4 files changed, 19 insertions, 20 deletions

diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs
index 06a5921d..32e97316 100644
--- a/src/Propellor/CmdLine.hs
+++ b/src/Propellor/CmdLine.hs
@@ -132,6 +132,8 @@ updateFirst cmdline next = do
 
 	void $ actionMessage "Git fetch" $ boolSystem "git" [Param "fetch"]
 	
+	oldsha <- getCurrentGitSha1 branchref
+	
 	whenM (doesFileExist keyring) $ do
 		{- To verify origin branch commit's signature, have to
 		 - convince gpg to use our keyring. While running git log.
@@ -153,10 +155,9 @@ updateFirst cmdline next = do
 			then do
 				putStrLn $ "git branch " ++ originbranch ++ " gpg signature verified; merging"
 				hFlush stdout
-			else errorMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it!"
+				void $ boolSystem "git" [Param "merge", Param originbranch]
+			else warningMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it! (Running with previous configuration instead.)"
 	
-	oldsha <- getCurrentGitSha1 branchref
-	void $ boolSystem "git" [Param "merge", Param originbranch]
 	newsha <- getCurrentGitSha1 branchref
 
 	if oldsha == newsha
diff --git a/src/Propellor/Property/Apt.hs b/src/Propellor/Property/Apt.hs
index 17057af2..7e02a335 100644
--- a/src/Propellor/Property/Apt.hs
+++ b/src/Propellor/Property/Apt.hs
@@ -265,5 +265,5 @@ trustsKey k = RevertableProperty trust untrust
 -- | Cleans apt's cache of downloaded packages to avoid using up disk
 -- space.
 cacheCleaned :: Property
-cacheCleaned = cmdProperty "apt-get" ["clean"]
+cacheCleaned = trivial $ cmdProperty "apt-get" ["clean"]
 	`describe` "apt cache cleaned" 
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 57a6b084..85584e43 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -69,22 +69,17 @@ tree buildarch = combineProperties "gitannexbuilder tree"
 buildDepsApt :: Property
 buildDepsApt = combineProperties "gitannexbuilder build deps"
 	[ Apt.buildDep ["git-annex"]
-	, buildDepsFewHaskellLibs
+	, buildDepsNoHaskellLibs
 	, "git-annex source build deps installed" ==> Apt.buildDepIn builddir
 	]
 
-buildDepsFewHaskellLibs :: Property
-buildDepsFewHaskellLibs = combineProperties "gitannexbuilder build deps"
-	[ buildDepsNoHaskellLibs
-	-- these haskell libs depend on C libs and don't use TH
-	, Apt.installed ["libghc-dbus-dev", "libghc-fdo-notify-dev", "libghc-network-protocol-xmpp-dev"]
-	]
-
 buildDepsNoHaskellLibs :: Property
 buildDepsNoHaskellLibs = Apt.installed
 	["git", "rsync", "moreutils", "ca-certificates",
 	"debhelper", "ghc", "curl", "openssh-client", "git-remote-gcrypt",
 	"liblockfile-simple-perl", "cabal-install", "vim", "less",
+	-- needed by haskell libs
+	"libxml2-dev", "libidn11-dev", "libgsasl7-dev", "libgnutls-dev",
 	"alex", "happy", "c2hs"
 	]
 
@@ -98,14 +93,15 @@ cabalDeps = flagFile go cabalupdated
 
 standardAutoBuilderContainer :: (System -> Docker.Image) -> Architecture -> Int -> TimeOut -> Host
 standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.container (arch ++ "-git-annex-builder")
-	(dockerImage $ System (Debian Unstable) arch)
-	& os (System (Debian Unstable) arch)
+	(dockerImage $ System (Debian Testing) arch)
+	& os (System (Debian Testing) arch)
 	& Apt.stdSourcesList
 	& Apt.installed ["systemd"]
 	& Apt.unattendedUpgrades
+	& User.accountFor builduser
+	& tree arch
 	& buildDepsApt
 	& autobuilder (show buildminute ++ " * * * *") timeout True
-		`requires` tree arch
 
 androidAutoBuilderContainer :: (System -> Docker.Image) -> Cron.CronTimes -> TimeOut -> Host
 androidAutoBuilderContainer dockerImage crontimes timeout =
@@ -144,15 +140,16 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe
 armelCompanionContainer :: (System -> Docker.Image) -> Host
 armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder-companion"
 	(dockerImage $ System (Debian Unstable) "amd64")
-	& os (System (Debian Unstable) "amd64")
+	& os (System (Debian Testing) "amd64")
 	& Apt.stdSourcesList
 	& Apt.installed ["systemd"]
 	& Apt.unattendedUpgrades
 	-- This volume is shared with the armel builder.
 	& Docker.volume gitbuilderdir
+	& User.accountFor builduser
 	-- Install current versions of build deps from cabal.
 	& tree "armel"
-	& buildDepsFewHaskellLibs
+	& buildDepsNoHaskellLibs
 	& cabalDeps
 	-- The armel builder can ssh to this companion.
 	& Docker.expose "22"
@@ -162,18 +159,19 @@ armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder-
 armelAutoBuilderContainer :: (System -> Docker.Image) -> Cron.CronTimes -> TimeOut -> Host
 armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "armel-git-annex-builder"
 	(dockerImage $ System (Debian Unstable) "armel")
-	& os (System (Debian Unstable) "armel")
+	& os (System (Debian Testing) "armel")
 	& Apt.stdSourcesList
 	& Apt.unattendedUpgrades
 	& Apt.installed ["systemd"]
 	& Apt.installed ["openssh-client"]
 	& Docker.link "armel-git-annex-builder-companion" "companion"
 	& Docker.volumes_from "armel-git-annex-builder-companion"
+	& User.accountFor builduser
 	-- TODO: automate installing haskell libs
 	-- (Currently have to run
 	-- git-annex/standalone/linux/install-haskell-packages
 	-- which is not fully automated.)
-	& buildDepsFewHaskellLibs
+	& buildDepsNoHaskellLibs
 	& autobuilder crontimes timeout True
 		`requires` tree "armel"
 	& Ssh.keyImported SshRsa builduser
diff --git a/src/wrapper.hs b/src/wrapper.hs
index f180e855..4d2c50fc 100644
--- a/src/wrapper.hs
+++ b/src/wrapper.hs
@@ -1,7 +1,7 @@
 -- | Wrapper program for propellor distribution.
 --
 -- Distributions should install this program into PATH.
--- (Cabal builds it as dist/build/propellor.
+-- (Cabal builds it as dist/build/propellor/propellor).
 --
 -- This is not the propellor main program (that's config.hs)
 --