New changelog entries:
* New upstream release 20.3:
- ubuntu-pro: automatically reattach across instance id delta
(LP: #1867573)
- integration testing:
+ add behave tests ua subcommands for attached vm
+ add invalid token tests
+ add reuse_container test docs
+ refactor token parameter
* d/templates: add a debconf note on upgrade from pre-ubuntu pro package
* d/control: create a separate ubuntu-advantage-pro package which
delivers the tooling and scripts necessary to auto-attach pro machines
This change breaks/replaces ubuntu-advantage-tools <= 20.1
* d/maintscript: rm_conffile /etc/init/ua-auto-attach.conf from ua-tools pkg
* d/postint: remove stale systemd symlinks which have migrated to ubuntu-pro
* d/rules: only install the apt hook on trusty
* d/rules: provide --no-start to debhelper to avoid auto-attach on pkg install
* Release 20.2:
- ubuntu-pro:
+ azure: fix detection of DatasourceAzureNet as azure on trusty
+ generalize identity_doc to return dict instead of string
+ auto-attach: any 4XX errors during auto-attach are the result of non-Pro
+ auto-attach: handle 403 errors raised by contract server for invalid vms
- attach: persist any status config changes after attach failures
- output: add messaging using a different subscription if attached
* Release 20.1:
- azure-pro, support for azure ubuntu pro auto-attach:
+ add azure auto-attach instance as valid cloud_instance_factory
+ add azure cloud instance module and tests
+ generalize request_aws_contract_token for multiple cloud_types
+ contract: request_auto_attach_contract_token takes an instance param
- constraints: add constraint on pyyaml version in trusty
- auto-attach: move duplicate invalid cloud_type check out of cli
* d/postinst: only configure ESM on supported architectures (LP: #1851858)
[Andreas Hasenack]
* d/postinst: rename existing ubuntu-esm-precise.list file to trusty.
This fixes the upgrade path from precise to trusty and to this client
while esm is enabled (LP: #1850672)
* Release 19.7:
- aws: handle missing SYS_HYPERVISOR_PRODUCT_UUID
- aws-pro: support for aws ubuntu pro auto-attach
- pro: add cloud identity module and fix unit tests
- pro: update systemd service and upstart boot scripts to auto-attach
- pro: esm do not do apt pin never on disable on xenial or bionic
- pro: esm-apps has origin UbuntuESMApps and esm-infra is UbuntuESM
- status: dynamic status available now from refreshed machine-token
- uaclient: update customer visible messages after UX review
- esm-apps: allow unattended security upgrades for esm-apps
- systemd: needs WantedBy=multi-user.target to get pulled into boot
- cli: update docstring to describe errors raised from auto-attach
- keyrings: update ubuntu-advantage-esm-apps.gpg with correct key
- repo: match strict repo url in apt-policy to avoid esm substring matches
- esm: don't disable_apt_auth_only for ESM entitlements
- initial implementation of esm-apps
- repo: don't raise exception in application_status if aptURL missing
- entitlements: rely solely on contract server for repo_url
- cli: exit 0 if already attached
- cli: use decorators for action_attach and action_attach_premium
- cli: add assert_not_attached decorator
- status: custom descriptions for n/a service status
* New upstream release. Main changes:
- drop SSO interactive login support
- d/control: no longer depend on pymacaroons, which was only needed for
the SSO interactive login support
- drop keyrings for services not supported in trusty: cc-eal, fips,
fips-updates, cis audit
- make sure /var/lib/ubuntu-advantage/private has 0700 perms
- rename esm to esm-infra. Also handle upgrades
- don't unecessarily remove config files that are already handled by dpkg
- expand the apt related runtime dependencies
- handle sources.list.d esm snippet when release upgrading from precise
- ua status now reports availability of services even in unattached state
- the "ua status" output was changed, including the json format option
- drop "ua status" call in postinst as it now requires internet access and
that is restricted in LP builders and test runners.
- fix the d/t/usage DEP8 test that was also using status
New changelog entries:
* New upstream release (LP: #1832757):
- packaging:
+ d/control: depend on libapt-pkg<ABI_VERSION> to use pin-priority never
+ d/postinst: adjust logfile permissions
+ d/postinst: remove public files and generate status cache on upgrade
+ d/postinst: Remove the old CACHE_DIR in postinst
+ d/postrm: remove log files on package purge
+ d/postrm: remove the ESM pinning file on purge
+ trusty should remove v1 esm key if present after upgrade
+ keyrings: regenerate keyrings on a trusty host
+ refresh keyrings to match current production for fips and cc-eal
- apt:
+ all repo entitlements now call apt-get update on enable
+ enable -updates if -updates from the Ubuntu archive is enabled
+ Add basic i18n (good enough for lang packs)
+ retry apt install and update commands 3 times simple backoff
+ write commented -updates lines instead of omitting them
- attach/detach:
+ added --no-auto-enable option
+ suppress messages from inapplicable default entitlements
+ two-factor auth reprompt only two-factor auth on failed 2fa
+ honour enableByDefault obligations from contract server
+ livepatch: no auto-enable on attach for trusty
+ don't attempt to disable inapplicable entitlements during detach
+ check for root before checking for attach in assert_attached_root
- status:
+ add --json cli formatting option
+ emit a SERVICE header in status output
+ redact technical support and expiry for free contracts
+ unentitled services will report n/a
- cc-eal:
+ add a warning about download size before install
+ change cc to cc-eal in docs, parameters and commandline help
- esm:
+ add esm-v2 gpg keyring, drop old keyring, ignore aptKey directive
+ and livepatch auto enabled on attach where supported
+ on upgrade do not install preferences to pin never if esm enabled
+ remove only the apt auth entry on disable, leaving sources.list
+ use Pin-Priority never apt preference file to disable esm initially
- fips:
+ display as pending when linux-fips is not the running kernel
+ only install/upgrade optional packages that are already on the system
- logs:
+ no longer redact secrets as logfile is root read-only
+ separate console log devel from logfile level
+ remove level from messages to the console
- add subcommand to refresh all contract details
- config: allow contract_url and sso_auth_url to have a trailing slash
- docker: fix persisting generated uuid on images without machine-id files
- environ: allow lowercase ua_<config_option> overrides
- repo: un-comment ESM sources.list lines on repo disable
- updated manpage and help docs
New changelog entries:
* Ubuntu Advantage Tools rewrite in Python (LP: #1814157):
- Allow attaching a system to a contract or account
- More complete status output, dropping MOTD updates
- Easily enable and disable services offered
* Have ua status cope with the additional livepatch of running a kernel
that is not supported for livepatches.
* Have an option for enable-livepatch to install a compatible kernel if
needed.