[SRU] ubuntu-advantage-tools (27.10.1 -> 27.11) Xenial, Bionic, Focal, Jammy
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ubuntu-advantage-tools (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
| Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
| Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
| Focal |
Fix Released
|
Undecided
|
Unassigned | ||
| Jammy |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
[Archive-Admin sign-off]
If you are an archive admin aware of those changes and agree with them, please sign off below:
- sil2100
[Impact]
This release sports both bug-fixes and new features and we would like to
make sure all of our supported customers have access to these
improvements. The notable ones are:
* The rebranding done to match the launch of Ubuntu Pro
- 'esm-apps' is now generally available as a non-beta service
- Messages, commands and services have been reworded/rewritten to use `pro` and the Ubuntu Pro defined terms
* A new public API is being released, with a few starting endpoints. This feature will grow in subsequent releases as more endpoints are added
* Improvements in auto-attach to better integrate with cloud-init
* Magic attach endpoints let users attach without explicitly providing a token
* The security-status command output has information like 'ubuntu-
* Fix a LP bug where an APT auth file was growing exponentially (LP: #1985863)
* Several improvements and bug fixes
See the changelog entry below for a full list of changes and bugs.
[Test Case]
The following development and SRU process was followed:
https:/
The ubuntu-
console output of the appropriate run to the bug. ubuntu-
members will not mark ‘verification-done’ until this has happened.
* Automated Test Results
We have run the full ubuntu-
You can verify the correct version was used by checking the output of the first test in each file, which prints the version number.
[Regression Potential]
People may still be relying on `ua` as a command in their scripts instead of `pro`. To avoid regression, `ua` will still be generally available as a CLI alias.
Changes in the text/messages are done for the CLI commands output, but the machine-readable data provided by the client has not changed their schema in any way, so scripts relying on the client will not break.
Changes for both text and functionality are covered by the integration test suite - which should be executed and passing as part of this SRU process.
Other changes introduce new features or options, and there is no expected risk of regression there.
[Discussion]
The most discussed change here is delivering /usr/bin/pro. Below is a list of Risks /Thoughts that have been taken into consideration already:
1) Direct collisions
a)Checking for a conflicting reference in any of https:/
b) Checked /usr/share/
c) Checked apt-file for “pro” files across releases, no binaries or files just with the name “pro” found
2) User script collisions
a) We know they may happen - for the devel+next release it is not a problem at all, as users will adapt to what is in the distro
b) For the stable releases it may break user-defined scripts; we considered this to be a minor risk in face of the business justification for adding 'pro', and users can adapt their PATH as a workaround.
c) Those user defined scripts may also be installed directly into /usr/bin/pro. Even in this case, the PATH workaround can be done if they move their custom executable to /usr/local/bin/pro, which is the recommended anyway.
d) If there really is an issue with this reported to us, we might consider an update to soften this up (in old releases) by moving the on disk alias (it is just a symlink) to a separate package and only recommend.
3) Not being an open door to add more and more names
a)The team has spoken about this and the general conclusion is that it should not happen - the `pro` change is motivated by a product rebranding/
b)If the client delivered via the ubuntu-
4) Philosophy/Meaning collision
a) While looking around we have found a few “pro” things in the archive. But due to the nature of Ubuntu these never were about professional offerings (ours is the only one added now). Instead we found PROtein related tools, PROject file formats, testing tools for rePROducing stuff - but nothing ever was pro as in PROfessional.
b) It is not a violation of behavior to provide commercial services in a default installed package. As Steve explained [1] it is for a clean user interface to consume those, and since all of these paid and unpaid offerings are rebranded to “Pro” not having a pro entry point would be a disservice.
[1]: https://<email address hidden>
[Other Info]
We turned off a feature that got flagged in review: automated adding of the ESM repository to sources.list after the ESM date to report on the number of available ESM updates. However a second instance of the same bug exists in postinst, introduced in a previous update. We won't touch it in this SRU, but will need to fix it in a future SRU. This is bug 1990378.
