freedomofpress
diff --git a/‎Cargo.lock
+428-77 b/‎Cargo.lock
+428-77
diff --git a/‎Cargo.toml
+1 b/‎Cargo.toml
+1
diff --git a/‎builder/build-debs-securedrop.sh
+4-2 b/‎builder/build-debs-securedrop.sh
+4-2
diff --git a/‎install_files/ansible-base/group_vars/securedrop_application_server.yml
+1-1 b/‎install_files/ansible-base/group_vars/securedrop_application_server.yml
+1-1
diff --git a/‎install_files/ansible-base/group_vars/securedrop_monitor_server.yml
+1-1 b/‎install_files/ansible-base/group_vars/securedrop_monitor_server.yml
+1-1
diff --git a/‎molecule/testinfra/common/test_release_upgrades.py
+41 b/‎molecule/testinfra/common/test_release_upgrades.py
+41
diff --git a/‎noble-migration/Cargo.toml
+12 b/‎noble-migration/Cargo.toml
+12
@@ -1,6 +1,7 @@
 [workspace]
 
 members = [
+    "noble-migration",
     "redwood",
 ]
 
 
@@ -11,8 +11,10 @@ set -euxo pipefail
 
 # Make a copy of the source tree since we do destructive operations on it
 cp -R /src/securedrop /srv/securedrop
-cp -R /src/redwood /srv/redwood
-cp /src/Cargo.lock /srv/redwood/
+mkdir /srv/rust
+cp -R /src/noble-migration /srv/rust/noble-migration
+cp -R /src/redwood /srv/rust/redwood
+cp /src/Cargo.{toml,lock} /srv/rust/
 cd /srv/securedrop/
 
 # Control the version of setuptools used in the default construction of virtual environments
 
@@ -7,7 +7,7 @@ ip_info:
 ### Used by the install_local_deb_pkgs role ###
 local_deb_packages:
   - "securedrop-keyring_0.2.2+{{ securedrop_version }}+{{ securedrop_target_distribution }}_all.deb"
-  - "securedrop-config_{{ securedrop_version }}+{{ securedrop_target_distribution }}_all.deb"
+  - "securedrop-config_{{ securedrop_version }}+{{ securedrop_target_distribution }}_amd64.deb"
   - "securedrop-ossec-agent_3.6.0+{{ securedrop_version }}+{{ securedrop_target_distribution }}_all.deb"
   - "{{ securedrop_app_code_deb }}.deb"
   - "ossec-agent_3.6.0+{{ securedrop_target_distribution }}_amd64.deb"
 
@@ -7,7 +7,7 @@ ip_info:
 ### Used by the install_local_deb_pkgs role ###
 local_deb_packages:
   - "securedrop-keyring_0.2.2+{{ securedrop_version }}+{{ securedrop_target_distribution }}_all.deb"
-  - "securedrop-config_{{ securedrop_version }}+{{ securedrop_target_distribution }}_all.deb"
+  - "securedrop-config_{{ securedrop_version }}+{{ securedrop_target_distribution }}_amd64.deb"
   - "securedrop-ossec-server_3.6.0+{{ securedrop_version }}+{{ securedrop_target_distribution }}_all.deb"
   - ossec-server_3.6.0+{{ securedrop_target_distribution }}_amd64.deb
 
 
@@ -1,3 +1,7 @@
+import json
+import time
+
+import pytest
 import testutils
 
 test_vars = testutils.securedrop_test_vars
@@ -27,3 +31,40 @@ def test_release_manager_upgrade_channel(host):
     _, channel = raw_output.split("=")
 
     assert channel == "never"
+
+
+def test_migration_check(host):
+    """Verify our migration check script works"""
+    if host.system_info.codename != "focal":
+        pytest.skip("only applicable/testable on focal")
+
+    with host.sudo():
+        # remove state file so we can see if it works
+        if host.file("/etc/securedrop-noble-migration.json").exists:
+            host.run("rm /etc/securedrop-noble-migration.json")
+        cmd = host.run("systemctl start securedrop-noble-migration-check")
+        assert cmd.rc == 0
+        while host.service("securedrop-noble-migration-check").is_running:
+            time.sleep(1)
+
+        # JSON state file was created
+        assert host.file("/etc/securedrop-noble-migration.json").exists
+
+        cmd = host.run("cat /etc/securedrop-noble-migration.json")
+        assert cmd.rc == 0
+
+        contents = json.loads(cmd.stdout)
+        print(contents)
+        # The script did not error out
+        if "error" in contents:
+            # Run the script manually to get the error message
+            cmd = host.run("securedrop-noble-migration-check")
+            print(cmd.stdout)
+            # We'll fail in the next line after this
+        assert "error" not in contents
+        # staging CI jobs don't have enough free space, so just check
+        # that it returned a value for it
+        assert "free_space" in contents
+        del contents["free_space"]
+        # All the values should be True
+        assert all(contents.values())
@@ -0,0 +1,12 @@
+[package]
+name = "noble-migration"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+anyhow = "1.0.93"
+rustix = { version = "0.38.40", features = ["process"] }
+serde = { version = "1.0.215", features = ["derive"] }
+serde_json = "1.0.132"
+url = "2.5.3"
+walkdir = "2.5.0"
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`[workspace]`
`2`	`2`
`3`	`3`	`members = [`
	`4`	`+ "noble-migration",`
`4`	`5`	`"redwood",`
`5`	`6`	`]`
`6`	`7`