0.22%     
==========================================
  Files          58       58              
  Lines        4286     4760     +474     
==========================================
+ Hits         2689     2997     +308     
- Misses       1382     1546     +164     
- Partials      215      217       +2
Impacted Files Coverage Δ
internal/auth/providers/group_cache.go 57.14% <0.00%> (-11.28%) :arrow_down:
internal/auth/logging_handler.go 28.12% <0.00%> (-2.07%) :arrow_down:
internal/proxy/logging_handler.go 14.75% <0.00%> (-1.58%) :arrow_down:
internal/pkg/httpserver/httpserver.go 66.66% <0.00%> (-1.20%) :arrow_down:
internal/auth/providers/google.go 58.49% <0.00%> (-0.66%) :arrow_down:
internal/auth/error.go 72.22% <0.00%> (-0.51%) :arrow_down:
internal/auth/mux.go 74.54% <0.00%> (-0.46%) :arrow_down:
internal/proxy/templates.go 100.00% <0.00%> (ø)
internal/pkg/aead/mock_cipher.go 0.00% <0.00%> (ø)
internal/pkg/groups/mock_cache.go 0.00% <0.00%> (ø)
... and 46 more

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update a1b1b74...2b4047a. Read the comment docs.