Container Log Archive Charm

Merge ~hloeung/container-log-archive-charm:charm-helpers-sync into container-log-archive-charm:master

Proposed by Haw Loeung on 2020-07-14

Status:	Merged
Approved by:	Paul Collins on 2020-07-15
Approved revision:	b8906d4b6ad560aecfc09283be83f55faa857af8
Merged at revision:	1a17c428de43b0bc96741bbd35a4ab91f486bdc2
Proposed branch:	~hloeung/container-log-archive-charm:charm-helpers-sync
Merge into:	container-log-archive-charm:master
Diff against target:	2158 lines (+1396/-133) 19 files modified lib/charmhelpers/__init__.py (+4/-4) lib/charmhelpers/core/hookenv.py (+334/-20) lib/charmhelpers/core/host.py (+87/-11) lib/charmhelpers/core/host_factory/ubuntu.py (+27/-1) lib/charmhelpers/core/kernel.py (+2/-2) lib/charmhelpers/core/sysctl.py (+21/-4) lib/charmhelpers/fetch/__init__.py (+4/-0) lib/charmhelpers/fetch/archiveurl.py (+1/-1) lib/charmhelpers/fetch/bzrurl.py (+2/-2) lib/charmhelpers/fetch/giturl.py (+2/-2) lib/charmhelpers/fetch/python/__init__.py (+13/-0) lib/charmhelpers/fetch/python/debug.py (+54/-0) lib/charmhelpers/fetch/python/packages.py (+154/-0) lib/charmhelpers/fetch/python/rpdb.py (+56/-0) lib/charmhelpers/fetch/python/version.py (+32/-0) lib/charmhelpers/fetch/snap.py (+1/-1) lib/charmhelpers/fetch/ubuntu.py (+311/-82) lib/charmhelpers/fetch/ubuntu_apt_pkg.py (+267/-0) lib/charmhelpers/osplatform.py (+24/-3)
Related bugs:	Link a bug report

Reviewer	Date Requested	Status
Paul Collins	2020-07-14	Approve on 2020-07-15
Canonical IS Reviewers	2020-07-15	Pending
Canonical IS Reviewers	2020-07-14	Pending
Review via email: mp+387401@code.launchpad.net

This proposal supersedes a proposal from 2020-07-14.

Commit message

charm-helpers sync

Revision history for this message

🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote on 2020-07-14: Posted in a previous version of this proposal

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message

🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote on 2020-07-15:

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message

Paul Collins (pjdc) wrote on 2020-07-15:

I would have just trivialled this.

review: Approve

Revision history for this message

🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote on 2020-07-15:

Change successfully merged at revision 1a17c428de43b0bc96741bbd35a4ab91f486bdc2

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Container Log Archive Charmers

