Publishing details
Changelog
ubuntu-advantage-tools (27.0~20.10.1~beta2) groovy; urgency=medium
* d/control:
- add distro-info dependency
- add new debianutils dependency
* d/rules: enable and start ua-messaging.timer on package install
* d/postinst:
- configure esm on any LTS release avoid beta services
- configure esm-infra when is_active_esm and apps on LTS
- xenial enable unauthenticated apt source for apps/infra
* New upstream release 27.0~beta:
- apt-hook:
+ adapt hook to process separate message templates
+ esm-apps and esm-infra pkg counts not mutually-exclusive
+ print static messages on apt upgrade/dist-upgrade (GH: #1546)
- config: create settings_overrides on config (GH: #1507)
- docs: add entry for uploading new version to ppa
- esm:
+ add pin never when disabling esm-infra/apps on xenial
+ enable infra when EOL LTS and apps on all LTS (GH: #1558)
- fips: add notice when installing over old fips
- fix:
+ add links to ubuntu.com/gcp/aws in messaging when on non-PRO
+ add notice to reboot operation on ua fix
+ do not prompt user for beta services (GH: #1544)
+ notify users if reboot is required (GH: #1476)
+ update how the expired token logic works
+ wrap output greater than 80 chars (GH: #1487)
- lib: fix notice handling on reboot script
- messages
+ provide static message files for use in APT and MOTD
+ update_ua_messages on attach/detach/disable
- mypy: add lib/ dir for coverage
- status: do not remove notices on non-root call (GH: #1518)
- subp: separate % format strings when logging (GH: #1520)
- systemd: add ua-messaging.timer to update ua MOTD and APT msgs
- update-motd.d: add conditional hooks for motd to source ua messages
- util: add is_lts and is_active_esm funtions to support ESM
- test
+ add integration tests asserting esm-apps setup due to postinst
+ manual test script for xenial upgrade
+ trusty and xenial infra and apps disabled in pkg install
- behave: use unaltered cloud images unsetting UACLIENT_BEHAVE_PPA
- jenkins: make lint and style stage run sequentially
ubuntu-advantage-tools (27.0~21.04.1~beta) hirsute; urgency=medium
* d/*: prefix all the debhelper conf files with the package name
* d/control:
- add Rules-Requires-Root: no
- bump Standards-Version to 4.5.1
- make ubuntu-advantage-pro Architecture: all
* d/lintian-overrides:
- override maintainer-script-calls-service
- package-supports-alternative-init-but-no-init.d-script
* d/postinst: move the u-a-pro note to a config script
* d/ubuntu-advantage-tools.templates: suggest the use of apt
* New upstream release 27.0~beta:
- apt: add retry for apt-helper command (GH: #1431)
- cli: drop subcommand repeated help output, fix enable & refresh
(GH: #1440)
- config:
+ allow parsing yaml delivered from env values
+ environment variable support for feature overrides (GH: #1395)
+ create config to add extra params to security url
- docs:
+ add ppas and fix typos
+ use Ubuntu Pro not Ubuntu PRO
+ add stop "." punctuation to messages (GH: #1320)
- fips: fix FIPS message when disable operation fails
- fix:
+ add basic UASecurityClient to which queries CVE and USNs
+ add security_url to config
+ check if service is enabled during ua fix (GH: #1462)
+ closer representation of cve and usn responses
+ filter usns by cve details (GH: #1470)
+ fix regex to be more permissive and strict
+ get_cve_affected_source_packages_status won't list not-affected
(GH: #1467)
+ handle other package status when running ua fix (GH: #1435)
+ improve error message for ua fix (GH: #1420)
+ install pkg fixes when they are on standard pocket (GH: #1401)
+ move timeout and retries to security client only
+ only prompt for subscription attach for UA-related pkg updates
+ parse all related USNS to a given CVE when fixing
+ parse full API responses for related CVEs and USNs
+ prefer USN.release_packages binary pkg versions to CVE src ver
(GH: #1436)
+ prompt for new ua token when expired one is used (GH: #1475)
+ prompt to emit pro suggestion on pro_clouds if unattached (GH: #1386)
+ prompt to enable service during ua fix (GH: #1455)
+ provide related CVE URLs instead of USNs (GH: #1456)
+ raise errors when source_link is null or unexpected format
+ show packages that were not fixed in the output
+ update output for released packages in ua fix (GH: #1438)
+ update message for invalid issue in ua fix (GH: #1433)
+ use pocket values from USNs (GH: #1439)
- logs: emit error response on API errors and redact sensitive logs
(GH: #1424)
- serviceclient: add 10 second timeout and two retries to API calls
(GH: #1374)
- util:
+ add error prompts on invalid selection
+ add timeout to readurl
- tests:
+ Add disable_auto_attach config to all test PRO vms
+ add merge_usn_released_binary_package_versions tests
+ add unittest coverage for override_usn_release_package_status
+ drop traceback checks on fips integration tests
