Skip to content

Coverage for https://github.com/aptly-dev/aptly/pull/1511 #1517

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
neolynx wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Coverage for https://github.com/aptly-dev/aptly/pull/1511 #1517

neolynx wants to merge 4 commits into from
+843 −27

Conversation

@neolynx
Copy link
Member

@neolynx neolynx commented Dec 26, 2025

Coverage for #1511

Agustin Henze and others added 4 commits December 26, 2025 17:06
@neolynx
Fix concurrent publish operations causing missing package files
f992e95 
When multiple repository operations execute concurrently on shared pool
directories, race conditions could cause .deb files to be deleted despite
appearing in repository metadata, resulting in apt 404 errors.

Three distinct but related race conditions were identified and fixed:

1. Package addition vs publish race: When packages are added to a local
   repository that is already published, the publish operation could read
   stale package references before the add transaction commits. Fixed by
   locking all published repositories that reference the local repo during
   package addition.

2. Pool file deletion race: When multiple published repositories share the
   same pool directory (same storage+prefix) and publish concurrently, cleanup
   operations could delete each other's newly created files. The cleanup in
   thread B would:
   - Query database for referenced files (not seeing thread A's uncommitted files)
   - Scan pool directory (seeing thread A's files)
   - Delete thread A's files as "orphaned"

   Fixed by implementing pool-sibling locking: acquire locks on ALL published
   repositories sharing the same storage and prefix before publish/cleanup.

3. Concurrent cleanup on same prefix: Multiple distributions publishing to the
   same prefix concurrently could have cleanup operations delete shared files.
   Fixed by:
   - Adding prefix-level locking to serialize cleanup operations
   - Removing ref subtraction that incorrectly marked shared files as orphaned
   - Forcing database reload before cleanup to see recent commits

The existing task system serializes operations based on resource locks,
preventing these race conditions when proper lock sets are acquired.

Test coverage includes concurrent publish scenarios that reliably reproduced
all three bugs before the fixes.
@neolynx
tasklist: fix consumer deadlock
3564b30
@neolynx
task list: lock correct resources
251d94a
@neolynx
consumer: make sure list is unlocked before queueing
274cbda
@codecov
Copy link

codecov bot commented Jan 3, 2026

Codecov Report

❌ Patch coverage is 90.47619% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.95%. Comparing base (836d9f3) to head (274cbda).

Files with missing lines Patch % Lines
api/publish.go 78.57% 2 Missing and 1 partial ⚠️
deb/publish.go 89.65% 2 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1517      +/-   ##
==========================================
+ Coverage   74.87%   74.95%   +0.08%     
==========================================
  Files         160      160              
  Lines       18518    18558      +40     
==========================================
+ Hits        13865    13910      +45     
+ Misses       3502     3498       -4     
+ Partials     1151     1150       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@neolynx