[SRU] magnum 4.1.3

Bug #1706318 reported by sean redmond on 2017-07-25
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu Cloud Archive
Status tracked in Pike
Ocata
Medium
Unassigned
Pike
Medium
Unassigned
magnum (Ubuntu)
Status tracked in Artful
Zesty
Medium
Unassigned
Artful
Medium
Unassigned

Bug Description

[Impact]
The version of Magnum on Zesty is the original 4.1.0 release for Ocata; the project have pushed out three patch releases since then resolving a number of issues:

4.1.3
-----

* Add Kubernetes API Service IP to x509 certificates
* Use lowercase keys for swarm waitcondition signal
* Pass a mutable target to oslo policy enforcer

4.1.2
-----

* Remove reliance on osprofiler configuration section
* Fix rexray systemd unit
* Enable custom keystone endpoint_type in templates
* Fix keystone auth_uri and auth_url
* Pass 'client', 'message' param to AuthorizationFailure Exception
* Fix usage of the trustee user in K8S Cinder plugin
* Set clustertemplate:publish to admin only
* Add net creating in install-guide
* Fix config type of copy_logs from string to Boolean

4.1.1
-----

* Pass 'context' to create_client_files method
* Pin images for ocata
* Missing root-ca-file parameter for proper service account support
* Fix CVE-2016-7404

[Test Case]
Deploy magnum; validate for any regressions - original bug reporter to own this task as magnum deployment and testing is not covered by Ubuntu OpenStack CI at this point in time.

[Regression Potential]
Minimal; OpenStack projects have a good track record of not introducing regressions as part of minor patch releases so this should be low risk.

[Original Bug Report]
There is an upstream bug fix https://bugs.launchpad.net/magnum/+bug/1689797 that is in the current UCA packages 4.1.0-0ubuntu1~cloud0 This seems to be fixed in openstack/magnum 4.1.3 release.

How is it possible to get the UCA package updated?

CVE References

James Page (james-page) wrote :

Hi Sean

If you're able to commit to testing an update in the Ocata UCA and in its associated source release, Ubuntu Zesty, I'd be happy to upload a new point release of Magnum to 4.1.3.

Changed in cloud-archive:
status: New → Incomplete
importance: Undecided → Medium
sean redmond (sean-redmond1) wrote :

Sure I can set aside some time to test this.

sean redmond (sean-redmond1) wrote :

Did you have chance to upload a new point release of Magnum for testing?

James Page (james-page) on 2017-08-07
Changed in cloud-archive:
status: Incomplete → Triaged
James Page (james-page) on 2017-08-07
Changed in magnum (Ubuntu Zesty):
status: New → Triaged
Changed in magnum (Ubuntu Artful):
status: New → Triaged
Changed in magnum (Ubuntu Zesty):
importance: Undecided → Medium
Changed in magnum (Ubuntu Artful):
importance: Undecided → Medium
James Page (james-page) wrote :

I've uploaded magnum 4.1.3 to the zesty queue for SRU team review; once accepted into zesty, this version will auto-backport to the Ocata UCA as well.

description: updated
summary: - UCA magnum packages require updating
+ [SRU] magnum 4.1.3
Changed in magnum (Ubuntu Artful):
status: Triaged → Fix Released
description: updated
description: updated
Brian Murray (brian-murray) wrote :

The test case section of the bug report indicates that magnum is not covered by Openstack CI at this point in time, however the Stable Release Update policy for microreleases, https://wiki.ubuntu.com/StableReleaseUpdates#New_upstream_microreleases, indicates that automated testing shall exist. Is there any automated testing of magnum itself?

Changed in magnum (Ubuntu Zesty):
status: Triaged → Incomplete
sean redmond (sean-redmond1) wrote :

There are a number of gate tests that are running as apart of the magnum project code reviews:

4.1.3
-----

* Add Kubernetes API Service IP to x509 certificates - https://review.openstack.org/#/c/485370/
* Use lowercase keys for swarm waitcondition signal - https://review.openstack.org/#/c/474972/
* Pass a mutable target to oslo policy enforcer - https://review.openstack.org/#/c/474502/

4.1.2
-----

* Remove reliance on osprofiler configuration section - https://review.openstack.org/#/c/454812/
* Fix rexray systemd unit - https://review.openstack.org/#/c/467901/
* Enable custom keystone endpoint_type in templates - https://review.openstack.org/#/c/463602/
* Fix keystone auth_uri and auth_url - https://review.openstack.org/#/c/464328/
* Pass 'client', 'message' param to AuthorizationFailure Exception - https://review.openstack.org/#/c/464187/
* Fix usage of the trustee user in K8S Cinder plugin - https://review.openstack.org/#/c/456501/
* Set clustertemplate:publish to admin only
* Add net creating in install-guide - https://review.openstack.org/#/c/461655/
* Fix config type of copy_logs from string to Boolean - https://review.openstack.org/#/c/461430/

4.1.1
-----

* Pass 'context' to create_client_files method - https://review.openstack.org/#/c/444149/
* Pin images for ocata - https://review.openstack.org/#/c/438279/
* Missing root-ca-file parameter for proper service account support - https://review.openstack.org/#/c/436559/
* Fix CVE-2016-7404 - https://review.openstack.org/#/c/437051/

Hello sean, or anyone else affected,

Accepted magnum into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/magnum/4.1.3-0ubuntu0.17.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-zesty to verification-done-zesty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-zesty. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in magnum (Ubuntu Zesty):
status: Incomplete → Fix Committed
tags: added: verification-needed verification-needed-zesty
James Page (james-page) wrote :

Hello sean, or anyone else affected,

Accepted magnum into ocata-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:ocata-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-ocata-needed to verification-ocata-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-ocata-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-ocata-needed

The verification of the Stable Release Update for magnum has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Ryan Beisner (1chb1n) wrote :

This bug was fixed in the package magnum - 4.1.3-0ubuntu0.17.04.1~cloud0
---------------

 magnum (4.1.3-0ubuntu0.17.04.1~cloud0) xenial-ocata; urgency=medium
 .
   * New upstream release for the Ubuntu Cloud Archive.
 .
 magnum (4.1.3-0ubuntu0.17.04.1) zesty; urgency=medium
 .
   * New upstream stable release (LP: #1706318).

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers