Fixes #8923

Apple rolls their own certtool on macOS/Mac OS X, which is distinct from
the correct gnutls-certtool from gnutls installed by Homebrew/MacPorts.

The leap-archive keyring expired March 8th 2018.
We updated it, and published updated installation
docs at https://bitmask.net/en/install/linux.

For jessie, we dont install the leap-archive-keyring
package anymore but directly deploy the keys to
apt's trusted keystore.

- Fixes: bitmask-dev#9279

Resolves: #8909

kwadronaut authored 7 years ago and kwadronaut committed 7 years ago

After 0.10 release there were some updates and fixes, including how to upgrade to 0.10. Pulling all changes in, fixes leap_se!21

webapp: update identity design doc for katzenpost

See merge request !145

As part of webapp#8815 we want to retrieve multiple types of
keys through nickserver. This requires the new couchdb view
on Identities this commit provides.

The webapp and platform version of couchdb design docs need to
be in sync. Therefore this mr should be merged at the same time
as webapp!61 .

After release, we switch back to use origin/master
for nicksever+webapp git repos, and master component
for the platform apt repo.

Installing gems as user root and accessing them as
unprivileged user breaks with gems that ship files
with too restrictive file permissions.

See https://github.com/invadersmustdie/puppet-catalog-test/issues/38

from https://docs.gitlab.com/ce/ci/yaml/README.html#cache:

"By default caching is enabled and shared between pipelines and jobs,
starting from GitLab 9.0"

Because this is used in some places, such as tor configuration, it can be useful
to have this set to something real for contact purposes.

Fixes: #8427, #8812

Resolves: #8891

It is more useful to check to see if Soledad is running before running the
webapp tests that require soledad to be running.

Updating platfrom 0.9 (soledad 0.8.0) to 0.10 (soledad 0.10.3) requires a
soledad-server migration. This integrates the migration in the CI
upgrade_test. Fixes #8881

They might be meaningful response codes for some scenarios. But
so far we are not conciously sending them out. If they occur that
is because we handed them down from couch. So we might want to
fix the underlying issue. Couch 409s should be caught by the webapp
and handled there.

Fix the order of the leap repository so it matches the correct repository
layout. Fixes #8888.

webapp#8806 needs couch design docs that allow invite codes
to be sorted by date. This updated needs to be deployed in sync
with the new webapp version.

For the CI, we were using the gitlab-runner ssh key for all provider builds,
this replaces it with an unique one for each provider.

subrepo:
  subdir:   "puppet/modules/tor"
  merged:   "4380e2ea"
upstream:
  origin:   "https://leap.se/git/puppet_tor"
  branch:   "master"
  commit:   "4380e2ea"
git-subrepo:
  version:  "0.3.1"
  origin:   "https://github.com/ingydotnet/git-subrepo"
  commit:   "a7ee886"

Resolves: #8879

0255d8a4 removed this class, but it still was
being referenced. Since it is not needed, we can just remove the reference.

Fixes: #8878