[Changelog]
* d/control:
- Update VCS references
* d/links:
- add usr/bin/pro as an alias to ubuntu-advantage
* d/postinst:
- include root_mode parameter when creating UAConfig instances
- change calls to add_notice to notice_file.add
- create public machine-token file if it does not exist
* New upstream release 27.11 (LP: #1989279)
- api:
+ new `pro api` command to access the public client API
+ 'version' endpoint returning version information
+ 'should auto attach' endpoint informing if a system should run
auto-attach on startup
+ 'full auto attach' endpoint performing auto-attach
+ 'magic attach' endpoints for the Magic Attach flow
- auto-attach:
+ better errors for invalid pro images (GH: #2180, #1833)
+ don't detach on already auto-attached instances
+ no-op when ubuntu-advantage information is present on cloud-init userdata
+ change systemd unit to run after cloud-config
- cli:
+ cli: better error message on unrecognized flags (GH: #672)
- collect-logs:
+ can now be executed as a non-root user
+ is executed automatically and result is appended when using apport to
report a bug
- docs:
+ now formatted to be built with sphinx, and published in readthedocs
+ added explanation on how auto-attach works (GH: #2179)
- enable:
+ new access-only flag for usecases where auto-install is undesired
+ fix apt auth line replacement (LP: #1985863)
- esm-apps: generally available as non-beta as part of Ubuntu Pro
- fix: check if livepatch has already fixed a CVE before attempting a fix
- jobs: new timer job to check if the release reached end of support
- magic-attach: new way to attach a machine without using a token directly
- pro:
+ Ubuntu Pro is released as a product
+ make `pro` the recommended executable for the client
+ client, apt and motd messages updated/rewritten to show Pro
information
+ base URL changed from /advantage to /pro
+ ESM services renamed as part of Pro
- ros: released as a non-beta entitlement
- security-status
+ does not require the --format flag anymore
+ human readable output added based on ubuntu-
+ machine readable output contains CVEs fixed by Livepatch
+ package counts include all esm-infra and esm-apps repositories
- status:
+ don't show unavailable services by default (GH: #2156, #2159)
+ expiry date formatted based on timezone (GH: #695)
+ non-root users get the current status instead of a cached version
+ --wait flag now working for non-root users
- version: warn about new available versions of the client in CLI command
output and API calls
Related branches
- Robie Basak: Approve (ubuntu-sru)
- Paride Legovini (community): Approve
-
Diff: 34580 lines (+14190/-5940)218 files modified.github/workflows/ci-integration.yaml (+8/-3)
.github/workflows/cla-check.yaml (+12/-0)
.readthedocs.yaml (+14/-0)
CONTRIBUTING.md (+6/-0)
Makefile (+1/-0)
README.md (+33/-32)
apport/source_ubuntu-advantage-tools.py (+29/-0)
apt-hook/hook.cc (+2/-6)
apt-hook/json-hook.cc (+3/-12)
apt-hook/json-hook.test.cc (+22/-22)
debian/changelog (+60/-0)
debian/control (+2/-2)
debian/ubuntu-advantage-tools.links (+2/-0)
debian/ubuntu-advantage-tools.postinst (+26/-3)
dev-docs/explanations/how_auto_attach_works.md (+57/-0)
dev-docs/howtoguides/how_to_use_magic_attach_endpoints.md (+168/-0)
dev-docs/howtoguides/testing.md (+12/-4)
dev-docs/howtoguides/use_staging_environment.md (+13/-0)
dev-docs/references/directory_layout.md (+11/-0)
dev-docs/references/what_happens_during_attach.md (+2/-1)
dev/null (+0/-9)