Haw Loeung

 diff --git a/lib/charmhelpers/__init__.py b/lib/charmhelpers/__init__.py
 index e7aa471..61ef907 100644
 --- a/lib/charmhelpers/__init__.py
 +++ b/lib/charmhelpers/__init__.py
@@ -23,22 +23,22 @@ import subprocess
  import sys
  try:
--    import six  # flake8: noqa
++    import six  # NOQA:F401
  except ImportError:
      if sys.version_info.major == 2:
          subprocess.check_call(['apt-get', 'install', '-y', 'python-six'])
      else:
          subprocess.check_call(['apt-get', 'install', '-y', 'python3-six'])
--    import six  # flake8: noqa
++    import six  # NOQA:F401
  try:
--    import yaml  # flake8: noqa
++    import yaml  # NOQA:F401
  except ImportError:
      if sys.version_info.major == 2:
          subprocess.check_call(['apt-get', 'install', '-y', 'python-yaml'])
      else:
          subprocess.check_call(['apt-get', 'install', '-y', 'python3-yaml'])
--    import yaml  # flake8: noqa
++    import yaml  # NOQA:F401
  # Holds a list of mapping of mangled function names that have been deprecated
 diff --git a/lib/charmhelpers/core/hookenv.py b/lib/charmhelpers/core/hookenv.py
 index ed7af39..db7ce72 100644
 --- a/lib/charmhelpers/core/hookenv.py
 +++ b/lib/charmhelpers/core/hookenv.py
@@ -21,6 +21,7 @@
  from __future__ import print_function
  import copy
  from distutils.version import LooseVersion
++from enum import Enum
  from functools import wraps
  from collections import namedtuple
  import glob
@@ -34,6 +35,8 @@ import errno
  import tempfile
  from subprocess import CalledProcessError
++from charmhelpers import deprecate
++
  import six
  if not six.PY3:
      from UserDict import UserDict
@@ -48,6 +51,20 @@ INFO = "INFO"
  DEBUG = "DEBUG"
  TRACE = "TRACE"
  MARKER = object()
++SH_MAX_ARG = 131071
++
++
++RANGE_WARNING = ('Passing NO_PROXY string that includes a cidr. '
++                 'This may not be compatible with software you are '
++                 'running in your shell.')
++
++
++class WORKLOAD_STATES(Enum):
++    ACTIVE = 'active'
++    BLOCKED = 'blocked'
++    MAINTENANCE = 'maintenance'
++    WAITING = 'waiting'
++
  cache = {}
@@ -98,7 +115,7 @@ def log(message, level=None):
          command += ['-l', level]
      if not isinstance(message, six.string_types):
          message = repr(message)
--    command += [message]
++    command += [message[:SH_MAX_ARG]]
      # Missing juju-log should not cause failures in unit tests
      # Send log output to stderr
      try:
@@ -113,6 +130,24 @@ def log(message, level=None):
              raise
++def function_log(message):
++    """Write a function progress message"""
++    command = ['function-log']
++    if not isinstance(message, six.string_types):
++        message = repr(message)
++    command += [message[:SH_MAX_ARG]]
++    # Missing function-log should not cause failures in unit tests
++    # Send function_log output to stderr
++    try:
++        subprocess.call(command)
++    except OSError as e:
++        if e.errno == errno.ENOENT:
++            message = "function-log: {}".format(message)
++            print(message, file=sys.stderr)
++        else:
++            raise
++
++
  class Serializable(UserDict):
      """Wrapper, an object that can be serialized to yaml or json"""
@@ -201,11 +236,35 @@ def remote_unit():
      return os.environ.get('JUJU_REMOTE_UNIT', None)
--def service_name():
--    """The name service group this unit belongs to"""
++def application_name():
++    """
++    The name of the deployed application this unit belongs to.
++    """
      return local_unit().split('/')[0]
++def service_name():
++    """
++    .. deprecated:: 0.19.1
++       Alias for :func:`application_name`.
++    """
++    return application_name()
++
++
++def model_name():
++    """
++    Name of the model that this unit is deployed in.
++    """
++    return os.environ['JUJU_MODEL_NAME']
++
++
++def model_uuid():
++    """
++    UUID of the model that this unit is deployed in.
++    """
++    return os.environ['JUJU_MODEL_UUID']
++
++
  def principal_unit():
      """Returns the principal unit of this unit, otherwise None"""
      # Juju 2.2 and above provides JUJU_PRINCIPAL_UNIT
@@ -313,8 +372,10 @@ class Config(dict):
              try:
                  self._prev_dict = json.load(f)
              except ValueError as e:
--                log('Unable to parse previous config data - {}'.format(str(e)),
--                    level=ERROR)
++                log('Found but was unable to parse previous config data, '
++                    'ignoring which will report all values as changed - {}'
++                    .format(str(e)), level=ERROR)
++                return
          for k, v in copy.deepcopy(self._prev_dict).items():
              if k not in self:
                  self[k] = v
@@ -485,6 +546,67 @@ def related_units(relid=None):
          subprocess.check_output(units_cmd_line).decode('UTF-8')) or []
++def expected_peer_units():
++    """Get a generator for units we expect to join peer relation based on
++    goal-state.
++
++    The local unit is excluded from the result to make it easy to gauge
++    completion of all peers joining the relation with existing hook tools.
++
++    Example usage:
++    log('peer {} of {} joined peer relation'
++        .format(len(related_units()),
++                len(list(expected_peer_units()))))
++
++    This function will raise NotImplementedError if used with juju versions
++    without goal-state support.
++
++    :returns: iterator
++    :rtype: types.GeneratorType
++    :raises: NotImplementedError
++    """
++    if not has_juju_version("2.4.0"):
++        # goal-state first appeared in 2.4.0.
++        raise NotImplementedError("goal-state")
++    _goal_state = goal_state()
++    return (key for key in _goal_state['units']
++            if '/' in key and key != local_unit())
++
++
++def expected_related_units(reltype=None):
++    """Get a generator for units we expect to join relation based on
++    goal-state.
++
++    Note that you can not use this function for the peer relation, take a look
++    at expected_peer_units() for that.
++
++    This function will raise KeyError if you request information for a
++    relation type for which juju goal-state does not have information.  It will
++    raise NotImplementedError if used with juju versions without goal-state
++    support.
++
++    Example usage:
++    log('participant {} of {} joined relation {}'
++        .format(len(related_units()),
++                len(list(expected_related_units())),
