Bug 899596

Summary:	dev-libs/openssl-3.0.9-r1: stablereq
Product:	Gentoo Linux	Reporter:	Volkmar W. Pogatzki <gentoo>
Component:	Stabilization	Assignee:	Gentoo's Team for Core System packages <base-system>
Status:	RESOLVED FIXED
Severity:	normal	CC:	bertrand, fordfrog, hydrapolic, joakim.tjernlund, pacho, srcshelton, steffen.weber
Priority:	Normal	Keywords:	CC-ARCHES, PullRequest
Version:	unspecified	Flags:	nattka: sanity-check+
Hardware:	All
OS:	Linux
See Also:	https://github.com/gentoo/gentoo/pull/31495 https://bugs.gentoo.org/show_bug.cgi?id=797325
Whiteboard:
Package list:	dev-libs/openssl-3.0.9-r1 sec-keys/openpgp-keys-openssl-20230207 dev-libs/openssl-compat-1.1.1u amd64 x86	Runtime testing required:	---
Bug Depends on:	907377
Bug Blocks:

Description Volkmar W. Pogatzki 2023-03-04 13:30:52 UTC

Please stabilize

Comment 1 NATTkA bot gentoo-dev

2023-03-04 13:32:17 UTC Comment hidden (obsolete)

Sanity check failed:

> dev-libs/openssl-3.0.8
>   bdepend hppa stable profile default/linux/hppa/17.0 (29 total)
>     >=sec-keys/openpgp-keys-openssl-20230207
>   bdepend ppc64 dev profile default/linux/ppc64/17.0/musl (2 total)
>     >=sec-keys/openpgp-keys-openssl-20230207

Comment 2 Sam James archtester

2023-03-05 11:35:27 UTC

Just so nobody gets scared by this: this is a placeholder and isn't happening for several months.

At the very least, Ruby 3.1 needs to become the default RUBY_TARGET before we can do that, which will be likely Juneish (I hope earlier, but being realistic).

This bug lets us gather other blockers like Ruby though in preparation, to ensure that when we do stable OpenSSL 3 eventually, we've stabled everything else first to fix breakage.

Note that we do have a hard deadline of September 2023 because OpenSSL 1.1.1* is EOL then.

Comment 3 NATTkA bot gentoo-dev

2023-03-11 16:52:21 UTC Comment hidden (obsolete)

Unable to check for sanity:

> no match for package: dev-libs/openssl-3.0.8

Comment 4 NATTkA bot gentoo-dev

2023-03-11 19:12:25 UTC Comment hidden (obsolete)

All sanity-check issues have been resolved

Comment 5 NATTkA bot gentoo-dev

2023-04-20 17:00:35 UTC Comment hidden (obsolete)

Unable to check for sanity:

> no match for package: dev-libs/openssl-3.0.8-r1

Comment 6 NATTkA bot gentoo-dev

2023-04-20 17:04:38 UTC Comment hidden (obsolete)

All sanity-check issues have been resolved

Comment 7 Sam James archtester

2023-06-01 01:39:23 UTC

Please make sure you file any bugs now (new bugs and set them to block bug 797325) if you've been putting off reporting a problem!

The current plan is to review the list of blockers in a week and then see if we're in a position to start stabilisation.

Comment 8 NATTkA bot gentoo-dev

2023-06-14 05:24:22 UTC Comment hidden (obsolete)

Unable to check for sanity:

> no match for package: dev-libs/openssl-3.0.8-r4

Comment 9 Sam James archtester

2023-06-14 06:14:59 UTC

Another update: https://bugs.gentoo.org/797673#c18.

Comment 10 Sam James archtester

2023-06-17 04:08:44 UTC

(In reply to Sam James from comment #9)
> Another update: https://bugs.gentoo.org/797673#c18.

I've opened the PR for the ruby switch (https://github.com/gentoo/gentoo/pull/31495) which should unleash rebuilds for a lot of people in ~arch, and then shortly after, we'll stable openssl-3.

Comment 11 Larry the Git Cow gentoo-dev

2023-06-17 14:44:01 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3b63f323c8873cb6b94b48d31740fc2641b55ddf

commit 3b63f323c8873cb6b94b48d31740fc2641b55ddf
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-06-17 04:02:56 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-06-17 14:43:46 +0000

    profiles/base: drop ruby30 from default RUBY_TARGETS
    
    ruby30 doesn't support OpenSSL 3 out of the box so flip over to ruby31.
    
    The tree is fortunately pretty ready for this already: https://github.com/gentoo/gentoo/pull/31392.
    
    Bug: https://bugs.gentoo.org/797325
    Bug: https://bugs.gentoo.org/797673
    Bug: https://bugs.gentoo.org/899596
    Signed-off-by: Sam James <sam@gentoo.org>

 profiles/base/make.defaults | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comment 12 Sam James archtester

2023-06-22 02:18:17 UTC

Discussed this on IRC a week or two ago but held off until the Ruby default changed again from "ruby30 ruby31" -> "ruby31". That was done about 5 days ago.

I don't think we're going to benefit any more from waiting for more bug reports from testing in ~arch (don't remember the last time we saw one for this) and upstream openssl are going around yelling about the EOL (even though 1.1.1x is still supported for now), so let's go ahead.

At this point, we really want to maximise the amount of time to know about problems w/ 3 before 1.1.1x is EOL in September, rather than stabling at the last possible moment. But to be clear, I don't expect any issues, it's just that it makes more sense to proceed now than delay further.

Comment 13 Sam James archtester

2023-06-22 02:49:08 UTC

amd64 done

Comment 14 Sam James archtester

2023-06-22 03:08:18 UTC

x86 done

Comment 15 NATTkA bot gentoo-dev

2023-06-22 06:12:22 UTC Comment hidden (obsolete)

Unable to check for sanity:

> no match for package: dev-libs/openssl-3.0.9

Comment 16 NATTkA bot gentoo-dev

2023-06-22 06:16:20 UTC

All sanity-check issues have been resolved

Comment 17 Sam James archtester

2023-06-22 07:05:57 UTC

hppa done

Comment 18 Sam James archtester

2023-06-22 07:13:35 UTC

arm64 done

Comment 19 Sam James archtester

2023-06-22 07:13:43 UTC

arm done

Comment 20 Sam James archtester

2023-06-22 07:24:34 UTC

ppc64 done

Comment 21 Arthur Zamarin archtester

2023-06-23 05:08:04 UTC

ppc done

Comment 22 Sam James archtester

2023-06-25 07:38:29 UTC

sparc done

all arches done