docs-requirements.txt (+4/-0)
docs/README.md (+11/-0)
docs/conf.py (+52/-0)
docs/explanations/apt_messages.md (+19/-29)
docs/explanations/how_to_interpret_the_security_status_command.md (+7/-0)
docs/explanations/motd_messages.md (+15/-18)
docs/explanations/status_columns.md (+2/-3)
docs/explanations/what_are_the_timer_jobs.md (+1/-1)
docs/howtoguides/create_pro_golden_image.md (+7/-17)
docs/howtoguides/enable_cc.md (+28/-0)
docs/howtoguides/enable_realtime_kernel.md (+62/-0)
docs/howtoguides/enable_ua_in_dockerfile.md (+1/-1)
docs/howtoguides/get_token_and_attach.md (+1/-1)
docs/howtoguides/how_to_run_ua_fix_in_dry_run_mode.md (+1/-1)
docs/howtoguides/how_to_simulate_attach.md (+1/-1)
docs/index.rst (+58/-0)
docs/references/support_matrix.md (+3/-1)
docs/tutorials/basic_ua_commands.md (+6/-7)
docs/tutorials/create_a_fips_updates_pro_cloud_image.md (+65/-0)
docs/tutorials/ua_fix_scenarios.md (+9/-9)
features/_version.feature (+8/-8)
features/api.feature (+52/-0)
features/api_full_auto_attach.feature (+39/-0)
features/api_magic_attach.feature (+74/-0)
features/apt_messages.feature (+328/-0)
features/attach_invalidtoken.feature (+10/-10)
features/attach_validtoken.feature (+37/-170)
features/attached_commands.feature (+189/-240)
features/attached_enable.feature (+251/-183)
features/attached_status.feature (+168/-3)
features/cloud.py (+7/-15)
features/cloud_pro_clone.feature (+65/-0)
features/collect_logs.feature (+4/-14)
features/daemon.feature (+16/-16)
features/detached_auto_attach.feature (+7/-7)
features/docker.feature (+3/-3)
features/enable_fips_cloud.feature (+36/-36)
features/enable_fips_container.feature (+11/-11)
features/enable_fips_pro.feature (+15/-15)
features/enable_fips_vm.feature (+68/-66)
features/environment.py (+104/-77)
features/fix.feature (+58/-60)
features/install_uninstall.feature (+2/-2)
features/motd_messages.feature (+163/-0)
features/proxy_config.feature (+127/-127)
features/realtime_kernel.feature (+49/-12)
features/schemas/api_response.json (+64/-0)
features/schemas/magic_attach.json (+24/-0)
features/schemas/ua_security_status.json (+19/-0)
features/security_status.feature (+542/-0)
features/staging_commands.feature (+6/-53)
features/steps/steps.py (+216/-74)
features/ubuntu_pro.feature (+167/-59)
features/ubuntu_pro_fips.feature (+100/-113)
features/ubuntu_upgrade.feature (+25/-23)
features/ubuntu_upgrade_unattached.feature (+3/-5)
features/unattached_commands.feature (+135/-103)
features/unattached_status.feature (+467/-176)
features/util.py (+67/-42)
help_data.yaml (+10/-11)
integration-requirements.txt (+1/-1)
lib/auto_attach.py (+69/-0)
lib/daemon.py (+2/-2)
lib/patch_status_json.py (+4/-4)
lib/reboot_cmds.py (+10/-8)
lib/timer.py (+7/-2)
lib/upgrade_lts_contract.py (+16/-10)
setup.py (+5/-1)
systemd/ua-auto-attach.service (+2/-1)
tools/create-lp-release-branches.sh (+2/-3)
tools/refresh-aws-pro-ids (+3/-3)
tools/run-integration-tests.py (+37/-27)
tools/test-in-lxd.sh (+2/-2)
tools/ua.bash (+1/-1)
tox.ini (+4/-3)
uaclient-devel.conf (+1/-1)
uaclient.conf (+3/-3)
uaclient/actions.py (+170/-10)
uaclient/api/__init__.py (+0/-0)
uaclient/api/api.py (+144/-0)
uaclient/api/data_types.py (+69/-0)
uaclient/api/errors.py (+61/-0)
uaclient/api/exceptions.py (+40/-0)
uaclient/api/tests/__init__.py (+0/-0)
uaclient/api/tests/test_api.py (+310/-0)
uaclient/api/tests/test_api_u_pro_attach_auto_should_auto_attach.py (+49/-0)
uaclient/api/tests/test_api_u_pro_attach_magic_wait_v1.py (+147/-0)