++                relation_type()))
++
++    :param reltype: Relation type to list data for, default is to list data for
++                    the realtion type we are currently executing a hook for.
++    :type reltype: str
++    :returns: iterator
++    :rtype: types.GeneratorType
++    :raises: KeyError, NotImplementedError
++    """
++    if not has_juju_version("2.4.4"):
++        # goal-state existed in 2.4.0, but did not list individual units to
++        # join a relation in 2.4.1 through 2.4.3. (LP: #1794739)
++        raise NotImplementedError("goal-state relation unit count")
++    reltype = reltype or relation_type()
++    _goal_state = goal_state()
++    return (key for key in _goal_state['relations'][reltype] if '/' in key)
++
++
  @cached
  def relation_for_unit(unit=None, rid=None):
      """Get the json represenation of a unit's relation"""
@@ -855,9 +977,23 @@ def charm_dir():
      return os.environ.get('CHARM_DIR')
++def cmd_exists(cmd):
++    """Return True if the specified cmd exists in the path"""
++    return any(
++        os.access(os.path.join(path, cmd), os.X_OK)
++        for path in os.environ["PATH"].split(os.pathsep)
++    )
++
++
  @cached
++@deprecate("moved to function_get()", log=log)
  def action_get(key=None):
--    """Gets the value of an action parameter, or all key/value param pairs"""
++    """
++    .. deprecated:: 0.20.7
++       Alias for :func:`function_get`.
++
++    Gets the value of an action parameter, or all key/value param pairs.
++    """
      cmd = ['action-get']
      if key is not None:
          cmd.append(key)
@@ -866,52 +1002,130 @@ def action_get(key=None):
      return action_data
++@cached
++def function_get(key=None):
++    """Gets the value of an action parameter, or all key/value param pairs"""
++    cmd = ['function-get']
++    # Fallback for older charms.
++    if not cmd_exists('function-get'):
++        cmd = ['action-get']
++
++    if key is not None:
++        cmd.append(key)
++    cmd.append('--format=json')
++    function_data = json.loads(subprocess.check_output(cmd).decode('UTF-8'))
++    return function_data
++
++
++@deprecate("moved to function_set()", log=log)
  def action_set(values):
--    """Sets the values to be returned after the action finishes"""
++    """
++    .. deprecated:: 0.20.7
++       Alias for :func:`function_set`.
++
++    Sets the values to be returned after the action finishes.
++    """
      cmd = ['action-set']
      for k, v in list(values.items()):
          cmd.append('{}={}'.format(k, v))
      subprocess.check_call(cmd)
++def function_set(values):
++    """Sets the values to be returned after the function finishes"""
++    cmd = ['function-set']
++    # Fallback for older charms.
++    if not cmd_exists('function-get'):
++        cmd = ['action-set']
++
++    for k, v in list(values.items()):
++        cmd.append('{}={}'.format(k, v))
++    subprocess.check_call(cmd)
++
++
++@deprecate("moved to function_fail()", log=log)
  def action_fail(message):
--    """Sets the action status to failed and sets the error message.
++    """
++    .. deprecated:: 0.20.7
++       Alias for :func:`function_fail`.
++
++    Sets the action status to failed and sets the error message.
--    The results set by action_set are preserved."""
++    The results set by action_set are preserved.
++    """
      subprocess.check_call(['action-fail', message])
++def function_fail(message):
++    """Sets the function status to failed and sets the error message.
++
++    The results set by function_set are preserved."""
++    cmd = ['function-fail']
++    # Fallback for older charms.
++    if not cmd_exists('function-fail'):
++        cmd = ['action-fail']
++    cmd.append(message)
++
++    subprocess.check_call(cmd)
++
++
  def action_name():
      """Get the name of the currently executing action."""
      return os.environ.get('JUJU_ACTION_NAME')
++def function_name():
++    """Get the name of the currently executing function."""
++    return os.environ.get('JUJU_FUNCTION_NAME') or action_name()
++
++
  def action_uuid():
      """Get the UUID of the currently executing action."""
      return os.environ.get('JUJU_ACTION_UUID')
++def function_id():
++    """Get the ID of the currently executing function."""
++    return os.environ.get('JUJU_FUNCTION_ID') or action_uuid()
++
++
  def action_tag():
      """Get the tag for the currently executing action."""
      return os.environ.get('JUJU_ACTION_TAG')
--def status_set(workload_state, message):
++def function_tag():
++    """Get the tag for the currently executing function."""
++    return os.environ.get('JUJU_FUNCTION_TAG') or action_tag()
++
++
++def status_set(workload_state, message, application=False):
      """Set the workload state with a message
      Use status-set to set the workload state with a message which is visible
      to the user via juju status. If the status-set command is not found then
--    assume this is juju < 1.23 and juju-log the message unstead.
++    assume this is juju < 1.23 and juju-log the message instead.
--    workload_state -- valid juju workload state.
--    message        -- status update message
++    workload_state   -- valid juju workload state. str or WORKLOAD_STATES
++    message          -- status update message
++    application      -- Whether this is an application state set
      """
--    valid_states = ['maintenance', 'blocked', 'waiting', 'active']
--    if workload_state not in valid_states:
--        raise ValueError(
--            '{!r} is not a valid workload state'.format(workload_state)
--        )
--    cmd = ['status-set', workload_state, message]
++    bad_state_msg = '{!r} is not a valid workload state'
++
++    if isinstance(workload_state, str):
++        try:
++            # Convert string to enum.
++            workload_state = WORKLOAD_STATES[workload_state.upper()]
++        except KeyError:
++            raise ValueError(bad_state_msg.format(workload_state))
++
++    if workload_state not in WORKLOAD_STATES:
++        raise ValueError(bad_state_msg.format(workload_state))
++
++    cmd = ['status-set']
++    if application:
++        cmd.append('--application')
++    cmd.extend([workload_state.value, message])
      try:
          ret = subprocess.call(cmd)
          if ret == 0:
@@ -919,7 +1133,7 @@ def status_set(workload_state, message):
      except OSError as e:
          if e.errno != errno.ENOENT:
              raise
--    log_message = 'status-set failed: {} {}'.format(workload_state,
