lp:~alexmurray/ubuntu-security-tools

Author: Alex Murray
Author Date: 2023-09-20 00:42:24 UTC

umt: offer suggestions on invalid input

if the provided command is not known then try suggest a similar one, and same
for the package name provided to umt search.

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2023-09-14 01:40:18 UTC

umt search: treat unknown packages as an error

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2023-09-07 01:49:04 UTC

umt search: add column headings to reduce extraneous info

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2023-02-14 00:52:06 UTC

uaudit: Update template for rubocop but limit to only security checks

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2023-02-12 01:04:01 UTC

check-source-package: Add checks for devel release semantics

Versioning in devel is different than stable releases so make sure we invoke the
new python based sdch with -d in this case, plus also check that uploads for the
devel release do not contain -security pocket in the distribution.

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2023-01-22 23:07:32 UTC

Initial WIP attempt to integrate ikos with uaudit/umt

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-09-08 01:33:50 UTC

umt: Enable use of make's --output-sync

recurse is the best option overall to reduce parallel interleavings but does
cause the build output to pause for a significant amount of time.

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-08-18 01:18:35 UTC

umt upload: Show full overridden destination name in warning message

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-08-10 00:52:47 UTC

umt: Support overriding ulimit as unlimited for libbluray

It seems libbluray needs more than the previous memory limit to build for
kinetic so set this to unlimited in ulimit_pkg_exceptions and ensure this
is a supported value when handled by the code which sets this overridden
value.

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-07-18 12:42:08 UTC

umt testflinger: Support private PPAs for testflinger package source

When a ppa is specified via --repo, lookup the PPA signing key and
subscription URL so that it can be used more seamlessly via
add-apt-repository on the target device.

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-07-18 12:41:32 UTC

uaudit: Add additional python static analysis via dlint

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-06-27 11:46:27 UTC

umt: Query apt-cache / download via chdist

This avoids having to have a global
/etc/apt/sources.list.d/ubuntu-security.list so that user's can configure
their own local chdist environments instead.

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-06-08 01:07:59 UTC

uaudit: Refactor static analysis tools handling

Introduce a StaticAnalysisTool() class to encapsulate the logic needed for
each different static analysis tool and then remove all the copy-pasta'd
code which used to handle these. This should make adding new static
analysis tools as simple as defining a new instance of this object and
adding it to the static_analysis_tools list.

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-02-28 04:07:59 UTC

umt check: Use a regex to parse LP bug URLs (thanks sarnold)

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2022-02-25 04:17:32 UTC

umt grep: Avoid temporary file and pipe stdin to grep

Signed-off-by: Alex Murray <alex.murray@canonical.com>

Author: Alex Murray
Author Date: 2021-11-16 05:41:14 UTC

check-source-package: Use both full and per release rmadison output

Only call rmadison once where possible and store this as $rmadout and then
also store a new variable $rmadoutrel which is $rmadout scoped to just the
current release - this then allows us to use $rmadout for the upgradeable
version check whilst using $rmadoutrel in other checks as before.

Author: Alex Murray
Author Date: 2021-10-21 05:32:42 UTC

umt: Handle latest cve_lib API change and remove old unused PPA cruft

Author: Alex Murray
Author Date: 2021-10-14 03:04:44 UTC

Merge branch 'customer-ppa-tracking-2'

Author: Alex Murray
Author Date: 2021-07-09 05:13:28 UTC

Keep umt and ceviche working with customer-ppa-tracking-2 of UCT

Author: Alex Murray
Author Date: 2021-09-13 07:06:36 UTC

umt qrt: Add support for creating a VM if none already exists

Since both uvt and lxc can create VMs, first check if one exists with the
given name, and if not offer to create one.

Author: Alex Murray
Author Date: 2021-09-08 06:14:28 UTC

umt adt: Slight refactor of adt results handling to be more pythonic

Author: Alex Murray
Author Date: 2021-08-24 02:33:57 UTC

umt qrt: Use argparse to validate possible backend choices

Author: Alex Murray
Author Date: 2021-08-23 06:20:08 UTC

umt qrt: Push files to home on backend by default if none specified

This ensures that QRT tests which run as root get placed in /root on the
target VM etc and then can be run successfully.

Author: Alex Murray
Author Date: 2021-08-02 04:30:32 UTC

umt: Only output hyperlinks when we are sure they are supported

As per https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3cb5feda
it looks like VTE versions >= 0.50.0 support this so check for that and
only output in that case.

Author: Alex Murray
Author Date: 2020-11-25 01:38:45 UTC

umt testflinger: Capture lsb_release and uname details for devices

Author: Alex Murray
Author Date: 2020-11-04 01:07:20 UTC

check-source-package: Don't recommend to use -proposed

This is not the done-thing anymore

Author: Alex Murray
Author Date: 2020-01-09 06:21:04 UTC

umt autopkgtest: Fix missing arguments

Author: Alex Murray
Author Date: 2019-12-10 04:19:13 UTC

umt: Remove extra junk left over from previous commit

Author: Alex Murray
Author Date: 2019-10-21 00:58:20 UTC

check-source-package: Add version check to ensure we don't block upgrades

For the current package version, we need to check that it will not block
future upgrades - ie if a package has version X in release N, then it can't
have version X' in release N' where X' < X and N' > N.