uaclient/api/tests/test_api_u_pro_version.py (+26/-0)
uaclient/api/tests/test_u_pro_attach_auto_full_auto_attach_v1.py (+161/-0)
uaclient/api/u/__init__.py (+0/-0)
uaclient/api/u/pro/__init__.py (+0/-0)
uaclient/api/u/pro/attach/__init__.py (+0/-0)
uaclient/api/u/pro/attach/auto/__init__.py (+0/-0)
uaclient/api/u/pro/attach/auto/full_auto_attach/__init__.py (+0/-0)
uaclient/api/u/pro/attach/auto/full_auto_attach/v1.py (+149/-0)
uaclient/api/u/pro/attach/auto/should_auto_attach/__init__.py (+0/-0)
uaclient/api/u/pro/attach/auto/should_auto_attach/v1.py (+41/-0)
uaclient/api/u/pro/attach/magic/__init__.py (+0/-0)
uaclient/api/u/pro/attach/magic/initiate/__init__.py (+0/-0)
uaclient/api/u/pro/attach/magic/initiate/v1.py (+55/-0)
uaclient/api/u/pro/attach/magic/revoke/__init__.py (+0/-0)
uaclient/api/u/pro/attach/magic/revoke/v1.py (+39/-0)
uaclient/api/u/pro/attach/magic/wait/__init__.py (+0/-0)
uaclient/api/u/pro/attach/magic/wait/v1.py (+118/-0)
uaclient/api/u/pro/version/__init__.py (+0/-0)
uaclient/api/u/pro/version/v1.py (+39/-0)
uaclient/apt.py (+111/-43)
uaclient/cli.py (+244/-279)
uaclient/clouds/aws.py (+5/-5)
uaclient/clouds/azure.py (+4/-4)
uaclient/clouds/gcp.py (+9/-7)
uaclient/clouds/identity.py (+4/-4)
uaclient/clouds/tests/test_aws.py (+3/-3)
uaclient/clouds/tests/test_azure.py (+6/-6)
uaclient/clouds/tests/test_gcp.py (+9/-7)
uaclient/clouds/tests/test_identity.py (+9/-9)
uaclient/config.py (+56/-257)
uaclient/conftest.py (+30/-9)
uaclient/contract.py (+209/-34)
uaclient/contract_data_types.py (+312/-0)
uaclient/daemon.py (+8/-8)
uaclient/data_types.py (+63/-8)
uaclient/defaults.py (+11/-2)
uaclient/entitlements/__init__.py (+45/-0)
uaclient/entitlements/base.py (+58/-36)
uaclient/entitlements/cc.py (+15/-6)
uaclient/entitlements/cis.py (+3/-2)
uaclient/entitlements/entitlement_status.py (+4/-3)
uaclient/entitlements/esm.py (+36/-12)
uaclient/entitlements/fips.py (+37/-25)
uaclient/entitlements/livepatch.py (+33/-23)
uaclient/entitlements/realtime.py (+16/-8)
uaclient/entitlements/repo.py (+46/-23)
uaclient/entitlements/ros.py (+0/-1)
uaclient/entitlements/tests/conftest.py (+18/-6)
uaclient/entitlements/tests/test_base.py (+49/-14)
uaclient/entitlements/tests/test_cc.py (+30/-18)
uaclient/entitlements/tests/test_cis.py (+5/-4)
uaclient/entitlements/tests/test_esm.py (+32/-37)
uaclient/entitlements/tests/test_fips.py (+68/-48)
uaclient/entitlements/tests/test_livepatch.py (+243/-124)
uaclient/entitlements/tests/test_repo.py (+72/-32)
uaclient/event_logger.py (+8/-16)
uaclient/exceptions.py (+82/-29)
uaclient/files.py (+433/-0)
uaclient/jobs/eol_status.py (+13/-0)
uaclient/jobs/tests/__init__.py (+0/-0)
uaclient/jobs/tests/test_update_messaging.py (+111/-136)
uaclient/jobs/update_messaging.py (+102/-85)
uaclient/lock.py (+2/-2)
uaclient/messages.py (+234/-84)
uaclient/security.py (+66/-31)
uaclient/security_status.py (+498/-74)
uaclient/serviceclient.py (+16/-5)
uaclient/snap.py (+7/-7)
uaclient/status.py (+74/-41)
uaclient/system.py (+479/-0)
uaclient/tests/test_apt.py (+134/-70)
uaclient/tests/test_cli.py (+122/-28)
uaclient/tests/test_cli_api.py (+64/-0)
uaclient/tests/test_cli_attach.py (+30/-26)
uaclient/tests/test_cli_auto_attach.py (+26/-117)
uaclient/tests/test_cli_collect_logs.py (+39/-54)
uaclient/tests/test_cli_config_set.py (+20/-9)
uaclient/tests/test_cli_config_show.py (+24/-10)
uaclient/tests/test_cli_config_unset.py (+18/-7)
uaclient/tests/test_cli_detach.py (+7/-8)
uaclient/tests/test_cli_disable.py (+42/-26)