++    log_message = 'status-set failed: {} {}'.format(workload_state.value,
                                                      message)
      log(log_message, level='INFO')
@@ -973,6 +1187,7 @@ def application_version_set(version):
  @translate_exc(from_exc=OSError, to_exc=NotImplementedError)
++@cached
  def goal_state():
      """Juju goal state values"""
      cmd = ['goal-state', '--format=json']
@@ -1297,3 +1512,102 @@ def egress_subnets(rid=None, unit=None):
      if 'private-address' in settings:
          return [_to_range(settings['private-address'])]
      return []  # Should never happen
++
++
++def unit_doomed(unit=None):
++    """Determines if the unit is being removed from the model
++
++    Requires Juju 2.4.1.
++
++    :param unit: string unit name, defaults to local_unit
++    :side effect: calls goal_state
++    :side effect: calls local_unit
++    :side effect: calls has_juju_version
++    :return: True if the unit is being removed, already gone, or never existed
++    """
++    if not has_juju_version("2.4.1"):
++        # We cannot risk blindly returning False for 'we don't know',
++        # because that could cause data loss; if call sites don't
++        # need an accurate answer, they likely don't need this helper
++        # at all.
++        # goal-state existed in 2.4.0, but did not handle removals
++        # correctly until 2.4.1.
++        raise NotImplementedError("is_doomed")
++    if unit is None:
++        unit = local_unit()
++    gs = goal_state()
++    units = gs.get('units', {})
++    if unit not in units:
++        return True
++    # I don't think 'dead' units ever show up in the goal-state, but
++    # check anyway in addition to 'dying'.
++    return units[unit]['status'] in ('dying', 'dead')
++
++
++def env_proxy_settings(selected_settings=None):
++    """Get proxy settings from process environment variables.
++
++    Get charm proxy settings from environment variables that correspond to
++    juju-http-proxy, juju-https-proxy juju-no-proxy (available as of 2.4.2, see
++    lp:1782236) and juju-ftp-proxy in a format suitable for passing to an
++    application that reacts to proxy settings passed as environment variables.
++    Some applications support lowercase or uppercase notation (e.g. curl), some
++    support only lowercase (e.g. wget), there are also subjectively rare cases
++    of only uppercase notation support. no_proxy CIDR and wildcard support also
++    varies between runtimes and applications as there is no enforced standard.
++
++    Some applications may connect to multiple destinations and expose config
++    options that would affect only proxy settings for a specific destination
++    these should be handled in charms in an application-specific manner.
++
++    :param selected_settings: format only a subset of possible settings
++    :type selected_settings: list
++    :rtype: Option(None, dict[str, str])
++    """
++    SUPPORTED_SETTINGS = {
++        'http': 'HTTP_PROXY',
++        'https': 'HTTPS_PROXY',
++        'no_proxy': 'NO_PROXY',
++        'ftp': 'FTP_PROXY'
++    }
++    if selected_settings is None:
++        selected_settings = SUPPORTED_SETTINGS
++
++    selected_vars = [v for k, v in SUPPORTED_SETTINGS.items()
++                     if k in selected_settings]
++    proxy_settings = {}
++    for var in selected_vars:
++        var_val = os.getenv(var)
++        if var_val:
++            proxy_settings[var] = var_val
++            proxy_settings[var.lower()] = var_val
++        # Now handle juju-prefixed environment variables. The legacy vs new
++        # environment variable usage is mutually exclusive
++        charm_var_val = os.getenv('JUJU_CHARM_{}'.format(var))
++        if charm_var_val:
++            proxy_settings[var] = charm_var_val
++            proxy_settings[var.lower()] = charm_var_val
++    if 'no_proxy' in proxy_settings:
++        if _contains_range(proxy_settings['no_proxy']):
++            log(RANGE_WARNING, level=WARNING)
++    return proxy_settings if proxy_settings else None
++
++
++def _contains_range(addresses):
++    """Check for cidr or wildcard domain in a string.
++
++    Given a string comprising a comma seperated list of ip addresses
++    and domain names, determine whether the string contains IP ranges
++    or wildcard domains.
++
++    :param addresses: comma seperated list of domains and ip addresses.
++    :type addresses: str
++    """
++    return (
++        # Test for cidr (e.g. 10.20.20.0/24)
++        "/" in addresses or
++        # Test for wildcard domains (*.foo.com or .foo.com)
++        "*" in addresses or
++        addresses.startswith(".") or
++        ",." in addresses or
++        " ." in addresses)
 diff --git a/lib/charmhelpers/core/host.py b/lib/charmhelpers/core/host.py
 index 322ab2a..b33ac90 100644
 --- a/lib/charmhelpers/core/host.py
 +++ b/lib/charmhelpers/core/host.py
@@ -34,21 +34,23 @@ import six
  from contextlib import contextmanager
  from collections import OrderedDict
--from .hookenv import log, DEBUG, local_unit
++from .hookenv import log, INFO, DEBUG, local_unit, charm_name
  from .fstab import Fstab
  from charmhelpers.osplatform import get_platform
  __platform__ = get_platform()
  if __platform__ == "ubuntu":
--    from charmhelpers.core.host_factory.ubuntu import (
++    from charmhelpers.core.host_factory.ubuntu import (  # NOQA:F401
          service_available,
          add_new_group,
          lsb_release,
          cmp_pkgrevno,
          CompareHostReleases,
++        get_distrib_codename,
++        arch
      )  # flake8: noqa -- ignore F401 for this import
  elif __platform__ == "centos":
--    from charmhelpers.core.host_factory.centos import (
++    from charmhelpers.core.host_factory.centos import (  # NOQA:F401
          service_available,
          add_new_group,
          lsb_release,
@@ -58,6 +60,7 @@ elif __platform__ == "centos":
  UPDATEDB_PATH = '/etc/updatedb.conf'
++
  def service_start(service_name, **kwargs):
      """Start a system service.
@@ -287,8 +290,8 @@ def service_running(service_name, **kwargs):
                  for key, value in six.iteritems(kwargs):
                      parameter = '%s=%s' % (key, value)
                      cmd.append(parameter)
--                output = subprocess.check_output(cmd,
--                    stderr=subprocess.STDOUT).decode('UTF-8')
++                output = subprocess.check_output(
++                    cmd, stderr=subprocess.STDOUT).decode('UTF-8')
