[SRU] ubuntu-advantage-tools (28.1 -> 29) Xenial, Bionic, Focal, Jammy, Lunar
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
ubuntu-advantage-tools (Ubuntu) | Status tracked in Mantic | |||||
Xenial |
Fix Released
|
Undecided
|
Unassigned | |||
Bionic |
Fix Released
|
Undecided
|
Unassigned | |||
Focal |
Fix Released
|
Undecided
|
Unassigned | |||
Jammy |
Fix Released
|
Undecided
|
Unassigned | |||
Lunar |
Fix Released
|
Undecided
|
Unassigned | |||
Mantic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
This is for the release of the latest upstream version of the Ubuntu Pro Client, which contain new features that are desirable on all releases. 29 has several notable features:
- Add support for new Anbox Cloud and Landscape services
- Add support for TLS-in-TLS proxies
- Add three new API endpoints:
* u.apt_news.
* u.pro.security.
* u.pro.security.
- Add more data to the API endpoint: u.pro.security.
* The additional data allow users to understand the decision making process for the endpoint
- Update priority for packages delivered through esm-infra and esm-apps
* This will guarantee that users will always have the security patches provided by those services
See the changelog entry below for a full list of changes and bugs.
[Test Case]
The following development and SRU process was followed:
https:/
The ubuntu-
[Regression Potential]
This release mostly entails new features, the only exception being the priority change regarding the esm services. To guarantee that priority, we will deliver a static file for each service with the correct pin value.
The static file will allow us to rely on debconf to prompt users that performed any custom modifications on the file while we are also trying to modify it.
The main issue with the approach is regarding users that already have a custom configuration today. We will deliver both of those files as:
`ubuntu-
`ubuntu-
Two things can happen if the user has created a custom configuration file pinning the package of any of those service:
* The file is alphabetically sorted before our file: In that case, the user file will be used and ours ignored
* The file is alphabetically sorted after our file: In that case, our file will be used. Note that we don't consider this a problem, because we will either create a pin with a higher priority that already established or lower the priority, but guarantee that is higher than the other packages delivered by updates and security.
It is possible that this new pinning will nevertheless negatively affect users’ customizations. However, we judge this to be unlikely, and in any case fixing the security gap addressed by the change seems more important.
Finally, since we will deliver those files as static files, every user will now have them on their machine. Even if they are not attached to a Pro subscription. However, apt will just ignore those files when making any operations.
[Changelog]
* d/control:
- Update links for the project github page
* d/ubuntu-
- rename repo GPG keys from -advantage to -pro (GH: #1539)
* d/README:
- add file with basic explanation on the source code (GH: #2463)
* New upstream release 29 (LP: #2029144)
- anbox-cloud: add support for service
- api
+ new endpoint: u.pro.security.
+ new endpoint: u.pro.security.
+ new endpoint: u.apt_news.
+ add more data explaining the decision made for
- contract:
+ send activityInfo after cli attach, enable and disable
+ start recording when the machine has attached to a Pro subsctiption
+ more reliable detection when running on a docker container