+ refactor integration tests for ua fix cmd
+ run status wait before detach in PRO tests
+ use ssh to run commands on lxd containers
- jenkins: archiveArtifacts can only reference paths within workspace
ubuntu-advantage-tools (26.3~21.04.1) hirsute; urgency=medium
* d/control: add new debianutils dependency
* New upstream release 26.3
- util: improve is_container check for chroot
- cli: pass assume_yes param to services on detach (GH: #1530)
ubuntu-advantage-tools (26.2~21.04.1) hirsute; urgency=medium
* status: show beta services in status if enabled (GH: #1410)
ubuntu-advantage-tools (26.1~21.04.1) hirsute; urgency=medium
* New upstream release 26.1
- contract: block detach call to contract if machine-id change
- docs: add readme docs about mastering clean golden images
- fips: add reboot notices for fips operations (GH: #1368)
- livepatch: add retry when running canonical-livepatch status
(GH: #1360)
- util: use lru_cache to avoid re-reading os-release and machine-id
(GH: #1329)
- tests:
+ add disable_auto_attach config to all test PRO vms
+ add more log artifacts during failed integration test
+ check cloudinit status after launching image
+ mock leaking livepatch.application_status for fips test
+ retry package installs on apt exit 100
- jenkins: parameterize build stages to avoid parallel job collision
ubuntu-advantage-tools (26.0.1~21.04.1) hirsute; urgency=medium
* auto-attach: fix comparing numeric iid
ubuntu-advantage-tools (26.0~21.04.1) hirsute; urgency=medium
* New upstream release 26.0:
- auto-attach: systemd unit to run before ua-reboot-cmds.service
- config: remove_notice should remove notices.json when empty
- fips:
+ add notice if running a deactivated FIPS kernel (GH: #1348)
+ block enabling FIPS on clouds using Xenial
+ block enabling fips on GCP instances
+ check /proc/sys/crypto/fips_enable to see if fips is enabled
+ override fips metapackage when on bionic cloud
+ update metapackage override logic on fips
- notices: clear lock file and notice when encountering any exception
(GH: #1326)
- reboot_cmds: retry on lock held errors due to pro auto-attach
- services: allow uaclient to disable services during enable
- status: include beta services in json formatted output with --all
(GH: #1341)
- tests:
+ add FIPS tests to AWS and Azure bionic images
+ add GCP pro test for focal machine
+ add after_step collection of artifacts on failure
+ remove proc file check after disabling fips
+ pro: block auto-attach with cloud-config bootcmd
+ add validation of systemd unit ua-reboot-cmds.service
+ test enabling fips-updates when fips is enabled
- jenkins:
- add deb build stage to assert package builds
- use series-specific sbuild --build-dir avoid races
- use --append-to-version for each sbuild run to avoid races
- presume success when no integration artifacts created
ubuntu-advantage-tools (26.0~21.04.1~beta) hirsute; urgency=medium
* d/rules:
- add --with systemd to allow reboot init script
- do not remove lib/systemd/system folder
* d/postinst:
- create marker file when reboot script need to run:
- enable livepatch across trusty to xenial upgrade
- update fips on existing fips pro machines
* New upstream release 26.0~beta:
- gcp: add Google Cloud Platform support (GH #1269)
- fips:
+ remove is_beta from fips sevices
+ fips pro: add upgrade support to require reboot to unmark held fips pkgs
+ update origin UbuntuFIPSUpdates
- status:
+ add notice to tabular output
+ held locks emit notice about Operation in progress
- cli: help sort output so trusty ordering matches xenial++
- cis: rename service from cis-audit
- config: provide config notices and add_notice and remove_notice methods
- contract: add resource-machine-access route and datapath
- init: add init script to run commands on reboot
- keys: add ubuntu-advantage-cis keyring
- livepatch: make livepatch react to enableByDefault delta
- log: log when we install pkgs because of contract delta
- make: drop six testdeps target
- pro: do not install pro debs on non-pro instances
- services: Update beta info for services (GH #1220)
- tools: add tox-lxd-runner, that execute the test command in a shell
- tools: refresh-keyrings handles cis keys. drop series-specific keys
- tests:
+ add GCE support for integration tests
+ add cis integration tests for unattached and pro
+ add pytest constraint for mypy tests
+ add unittests for reboot_cmds script
+ fix esm package messages for new update notifier version
+ pin importlib-metadata for mypy tests
+ repo tests for request_resource_machine_access
+ unit tests for config cache clearing and machine-access data
- jenkins:
+ add basic Jenkinsfile for CI runs per PR
+ add jenkins parseable test results
+ add lxc cleanup stage on Jenkinsfile
ubuntu-advantage-tools (25.0~20.10.1) groovy; urgency=medium
* Release version 25.0
