Release adsys 0.12.0

This bug was fixed in the package adsys - 0.12.0

---------------
adsys (0.12.0) mantic; urgency=medium

  [ Denison Barbosa ]
  [ Didier Roche ]
  [ Gabriel Nagy ]
  [ Jean-Baptiste Lallement ]
  * Release 0.12.0 (LP: #2020682)
    - Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf
    - Go implementation for the user mount handler
    - Remove Rust source code from adsys
    - Rework Kerberos ticket handling logic:
      - to satisfy the Heimdal implementation of Kerberos, we now store and use
        a root-owned copy of the cached ticket
      - the ticket lifetime is still handled via a symlink, and the copy is
        kept up to date based on the original ticket timestamp
    - Ensure empty state for dconf policy
    - Handle case mismatches in GPT.INI file name
    - Refactor ListActiveUsers gRPC function
    - Add adsysctl policy purge command to purge applied policies
    - Rework policy application sync strategy
    - Print logs when policies are up to date
    - Bump Go version to 1.20
    - Update dependencies to latest:
      - github.com/charmbracelet/bubbles
      - github.com/charmbracelet/bubbletea
      - github.com/sirupsen/logrus
      - github.com/spf13/cobra
      - github.com/stretchr/testify
      - golang.org/x/net
      - golang.org/x/sync
      - golang.org/x/sys
      - google.golang.org/grpc
    - CI and quality of life changes not affecting package functionality:
      - peter-evans/create-pull-request
      - Apply clang-format to C source files
      - Remove Rust related code from CI and tests
      - Improve test consistency
      - Fix documentation example images

 -- Denison Barbosa <email address hidden> Fri, 26 May 2023 07:11:55 -0400

Please see https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2012371 - please address the concerns written there before we proceed with this SRU.

Also, since I don't know the adsys codebase, how does the automated testing story for it look like? Does it have a thorough test suite? Autopkgtests?

Hey, @sil2100! ubuntu-proxy-manager is just a suggested package and its absence does not impact adsys functionality. We will address the dependency later but do not want to block the release of adsys on this package.

Our whole test suite is automated through GitHub actions, which can be found at: https://github.com/ubuntu/adsys/blob/main/.github/workflows/qa.yaml. Every Go package developed by us is tested and we also have integration tests for the whole adsys package, with 86% source coverage, as shown on https://app.codecov.io/gh/ubuntu/adsys.

I see that we've done this sort of wholesale backport once before, but this doesn't seem like it falls under the "other safe cases" part of the SRU criteria: https://wiki.ubuntu.com/StableReleaseUpdates#Other_safe_cases

It seems like this should have a more formal process? I don't see any special case documentation on the wiki, nor can I find it discussed on ubuntu-release.

Now an ubuntu-release thread: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html

Ubuntu 23.04 (Lunar Lobster) has reached end of life, so this bug will not be fixed for that specific release.

Hello Denison, or anyone else affected,

Accepted adsys into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/adsys/0.14.1~22.04 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

This bug was fixed in the package adsys - 0.14.1~22.04

---------------
adsys (0.14.1~22.04) jammy; urgency=medium

  * Backport 0.14.1 to jammy (LP: #2059756)
    - Build with Go 1.22
    - Disable dh_dwz on account of go >= 1.19 compressing symbols itself
      (fixed in newer dh_golang)
    - Revert incorrect prerm purge stanza

adsys (0.14.1build1) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

adsys (0.14.1) noble; urgency=medium

  * Pin Go toolchain to 1.22.1 to fix the following security vulnerabilities:
    - GO-2024-2598
    - GO-2024-2599
  * Update apport hook to include journal errors and package logs
  * CI and quality of life changes not impacting package functionality:
    - Enable end-to-end tests in GitHub Actions
    - Remove stale AD resources on test finish
    - Add developer documentation for running end-to-end tests
    - Collect and upload end-to-end test logs on failure
    - Report test coverage in Cobertura XML format
    - Silence gosec warnings using nolint and remove deprecated ifshort linter
    - Use an environment variable to update golden files
    - Bump github actions to latest:
      - azure/login
      - softprops/action-gh-release
  * Update dependencies to latest:
    - github.com/charmbracelet/lipgloss
    - github.com/golangci/golangci-lint
    - github.com/golang/protobuf
    - github.com/stretchr/testify
    - golang.org/x/crypto
    - golang.org/x/net
    - google.golang.org/grpc
    - google.golang.org/protobuf

adsys (0.14.0) noble; urgency=medium

  * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061)
    - This functionality is opt-in and activated if the detect_cached_ticket
      setting is set to true
    - If the AD backend (e.g. sssd) doesn't export the KRB5CCNAME variable, adsys
      will now determine the path to the default ticket cache and use it during
      authentication (when adsys is executed through the PAM module) and runs of
      adsysctl update for the current user.
  * Allow sssd backend to work without ad_domain being set (LP: #2054445)
  * Upgrade to Go 1.22
  * CI and quality of life changes not impacting package functionality:
    - Pass token explicitly to Codecov action
    - Fix require outside of main goroutine
    - Mark function arguments as unused where applicable
      Thanks to Edu Gómez Escandell
    - End to end test VM template creation updates
    - Bump github actions to latest:
      - codecov/codecov-action
      - peter-evans/create-pull-request
  * Update dependencies to latest:
    - github.com/charmbracelet/bubbles
    - github.com/golangci/golangci-lint
    - golang.org/x/crypto
    - golang.org/x/net
    - google.golang.org/grpc

adsys (0.13.3) noble; urgency=medium

  * Fix cert auto-enroll without NDES (LP: #2051363)
  * Refresh policy definition files (remove Lunar support)
  * CI and quality of life changes not impacting package functionality:
    - Bump github actions to latest:
      - actions/download-artifact
      - actions/setup-go
      - actions/upload-artifact
  * Update dependencies to latest:
    - github.com/charmbracelet/bubbles
    - github.com/charmbracelet/bubbletea
    - github.com/google/uuid
    -...

The verification of the Stable Release Update for adsys has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.