- esm: create static files to pin packages from esm-infra and esm-apps with
higher priority (GH: #2580)
- fix: ignore non-USN items on related usns
- landscape: add support for the service
- logging: update to ubuntupro logging namespace
- proxy: Add support for TLS-in-TLS proxy (LP: #1999909)
- snapd: look for the snapd package instead of the snap command
- system: try/except logic to remove files and folders (LP: #2025731)
Related branches
- Robie Basak: Needs Fixing
- Sergio Durigan Junior (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 30422 lines (+11104/-4457)207 files modified.github/PULL_REQUEST_TEMPLATE.md (+1/-1)
.github/actions/bug-refs/index.js (+30/-3)
.github/actions/release-changelog-bug-refs/action.yml (+9/-0)
.github/actions/release-changelog-bug-refs/index.js (+44/-0)
.github/actions/release-changelog-bug-refs/package-lock.json (+430/-0)
.github/actions/release-changelog-bug-refs/package.json (+10/-0)
.github/workflows/ci-base.yaml (+0/-2)
.github/workflows/ci-integration.yaml (+5/-2)
.github/workflows/release-checks.yaml (+22/-0)
.gitignore (+51/-0)
.readthedocs.yaml (+5/-7)
CONTRIBUTING.md (+17/-17)
README.md (+4/-4)
debian/README.source (+38/-0)
debian/changelog (+35/-0)
debian/control (+2/-2)
debian/copyright (+3/-3)
debian/source/lintian-overrides (+0/-3)
debian/ubuntu-advantage-tools.lintian-overrides (+10/-0)
debian/ubuntu-advantage-tools.postinst (+29/-6)
debian/ubuntu-advantage-tools.postrm (+1/-1)
dev/null (+0/-474)
features/_version.feature (+2/-2)
features/airgapped.feature (+3/-2)
features/anbox.feature (+136/-0)
features/api.feature (+2/-2)
features/api_fix_plan.feature (+239/-0)
features/api_packages.feature (+1/-1)
features/api_unattended_upgrades.feature (+1/-1)
features/apt_messages.feature (+109/-28)
features/attach_invalidtoken.feature (+18/-16)
features/attach_validtoken.feature (+4/-3)
features/attached_commands.feature (+77/-130)
features/attached_enable.feature (+34/-105)
features/attached_status.feature (+6/-1)
features/collect_logs.feature (+2/-2)
features/config.feature (+3/-2)
features/daemon.feature (+4/-4)
features/environment.py (+25/-8)
features/fix.feature (+134/-1)
features/i8n.feature (+1/-1)
features/install_uninstall.feature (+3/-3)
features/landscape.feature (+257/-0)
features/livepatch.feature (+4/-4)
features/logs.feature (+4/-3)
features/magic_attach.feature (+3/-4)
features/motd_messages.feature (+2/-1)
features/proxy_config.feature (+116/-0)
features/schemas/anbox_cloud_credentials.json (+18/-0)
features/schemas/cve_fix_plan.json (+91/-0)
features/schemas/usn_fix_plan.json (+107/-0)
features/security_status.feature (+11/-7)
features/steps/files.py (+10/-0)
features/steps/landscape.py (+69/-0)
features/steps/machines.py (+31/-2)
features/steps/output.py (+42/-19)
features/steps/packages.py (+4/-5)
features/steps/shell.py (+22/-13)
features/steps/snap.py (+31/-0)
features/steps/ubuntu_advantage_tools.py (+24/-13)
features/timer.feature (+3/-2)
features/ubuntu_pro.feature (+39/-30)
features/ubuntu_pro_fips.feature (+24/-24)
features/ubuntu_upgrade.feature (+2/-2)
features/ubuntu_upgrade_unattached.feature (+5/-5)
features/unattached_commands.feature (+44/-43)
features/unattached_status.feature (+68/-31)
features/util.py (+56/-11)
help_data.yaml (+22/-0)
lib/apt_news.py (+1/-3)
lib/auto_attach.py (+12/-13)
lib/daemon.py (+13/-4)
lib/esm_cache.py (+2/-4)
lib/patch_status_json.py (+5/-3)
lib/reboot_cmds.py (+18/-14)
lib/timer.py (+3/-2)
lib/upgrade_lts_contract.py (+2/-1)