uaclient/tests/test_cli_enable.py (+38/-17)
uaclient/tests/test_cli_fix.py (+8/-4)
uaclient/tests/test_cli_refresh.py (+17/-14)
uaclient/tests/test_cli_security_status.py (+70/-33)
uaclient/tests/test_cli_status.py (+184/-98)
uaclient/tests/test_config.py (+201/-192)
uaclient/tests/test_contract.py (+457/-22)
uaclient/tests/test_daemon.py (+10/-10)
uaclient/tests/test_data_types.py (+296/-1)
uaclient/tests/test_eol_status.py (+83/-0)
uaclient/tests/test_event_logger.py (+20/-2)
uaclient/tests/test_files.py (+175/-0)
uaclient/tests/test_gpg.py (+5/-5)
uaclient/tests/test_lib_auto_attach.py (+98/-0)
uaclient/tests/test_lock.py (+2/-2)
uaclient/tests/test_patch_status_json.py (+8/-8)
uaclient/tests/test_reboot_cmds.py (+3/-3)
uaclient/tests/test_security.py (+109/-79)
uaclient/tests/test_security_status.py (+149/-53)
uaclient/tests/test_snap.py (+5/-5)
uaclient/tests/test_status.py (+117/-129)
uaclient/tests/test_system.py (+953/-0)
uaclient/tests/test_ua_timer.py (+3/-1)
uaclient/tests/test_upgrade_lts_contract.py (+6/-1)
uaclient/tests/test_util.py (+29/-795)
uaclient/tests/test_version.py (+70/-2)
uaclient/util.py (+67/-449)
uaclient/version.py (+53/-5)
ubuntu-advantage.1 (+41/-39)
| description: | updated |
| description: | updated |
| description: | updated |
| description: | updated |
| Robie Basak (racb) wrote Please test proposed package | #2 |
| Changed in ubuntu-advantage-tools (Ubuntu Jammy): | |
| status: | New → Fix Committed |
| tags: | added: verification-needed verification-needed-jammy |
| Changed in ubuntu-advantage-tools (Ubuntu Focal): | |
| status: | New → Fix Committed |
| tags: | added: verification-needed-focal |
| Robie Basak (racb) wrote | #3 |
| Changed in ubuntu-advantage-tools (Ubuntu Bionic): | |
| status: | New → Fix Committed |
| tags: | added: verification-needed-bionic |
| Robie Basak (racb) wrote | #4 |
| Launchpad Janitor (janitor) wrote | #5 |
| Changed in ubuntu-advantage-tools (Ubuntu): | |
| status: | New → Fix Released |
| Robie Basak (racb) wrote | #6 |
| Changed in ubuntu-advantage-tools (Ubuntu Xenial): | |
| status: | New → Fix Committed |
| tags: | added: verification-needed-xenial |
| Robie Basak (racb) wrote | #7 |
| Robie Basak (racb) wrote | #8 |
| Robie Basak (racb) wrote | #9 |
| Robie Basak (racb) wrote | #10 |
| Chris Halse Rogers (raof) wrote | #11 |
| Chris Halse Rogers (raof) wrote | #12 |
| Chris Halse Rogers (raof) wrote | #13 |
| Chris Halse Rogers (raof) wrote | #14 |
| Renan Rodrigo (renanrodrigo) wrote | #15 |
| description: | updated |
| tags: |
added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-xenial removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-xenial |
| Launchpad Janitor (janitor) wrote | #16 |
| Changed in ubuntu-advantage-tools (Ubuntu Xenial): | |
| status: | Fix Committed → Fix Released |
| Steve Langasek (vorlon) wrote Update Released | #17 |
| Launchpad Janitor (janitor) wrote | #18 |
| Changed in ubuntu-advantage-tools (Ubuntu Bionic): | |
| status: | Fix Committed → Fix Released |
| Launchpad Janitor (janitor) wrote | #19 |
| Changed in ubuntu-advantage-tools (Ubuntu Focal): | |
| status: | Fix Committed → Fix Released |
| Launchpad Janitor (janitor) wrote | #20 |
| Changed in ubuntu-advantage-tools (Ubuntu Jammy): | |
| status: | Fix Committed → Fix Released |
With my not-too-experienced Ubuntu Archive hat, per the due diligence done in the [Discussion] section, I'm approving of this namespace change.