ubuntu-advantage-tools (25.0~20.10.1beta3) groovy; urgency=medium
* New upstream release 25.0~beta3:
- upgrade-lts-conract: noop during do-release-upgrade on unattached
(GH: #1255)
- ua-auto-attach: order systemd unit before cloud-config.service
- Update FIPSUpdates pin origin
- fips: unmark held fips packages for ubuntu pro fips image support
(GH: #1109)
- repo: handle changes to additionalPackages contract deltas
- repo: move package installation to install_packages method
- pro: trigger auto-attach as soon as instance-data.json is available
(GH: #1234)
- Conditionally install packages when enabling FIPS
- fips: allow disable (GH: #1168)
- cli: add trailing newline to argparse errors (GH: #1236)
- Install fips metapacking when enabling service
- integration test improvements:
+ upgrade-test: fix upgrade path restart failures on trusty (GH: #1257)
+ Fix integration test setup scripts (GH: #1253)
+ strict checking for command success on behave
+ Update tests to use new pycloudlib LXD abstraction
+ Add upgrade scenario tests when FIPS is enabled
+ Improve FIPS tests for checking packages
+ Update esm-infra xenial lxd test
+ Fix vm tests as esm-apps is beta service
+ Fix azure generic integration testing
+ Update esm-apps check on staging_commands tests
+ Install pycloudlib for azure jobs only
+ Fix shell condition in run_azure_travis_integration_tests.sh
+ Update azure jobs on travis
+ Update travis url in README
+ Update travis scripts to use ppa only on master
+ Fix cron event type check on travis yaml
ubuntu-advantage-tools (25.0~20.10.1~beta2) groovy; urgency=medium
* New upstream release 25.0~beta2:
- help: update esm-infra help text (GH: #1212)
- apt-hook: update apt cli messaging for UA Infra: ESM and UA Apps: ESM
product names
- help: update fips help docs (GH: #1213)
- help: revert CIS help doc URL (GH: #1211)
- help: add new fips help URLs to CLI help docs (GH: #1210)
- Show error when enabling service with invalid repo [Lucas Moura]
(GH: #954)
- Update beta info for services (#1220) [Lucas Moura] (GH: #1216)
- Do not enable fips when fips-updates is active [Lucas Moura] (GH: #1209)
- Add vm test commands in tox.ini (#1204) [Lucas Moura]
ubuntu-advantage-tools (25.0~20.10.1~beta1) groovy; urgency=medium
* Beta bug fix release
- status: fix missing description_override key after upgrade from
trusty (GH: #1201)
- During contract delta processing use _check_application_status_on_cache
instead of live service status
ubuntu-advantage-tools (25.0~20.10.1~beta) groovy; urgency=medium
* d/control:
- add po-debconf dependency and fix lintian not-using-po-debconf and
untranslatable-debconf-templates
- add ${misc:Depends} dep to ubuntu-advantage-pro to fix lintian
debhelper-but-no-misc-depends (GH: #1024)
* d/rules:
- drop --with systemd fix build-depends-on-obsolete-package
- set fix lintian warning extra:Depends even if empty
* d/postrm
- Add more gpg keys to be deleted in postrm for Xenial+ support
* d/postinst:
- do not unconfigure non-trusty esm. no series in apt filenames (GH: #1170)
- check if esm is already enabled (GH: #1095)
* New upstream release 25.0:
- Do not uninstall additionalPackages or livepatch when disabling services
- check for issubclass on clean_apt_files
- Add do-release-upgrade support for esm-infra and apps suites (GH: #1169)
- Apply contract deltas during do-release-upgrade operations
- cli: add ua help command
- cli: status add blocking --wait param and lock files for config change
- Fix livepatch behaviour on aws pro focal machine
- travis: drop inapplicable workspaces from specific awsgeneric release
jobs
- Add possible reboot text after enabling/disabling services
- apt-hook: package apt-hook and apt configuration files on all releases
(GH: #1150)
- Fix enable fail bug
- Add uaclient.conf override mechanism for auto-attach, beta services and
machine-token
- Support ESM Apps [Brian Murray] (GH: #930)
- Do not enable services if blocking services is active (GH: #1029)
- contract: handle 401 on invalid token, 403 on expired (GH: #1335)
- Hide beta services from default status output and enable/disable
operations (GH: #1079) (GH: #1091)
- fips: force apt noninteractive prompts during package installs
(GH: #1084)
- tests: add unit tests for aws-gov/aws-china cloud detection
- Add AWS China and GovCloud partitions [Robert Jennings]
- Disable beta services to be show/enabled without flag
- Add missing build_pr command to environment
- Use additionalPackages from service payload
- Add integration testing for Travis runs [patriciadomin] (GH: #856)
(GH: #857) (GH: #853)
-- Lucas Moura <email address hidden> Thu, 22 Apr 2021 14:16:26 -0300
Builds
Built packages
-
ubuntu-advantage-pro
utilities and services for Ubuntu Pro images
-
ubuntu-advantage-tools
management tools for Ubuntu Advantage
Package files