preferences.d/ubuntu-pro-esm-apps (+8/-0)
preferences.d/ubuntu-pro-esm-infra (+8/-0)
setup.py (+2/-1)
sru/README.md (+1/-1)
sru/_archive/release-28/azure_auto_attach_on_boot.sh (+108/-0)
sru/_archive/release-28/test-esm-infra-key-rename.sh (+78/-0)
sru/release-29/test-esm-pinning.sh (+177/-0)
tools/build.py (+20/-2)
tools/create-lp-release-branches.sh (+1/-1)
tools/refresh-keyrings.sh (+2/-2)
tools/run-integration-tests.py (+5/-5)
tools/setup_sbuild.sh (+1/-1)
tools/ua.bash (+2/-2)
tox.ini (+5/-8)
types-requirements.txt (+1/-0)
uaclient/actions.py (+44/-14)
uaclient/api/__init__.py (+4/-0)
uaclient/api/api.py (+87/-34)
uaclient/api/tests/test_api.py (+80/-10)
uaclient/api/tests/test_api_u_pro_attach_auto_full_auto_attach_v1.py (+25/-0)
uaclient/api/tests/test_api_u_pro_security_status_get_package_manifest.py (+61/-21)
uaclient/api/tests/test_api_u_pro_security_status_reboot_required_v1.py (+296/-11)
uaclient/api/tests/test_api_u_unattended_upgrades_status_v1.py (+10/-4)
uaclient/api/tests/test_fix.py (+833/-0)
uaclient/api/u/apt_news/__init__.py (+0/-0)
uaclient/api/u/apt_news/current_news/__init__.py (+0/-0)
uaclient/api/u/apt_news/current_news/v1.py (+32/-0)
uaclient/api/u/pro/attach/auto/full_auto_attach/v1.py (+4/-1)
uaclient/api/u/pro/security/fix/__init__.py (+720/-0)
uaclient/api/u/pro/security/fix/cve/__init__.py (+0/-0)
uaclient/api/u/pro/security/fix/cve/plan/__init__.py (+0/-0)
uaclient/api/u/pro/security/fix/cve/plan/v1.py (+88/-0)
uaclient/api/u/pro/security/fix/usn/__init__.py (+0/-0)
uaclient/api/u/pro/security/fix/usn/plan/__init__.py (+0/-0)
uaclient/api/u/pro/security/fix/usn/plan/v1.py (+88/-0)
uaclient/api/u/pro/security/status/reboot_required/v1.py (+136/-4)
uaclient/api/u/security/package_manifest/v1.py (+3/-3)
uaclient/api/u/unattended_upgrades/status/v1.py (+5/-4)
uaclient/apt.py (+11/-10)
uaclient/apt_news.py (+46/-50)
uaclient/cli.py (+80/-47)
uaclient/clouds/aws.py (+26/-26)
uaclient/clouds/azure.py (+17/-10)
uaclient/clouds/gcp.py (+30/-45)
uaclient/clouds/identity.py (+5/-3)
uaclient/clouds/tests/test_aws.py (+83/-40)
uaclient/clouds/tests/test_azure.py (+56/-29)
uaclient/clouds/tests/test_gcp.py (+60/-27)
uaclient/config.py (+28/-30)
uaclient/conftest.py (+21/-6)
uaclient/contract.py (+276/-198)
uaclient/daemon/__init__.py (+8/-5)
uaclient/daemon/poll_for_pro_license.py (+1/-1)
uaclient/daemon/retry_auto_attach.py (+6/-20)
uaclient/daemon/tests/test_retry_auto_attach.py (+2/-14)
uaclient/data_types.py (+1/-1)
uaclient/defaults.py (+3/-0)
uaclient/entitlements/__init__.py (+4/-0)
uaclient/entitlements/anbox.py (+85/-0)
uaclient/entitlements/base.py (+154/-11)
uaclient/entitlements/cc.py (+1/-1)
uaclient/entitlements/cis.py (+1/-1)
uaclient/entitlements/esm.py (+2/-2)
uaclient/entitlements/fips.py (+3/-6)
uaclient/entitlements/landscape.py (+142/-0)
uaclient/entitlements/livepatch.py (+18/-50)
uaclient/entitlements/realtime.py (+1/-1)
uaclient/entitlements/repo.py (+20/-14)
uaclient/entitlements/ros.py (+1/-1)
uaclient/entitlements/tests/test_base.py (+217/-6)
uaclient/entitlements/tests/test_cc.py (+3/-26)
uaclient/entitlements/tests/test_cis.py (+1/-17)
uaclient/entitlements/tests/test_fips.py (+2/-2)
uaclient/entitlements/tests/test_landscape.py (+272/-0)
uaclient/entitlements/tests/test_livepatch.py (+35/-92)
uaclient/entitlements/tests/test_repo.py (+1/-1)
uaclient/exceptions.py (+74/-66)
uaclient/files/files.py (+8/-1)
uaclient/files/notices.py (+2/-2)
uaclient/files/state_files.py (+51/-0)
uaclient/gpg.py (+4/-2)
uaclient/http/__init__.py (+388/-0)
