Discussed this in realtime today. Rather than modifying the server to expose a 'latest' link, what I would like to see implemented in system-image server is support for a new "remote_si" (bikeshed the name to taste) generator which talks to an existing system-image server remotely, and walks the tree to find the latest image part (device tarball, etc) on a specified channel - using the full channels.json/channels.json.gpg/index.json validation chain that already exists. This lets us cryptographically ensure integrity of the download using client and server code that already exists, rather than requiring deployment of a new server feature on system-image.ubuntu.com that would only be used by the capomastro server and not shared with other clients of system-image.ubuntu.com.
And as a stopgap measure until this is implemented, we've recommended that PES simply mirror the content from cdimage.ubuntu.com via rsync and run the cdimage generator locally for imports.
Discussed this in realtime today. Rather than modifying the server to expose a 'latest' link, what I would like to see implemented in system-image server is support for a new "remote_si" (bikeshed the name to taste) generator which talks to an existing system-image server remotely, and walks the tree to find the latest image part (device tarball, etc) on a specified channel - using the full channels. json/channels. json.gpg/ index.json validation chain that already exists. This lets us cryptographically ensure integrity of the download using client and server code that already exists, rather than requiring deployment of a new server feature on system- image.ubuntu. com that would only be used by the capomastro server and not shared with other clients of system- image.ubuntu. com.
And as a stopgap measure until this is implemented, we've recommended that PES simply mirror the content from cdimage.ubuntu.com via rsync and run the cdimage generator locally for imports.