              except subprocess.CalledProcessError:
                  return False
              else:
@@ -442,7 +445,7 @@ def add_user_to_group(username, group):
  def chage(username, lastday=None, expiredate=None, inactive=None,
--           mindays=None, maxdays=None, root=None, warndays=None):
++          mindays=None, maxdays=None, root=None, warndays=None):
      """Change user password expiry information
      :param str username: User to update
@@ -482,8 +485,10 @@ def chage(username, lastday=None, expiredate=None, inactive=None,
      cmd.append(username)
      subprocess.check_call(cmd)
++
  remove_password_expiry = functools.partial(chage, expiredate='-1', inactive='-1', mindays='0', maxdays='-1')
++
  def rsync(from_path, to_path, flags='-r', options=None, timeout=None):
      """Replicate the contents of a path"""
      options = options or ['--delete', '--executability']
@@ -535,13 +540,15 @@ def write_file(path, content, owner='root', group='root', perms=0o444):
      # lets see if we can grab the file and compare the context, to avoid doing
      # a write.
      existing_content = None
--    existing_uid, existing_gid = None, None
++    existing_uid, existing_gid, existing_perms = None, None, None
      try:
          with open(path, 'rb') as target:
              existing_content = target.read()
          stat = os.stat(path)
--        existing_uid, existing_gid = stat.st_uid, stat.st_gid
--    except:
++        existing_uid, existing_gid, existing_perms = (
++            stat.st_uid, stat.st_gid, stat.st_mode
++        )
++    except Exception:
          pass
      if content != existing_content:
          log("Writing file {} {}:{} {:o}".format(path, owner, group, perms),
@@ -554,7 +561,7 @@ def write_file(path, content, owner='root', group='root', perms=0o444):
              target.write(content)
          return
      # the contents were the same, but we might still need to change the
--    # ownership.
++    # ownership or permissions.
      if existing_uid != uid:
          log("Changing uid on already existing content: {} -> {}"
              .format(existing_uid, uid), level=DEBUG)
@@ -563,6 +570,10 @@ def write_file(path, content, owner='root', group='root', perms=0o444):
          log("Changing gid on already existing content: {} -> {}"
              .format(existing_gid, gid), level=DEBUG)
          os.chown(path, -1, gid)
++    if existing_perms != perms:
++        log("Changing permissions on existing content: {} -> {}"
++            .format(existing_perms, perms), level=DEBUG)
++        os.chmod(path, perms)
  def fstab_remove(mp):
@@ -827,7 +838,7 @@ def list_nics(nic_type=None):
          ip_output = subprocess.check_output(cmd).decode('UTF-8').split('\n')
          ip_output = (line.strip() for line in ip_output if line)
--        key = re.compile('^[0-9]+:\s+(.+):')
++        key = re.compile(r'^[0-9]+:\s+(.+):')
          for line in ip_output:
              matched = re.search(key, line)
              if matched:
@@ -972,6 +983,20 @@ def is_container():
  def add_to_updatedb_prunepath(path, updatedb_path=UPDATEDB_PATH):
++    """Adds the specified path to the mlocate's udpatedb.conf PRUNEPATH list.
++
++    This method has no effect if the path specified by updatedb_path does not
++    exist or is not a file.
++
++    @param path: string the path to add to the updatedb.conf PRUNEPATHS value
++    @param updatedb_path: the path the updatedb.conf file
++    """
++    if not os.path.exists(updatedb_path) or os.path.isdir(updatedb_path):
++        # If the updatedb.conf file doesn't exist then don't attempt to update
++        # the file as the package providing mlocate may not be installed on
++        # the local system
++        return
++
      with open(updatedb_path, 'r+') as f_id:
          updatedb_text = f_id.read()
          output = updatedb(updatedb_text, path)
@@ -1026,3 +1051,54 @@ def modulo_distribution(modulo=3, wait=30, non_zero_wait=False):
          return modulo * wait
      else:
          return calculated_wait_time
++
++
++def install_ca_cert(ca_cert, name=None):
++    """
++    Install the given cert as a trusted CA.
++
++    The ``name`` is the stem of the filename where the cert is written, and if
++    not provided, it will default to ``juju-{charm_name}``.
++
++    If the cert is empty or None, or is unchanged, nothing is done.
++    """
++    if not ca_cert:
++        return
++    if not isinstance(ca_cert, bytes):
++        ca_cert = ca_cert.encode('utf8')
++    if not name:
++        name = 'juju-{}'.format(charm_name())
++    cert_file = '/usr/local/share/ca-certificates/{}.crt'.format(name)
++    new_hash = hashlib.md5(ca_cert).hexdigest()
++    if file_hash(cert_file) == new_hash:
++        return
++    log("Installing new CA cert at: {}".format(cert_file), level=INFO)
++    write_file(cert_file, ca_cert)
++    subprocess.check_call(['update-ca-certificates', '--fresh'])
++
++
++def get_system_env(key, default=None):
++    """Get data from system environment as represented in ``/etc/environment``.
++
++    :param key: Key to look up
++    :type key: str
++    :param default: Value to return if key is not found
++    :type default: any
++    :returns: Value for key if found or contents of default parameter
++    :rtype: any
++    :raises: subprocess.CalledProcessError
++    """
++    env_file = '/etc/environment'
++    # use the shell and env(1) to parse the global environments file.  This is
++    # done to get the correct result even if the user has shell variable
++    # substitutions or other shell logic in that file.
++    output = subprocess.check_output(
++        ['env', '-i', '/bin/bash', '-c',
++         'set -a && source {} && env'.format(env_file)],
++        universal_newlines=True)
++    for k, v in (line.split('=', 1)
++                 for line in output.splitlines() if '=' in line):
++        if k == key:
++            return v
++    else:
++        return default
 diff --git a/lib/charmhelpers/core/host_factory/ubuntu.py b/lib/charmhelpers/core/host_factory/ubuntu.py
 index 99451b5..3edc068 100644
 --- a/lib/charmhelpers/core/host_factory/ubuntu.py
 +++ b/lib/charmhelpers/core/host_factory/ubuntu.py
@@ -1,5 +1,6 @@
  import subprocess
++from charmhelpers.core.hookenv import cached
  from charmhelpers.core.strutils import BasicStringComparator
@@ -21,6 +22,10 @@ UBUNTU_RELEASES = (
      'zesty',
      'artful',
      'bionic',
++    'cosmic',
++    'disco',
++    'eoan',
++    'focal'
+ )
@@ -71,6 +76,14 @@ def lsb_release():