uaclient/http/serviceclient.py (+36/-71)
uaclient/http/tests/test_http.py (+461/-0)
uaclient/http/tests/test_serviceclient.py (+22/-69)
uaclient/livepatch.py (+25/-34)
uaclient/lock.py (+2/-2)
uaclient/messages.py (+145/-47)
uaclient/security.py (+45/-33)
uaclient/security_status.py (+4/-61)
uaclient/snap.py (+127/-42)
uaclient/status.py (+1/-1)
uaclient/system.py (+107/-38)
uaclient/testing/fakes.py (+11/-4)
uaclient/testing/helpers.py (+8/-0)
uaclient/tests/test_actions.py (+249/-37)
uaclient/tests/test_apt.py (+14/-14)
uaclient/tests/test_apt_news.py (+151/-151)
uaclient/tests/test_cli.py (+29/-202)
uaclient/tests/test_cli_api.py (+19/-2)
uaclient/tests/test_cli_attach.py (+47/-67)
uaclient/tests/test_cli_auto_attach.py (+5/-3)
uaclient/tests/test_cli_collect_logs.py (+2/-1)
uaclient/tests/test_cli_config.py (+1/-1)
uaclient/tests/test_cli_config_set.py (+13/-13)
uaclient/tests/test_cli_disable.py (+8/-3)
uaclient/tests/test_cli_enable.py (+33/-15)
uaclient/tests/test_cli_refresh.py (+14/-16)
uaclient/tests/test_cli_status.py (+5/-4)
uaclient/tests/test_config.py (+25/-19)
uaclient/tests/test_contract.py (+844/-584)
uaclient/tests/test_esm_cache.py (+13/-10)
uaclient/tests/test_gpg.py (+2/-2)
uaclient/tests/test_lib_auto_attach.py (+1/-8)
uaclient/tests/test_livepatch.py (+89/-13)
uaclient/tests/test_log.py (+4/-3)
uaclient/tests/test_security.py (+67/-24)
uaclient/tests/test_security_status.py (+5/-170)
uaclient/tests/test_snap.py (+194/-73)
uaclient/tests/test_status.py (+13/-1)
uaclient/tests/test_system.py (+215/-23)
uaclient/tests/test_util.py (+74/-279)
uaclient/timer/__init__.py (+2/-2)
uaclient/timer/tests/test_update_messaging.py (+3/-6)
uaclient/timer/update_contract_info.py (+1/-1)
uaclient/timer/update_messaging.py (+16/-51)
uaclient/upgrade_lts_contract.py (+11/-8)
uaclient/util.py (+34/-152)
uaclient/version.py (+1/-1)
uaclient/yaml.py (+6/-3)
description: | updated |
description: | updated |
description: | updated |
description: | updated |
This bug was fixed in the package ubuntu- advantage- tools - 29
--------------- advantage- tools (29) mantic; urgency=medium
ubuntu-
* d/control: advantage- tools.{ postinst, postrm} : fix.plan. cve.v1 fix.plan. usn.v1 current_ news.v1
u.pro. security. status. reboot_ required. v1 endpoint
- update links for the project github page
* d/copyright:
- bump date to 2023
- update upstream-name and source
* d/ubuntu-
- rename repo GPG keys from -advantage to -pro (GH: #1539)
- replace calls to systemctl for deb-systemd-invoke
* d/README.source:
- add file with basic explanation on the source code (GH: #2463)
* New upstream release 29 (LP: #2029144)
- anbox-cloud: add support for service
- api
+ new endpoint: u.pro.security.
+ new endpoint: u.pro.security.
+ new endpoint: u.apt_news.
+ add more data explaining the decision made for
- contract:
+ send activityInfo after cli attach, enable and disable
+ start recording when the machine has attached to a Pro subscription
+ more reliable detection when running on a docker container
- esm: create static files to pin packages from esm-infra and esm-apps with
higher priority (GH: #2580)
- fix: ignore non-USN items on related usns
- landscape: add support for the service
- logging: update to ubuntupro logging namespace
- proxy: add support for TLS-in-TLS proxy (LP: #1999909)
- snapd: look for the snapd package instead of the snap command
- system: try/except logic to remove files and folders (LP: #2025731)
-- Lucas Moura <email address hidden> Mon, 31 Jul 2023 15:46:23 +0000