      return d
++def get_distrib_codename():
++    """Return the codename of the distribution
++    :returns: The codename
++    :rtype: str
++    """
++    return lsb_release()['DISTRIB_CODENAME'].lower()
++
++
  def cmp_pkgrevno(package, revno, pkgcache=None):
      """Compare supplied revno with the revno of the installed package.
@@ -82,9 +95,22 @@ def cmp_pkgrevno(package, revno, pkgcache=None):
      the pkgcache argument is None. Be sure to add charmhelpers.fetch if
      you call this function, or pass an apt_pkg.Cache() instance.
      """
--    import apt_pkg
++    from charmhelpers.fetch import apt_pkg
      if not pkgcache:
          from charmhelpers.fetch import apt_cache
          pkgcache = apt_cache()
      pkg = pkgcache[package]
      return apt_pkg.version_compare(pkg.current_ver.ver_str, revno)
++
++
++@cached
++def arch():
++    """Return the package architecture as a string.
++
++    :returns: the architecture
++    :rtype: str
++    :raises: subprocess.CalledProcessError if dpkg command fails
++    """
++    return subprocess.check_output(
++        ['dpkg', '--print-architecture']
++    ).rstrip().decode('UTF-8')
 diff --git a/lib/charmhelpers/core/kernel.py b/lib/charmhelpers/core/kernel.py
 index 2d40452..e01f4f8 100644
 --- a/lib/charmhelpers/core/kernel.py
 +++ b/lib/charmhelpers/core/kernel.py
@@ -26,12 +26,12 @@ from charmhelpers.core.hookenv import (
  __platform__ = get_platform()
  if __platform__ == "ubuntu":
--    from charmhelpers.core.kernel_factory.ubuntu import (
++    from charmhelpers.core.kernel_factory.ubuntu import (  # NOQA:F401
          persistent_modprobe,
          update_initramfs,
      )  # flake8: noqa -- ignore F401 for this import
  elif __platform__ == "centos":
--    from charmhelpers.core.kernel_factory.centos import (
++    from charmhelpers.core.kernel_factory.centos import (  # NOQA:F401
          persistent_modprobe,
          update_initramfs,
      )  # flake8: noqa -- ignore F401 for this import
 diff --git a/lib/charmhelpers/core/sysctl.py b/lib/charmhelpers/core/sysctl.py
 index 1f188d8..386428d 100644
 --- a/lib/charmhelpers/core/sysctl.py
 +++ b/lib/charmhelpers/core/sysctl.py
@@ -17,18 +17,21 @@
  import yaml
--from subprocess import check_call
++from subprocess import check_call, CalledProcessError
  from charmhelpers.core.hookenv import (
      log,
      DEBUG,
      ERROR,
++    WARNING,
+ )
++from charmhelpers.core.host import is_container
++
  __author__ = 'Jorge Niedbalski R. <jorge.niedbalski@canonical.com>'
--def create(sysctl_dict, sysctl_file):
++def create(sysctl_dict, sysctl_file, ignore=False):
      """Creates a sysctl.conf file from a YAML associative array
      :param sysctl_dict: a dict or YAML-formatted string of sysctl
@@ -36,6 +39,8 @@ def create(sysctl_dict, sysctl_file):
      :type sysctl_dict: str
      :param sysctl_file: path to the sysctl file to be saved
      :type sysctl_file: str or unicode
++    :param ignore: If True, ignore "unknown variable" errors.
++    :type ignore: bool
      :returns: None
      """
      if type(sysctl_dict) is not dict:
@@ -52,7 +57,19 @@ def create(sysctl_dict, sysctl_file):
          for key, value in sysctl_dict_parsed.items():
              fd.write("{}={}\n".format(key, value))
--    log("Updating sysctl_file: %s values: %s" % (sysctl_file, sysctl_dict_parsed),
++    log("Updating sysctl_file: {} values: {}".format(sysctl_file,
++                                                     sysctl_dict_parsed),
          level=DEBUG)
--    check_call(["sysctl", "-p", sysctl_file])
++    call = ["sysctl", "-p", sysctl_file]
++    if ignore:
++        call.append("-e")
++
++    try:
++        check_call(call)
++    except CalledProcessError as e:
++        if is_container():
++            log("Error setting some sysctl keys in this container: {}".format(e.output),
++                level=WARNING)
++        else:
++            raise e
 diff --git a/lib/charmhelpers/fetch/__init__.py b/lib/charmhelpers/fetch/__init__.py
 index 480a627..0cc7fc8 100644
 --- a/lib/charmhelpers/fetch/__init__.py
 +++ b/lib/charmhelpers/fetch/__init__.py
@@ -84,6 +84,7 @@ module = "charmhelpers.fetch.%s" % __platform__
  fetch = importlib.import_module(module)
  filter_installed_packages = fetch.filter_installed_packages
++filter_missing_packages = fetch.filter_missing_packages
  install = fetch.apt_install
  upgrade = fetch.apt_upgrade
  update = _fetch_update = fetch.apt_update
@@ -96,11 +97,14 @@ if __platform__ == "ubuntu":
      apt_update = fetch.apt_update
      apt_upgrade = fetch.apt_upgrade
      apt_purge = fetch.apt_purge
++    apt_autoremove = fetch.apt_autoremove
      apt_mark = fetch.apt_mark
      apt_hold = fetch.apt_hold
      apt_unhold = fetch.apt_unhold
      import_key = fetch.import_key
      get_upstream_version = fetch.get_upstream_version
++    apt_pkg = fetch.ubuntu_apt_pkg
++    get_apt_dpkg_env = fetch.get_apt_dpkg_env
  elif __platform__ == "centos":
      yum_search = fetch.yum_search
 diff --git a/lib/charmhelpers/fetch/archiveurl.py b/lib/charmhelpers/fetch/archiveurl.py
 index dd24f9e..d25587a 100644
 --- a/lib/charmhelpers/fetch/archiveurl.py
 +++ b/lib/charmhelpers/fetch/archiveurl.py
@@ -89,7 +89,7 @@ class ArchiveUrlFetchHandler(BaseFetchHandler):
          :param str source: URL pointing to an archive file.
          :param str dest: Local path location to download archive file to.
          """
--        # propogate all exceptions
++        # propagate all exceptions
          # URLError, OSError, etc
          proto, netloc, path, params, query, fragment = urlparse(source)
          if proto in ('http', 'https'):
 diff --git a/lib/charmhelpers/fetch/bzrurl.py b/lib/charmhelpers/fetch/bzrurl.py
 index 07cd029..c4ab3ff 100644
 --- a/lib/charmhelpers/fetch/bzrurl.py
 +++ b/lib/charmhelpers/fetch/bzrurl.py
@@ -13,7 +13,7 @@
  # limitations under the License.
  import os
--from subprocess import check_call
++from subprocess import STDOUT, check_output
  from charmhelpers.fetch import (
      BaseFetchHandler,
      UnhandledSource,
@@ -55,7 +55,7 @@ class BzrUrlFetchHandler(BaseFetchHandler):
              cmd = ['bzr', 'branch']
              cmd += cmd_opts
              cmd += [source, dest]
--        check_call(cmd)
++        check_output(cmd, stderr=STDOUT)
      def install(self, source, dest=None, revno=None):
          url_parts = self.parse_url(source)
 diff --git a/lib/charmhelpers/fetch/giturl.py b/lib/charmhelpers/fetch/giturl.py
 index 4cf21bc..070ca9b 100644
 --- a/lib/charmhelpers/fetch/giturl.py
 +++ b/lib/charmhelpers/fetch/giturl.py
@@ -13,7 +13,7 @@
  # limitations under the License.
  import os
--from subprocess import check_call, CalledProcessError
++from subprocess import check_output, CalledProcessError, STDOUT
  from charmhelpers.fetch import (
      BaseFetchHandler,
      UnhandledSource,
@@ -50,7 +50,7 @@ class GitUrlFetchHandler(BaseFetchHandler):
              cmd = ['git', 'clone', source, dest, '--branch', branch]
              if depth:
                  cmd.extend(['--depth', depth])
--        check_call(cmd)
++        check_output(cmd, stderr=STDOUT)
      def install(self, source, branch="master", dest=None, depth=None):
          url_parts = self.parse_url(source)
 diff --git a/lib/charmhelpers/fetch/python/__init__.py b/lib/charmhelpers/fetch/python/__init__.py
 new file mode 100644
 index 0000000..bff99dc
 --- /dev/null
 +++ b/lib/charmhelpers/fetch/python/__init__.py
@@ -0,0 +1,13 @@
++# Copyright 2014-2019 Canonical Limited.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#  http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
 diff --git a/lib/charmhelpers/fetch/python/debug.py b/lib/charmhelpers/fetch/python/debug.py
 new file mode 100644
 index 0000000..757135e
 --- /dev/null
 +++ b/lib/charmhelpers/fetch/python/debug.py
@@ -0,0 +1,54 @@
++#!/usr/bin/env python
++# coding: utf-8
++
++# Copyright 2014-2015 Canonical Limited.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#  http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++from __future__ import print_function
++
++import atexit
++import sys
++
++from charmhelpers.fetch.python.rpdb import Rpdb
++from charmhelpers.core.hookenv import (
++    open_port,
++    close_port,
++    ERROR,
++    log
++)
++
++__author__ = "Jorge Niedbalski <jorge.niedbalski@canonical.com>"
++
++DEFAULT_ADDR = "0.0.0.0"
++DEFAULT_PORT = 4444
++
++
++def _error(message):
++    log(message, level=ERROR)
++
++
++def set_trace(addr=DEFAULT_ADDR, port=DEFAULT_PORT):
++    """
++    Set a trace point using the remote debugger
++    """
++    atexit.register(close_port, port)
++    try:
++        log("Starting a remote python debugger session on %s:%s" % (addr,
++                                                                    port))
++        open_port(port)
++        debugger = Rpdb(addr=addr, port=port)
++        debugger.set_trace(sys._getframe().f_back)
++    except Exception:
++        _error("Cannot start a remote debug session on %s:%s" % (addr,
++                                                                 port))
 diff --git a/lib/charmhelpers/fetch/python/packages.py b/lib/charmhelpers/fetch/python/packages.py
 new file mode 100644
 index 0000000..6e95028
 --- /dev/null
 +++ b/lib/charmhelpers/fetch/python/packages.py
@@ -0,0 +1,154 @@
++#!/usr/bin/env python
++# coding: utf-8
++
++# Copyright 2014-2015 Canonical Limited.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#  http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++import os
++import six
++import subprocess
++import sys
++
++from charmhelpers.fetch import apt_install, apt_update
++from charmhelpers.core.hookenv import charm_dir, log
++
++__author__ = "Jorge Niedbalski <jorge.niedbalski@canonical.com>"
++
++
++def pip_execute(*args, **kwargs):
++    """Overriden pip_execute() to stop sys.path being changed.
++
++    The act of importing main from the pip module seems to cause add wheels
++    from the /usr/share/python-wheels which are installed by various tools.
++    This function ensures that sys.path remains the same after the call is
++    executed.
++    """
++    try:
++        _path = sys.path
++        try:
++            from pip import main as _pip_execute
++        except ImportError:
++            apt_update()
++            if six.PY2:
++                apt_install('python-pip')
++            else:
++                apt_install('python3-pip')
++            from pip import main as _pip_execute
++        _pip_execute(*args, **kwargs)
++    finally:
++        sys.path = _path
++
++
++def parse_options(given, available):
++    """Given a set of options, check if available"""
++    for key, value in sorted(given.items()):
++        if not value:
++            continue
++        if key in available:
++            yield "--{0}={1}".format(key, value)
++
++
++def pip_install_requirements(requirements, constraints=None, **options):
++    """Install a requirements file.
++
++    :param constraints: Path to pip constraints file.
++    http://pip.readthedocs.org/en/stable/user_guide/#constraints-files
++    """
++    command = ["install"]
++
++    available_options = ('proxy', 'src', 'log', )
++    for option in parse_options(options, available_options):
++        command.append(option)
++
++    command.append("-r {0}".format(requirements))
++    if constraints:
++        command.append("-c {0}".format(constraints))
++        log("Installing from file: {} with constraints {} "
++            "and options: {}".format(requirements, constraints, command))
++    else:
++        log("Installing from file: {} with options: {}".format(requirements,
++                                                               command))
++    pip_execute(command)
++
++
++def pip_install(package, fatal=False, upgrade=False, venv=None,
++                constraints=None, **options):
++    """Install a python package"""
++    if venv:
++        venv_python = os.path.join(venv, 'bin/pip')
++        command = [venv_python, "install"]
++    else:
++        command = ["install"]
++
++    available_options = ('proxy', 'src', 'log', 'index-url', )
++    for option in parse_options(options, available_options):
++        command.append(option)
++
++    if upgrade:
++        command.append('--upgrade')
++
++    if constraints:
++        command.extend(['-c', constraints])
++
++    if isinstance(package, list):
++        command.extend(package)
++    else:
++        command.append(package)
++
++    log("Installing {} package with options: {}".format(package,
++                                                        command))
++    if venv:
++        subprocess.check_call(command)
++    else:
++        pip_execute(command)
++
++
++def pip_uninstall(package, **options):
++    """Uninstall a python package"""
++    command = ["uninstall", "-q", "-y"]
++
++    available_options = ('proxy', 'log', )
++    for option in parse_options(options, available_options):
++        command.append(option)
++
++    if isinstance(package, list):
++        command.extend(package)
++    else:
++        command.append(package)
++
++    log("Uninstalling {} package with options: {}".format(package,
++                                                          command))
++    pip_execute(command)
++
++
++def pip_list():
++    """Returns the list of current python installed packages
++    """
++    return pip_execute(["list"])
++
++
++def pip_create_virtualenv(path=None):
++    """Create an isolated Python environment."""
++    if six.PY2:
++        apt_install('python-virtualenv')
++    else:
++        apt_install('python3-virtualenv')
++
++    if path:
++        venv_path = path
++    else:
++        venv_path = os.path.join(charm_dir(), 'venv')
++
++    if not os.path.exists(venv_path):
++        subprocess.check_call(['virtualenv', venv_path])
 diff --git a/lib/charmhelpers/fetch/python/rpdb.py b/lib/charmhelpers/fetch/python/rpdb.py
 new file mode 100644
 index 0000000..9b31610
 --- /dev/null
 +++ b/lib/charmhelpers/fetch/python/rpdb.py
@@ -0,0 +1,56 @@
++# Copyright 2014-2015 Canonical Limited.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#  http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++"""Remote Python Debugger (pdb wrapper)."""
++
++import pdb
++import socket
++import sys
++
++__author__ = "Bertrand Janin <b@janin.com>"
++__version__ = "0.1.3"
++
++
++class Rpdb(pdb.Pdb):
++
++    def __init__(self, addr="127.0.0.1", port=4444):
++        """Initialize the socket and initialize pdb."""
++
++        # Backup stdin and stdout before replacing them by the socket handle
++        self.old_stdout = sys.stdout
++        self.old_stdin = sys.stdin
++
++        # Open a 'reusable' socket to let the webapp reload on the same port
++        self.skt = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
++        self.skt.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, True)
++        self.skt.bind((addr, port))
++        self.skt.listen(1)
++        (clientsocket, address) = self.skt.accept()
++        handle = clientsocket.makefile('rw')
++        pdb.Pdb.__init__(self, completekey='tab', stdin=handle, stdout=handle)
++        sys.stdout = sys.stdin = handle
++
++    def shutdown(self):
++        """Revert stdin and stdout, close the socket."""
++        sys.stdout = self.old_stdout
++        sys.stdin = self.old_stdin
++        self.skt.close()
++        self.set_continue()
++
++    def do_continue(self, arg):
++        """Stop all operation on ``continue``."""
++        self.shutdown()
++        return 1
++
++    do_EOF = do_quit = do_exit = do_c = do_cont = do_continue
 diff --git a/lib/charmhelpers/fetch/python/version.py b/lib/charmhelpers/fetch/python/version.py
 new file mode 100644
 index 0000000..3eb4210
 --- /dev/null
 +++ b/lib/charmhelpers/fetch/python/version.py
@@ -0,0 +1,32 @@
++#!/usr/bin/env python
++# coding: utf-8
++
++# Copyright 2014-2015 Canonical Limited.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#  http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++import sys
++
++__author__ = "Jorge Niedbalski <jorge.niedbalski@canonical.com>"
++
++
++def current_version():
++    """Current system python version"""
++    return sys.version_info
++
++
++def current_version_string():
++    """Current system python version as string major.minor.micro"""
++    return "{0}.{1}.{2}".format(sys.version_info.major,
++                                sys.version_info.minor,
++                                sys.version_info.micro)
 diff --git a/lib/charmhelpers/fetch/snap.py b/lib/charmhelpers/fetch/snap.py
 index 395836c..fc70aa9 100644
 --- a/lib/charmhelpers/fetch/snap.py
 +++ b/lib/charmhelpers/fetch/snap.py
@@ -69,7 +69,7 @@ def _snap_exec(commands):
                      .format(SNAP_NO_LOCK_RETRY_COUNT))
              return_code = e.returncode
              log('Snap failed to acquire lock, trying again in {} seconds.'
--                .format(SNAP_NO_LOCK_RETRY_DELAY, level='WARN'))
++                .format(SNAP_NO_LOCK_RETRY_DELAY), level='WARN')
              sleep(SNAP_NO_LOCK_RETRY_DELAY)
      return return_code
 diff --git a/lib/charmhelpers/fetch/ubuntu.py b/lib/charmhelpers/fetch/ubuntu.py
 index 653d58f..3315284 100644
 --- a/lib/charmhelpers/fetch/ubuntu.py
 +++ b/lib/charmhelpers/fetch/ubuntu.py
@@ -13,23 +13,23 @@
  # limitations under the License.
  from collections import OrderedDict
--import os
  import platform
  import re
  import six
--import time
  import subprocess
--from tempfile import NamedTemporaryFile
++import sys
++import time
++
++from charmhelpers.core.host import get_distrib_codename, get_system_env
--from charmhelpers.core.host import (
--    lsb_release
--)
  from charmhelpers.core.hookenv import (
      log,
      DEBUG,
      WARNING,
++    env_proxy_settings,
+ )
  from charmhelpers.fetch import SourceConfigError, GPGKeyError
++from charmhelpers.fetch import ubuntu_apt_pkg
  PROPOSED_POCKET = (
      "# Proposed\n"
@@ -158,6 +158,46 @@ CLOUD_ARCHIVE_POCKETS = {
      'queens/proposed': 'xenial-proposed/queens',
      'xenial-queens/proposed': 'xenial-proposed/queens',
      'xenial-proposed/queens': 'xenial-proposed/queens',
++    # Rocky
++    'rocky': 'bionic-updates/rocky',
++    'bionic-rocky': 'bionic-updates/rocky',
++    'bionic-rocky/updates': 'bionic-updates/rocky',
++    'bionic-updates/rocky': 'bionic-updates/rocky',
++    'rocky/proposed': 'bionic-proposed/rocky',
++    'bionic-rocky/proposed': 'bionic-proposed/rocky',
++    'bionic-proposed/rocky': 'bionic-proposed/rocky',
++    # Stein
++    'stein': 'bionic-updates/stein',
++    'bionic-stein': 'bionic-updates/stein',
++    'bionic-stein/updates': 'bionic-updates/stein',
++    'bionic-updates/stein': 'bionic-updates/stein',
++    'stein/proposed': 'bionic-proposed/stein',
++    'bionic-stein/proposed': 'bionic-proposed/stein',
++    'bionic-proposed/stein': 'bionic-proposed/stein',
++    # Train
++    'train': 'bionic-updates/train',
++    'bionic-train': 'bionic-updates/train',
++    'bionic-train/updates': 'bionic-updates/train',
++    'bionic-updates/train': 'bionic-updates/train',
++    'train/proposed': 'bionic-proposed/train',
++    'bionic-train/proposed': 'bionic-proposed/train',
++    'bionic-proposed/train': 'bionic-proposed/train',
++    # Ussuri
++    'ussuri': 'bionic-updates/ussuri',
++    'bionic-ussuri': 'bionic-updates/ussuri',
++    'bionic-ussuri/updates': 'bionic-updates/ussuri',
++    'bionic-updates/ussuri': 'bionic-updates/ussuri',
++    'ussuri/proposed': 'bionic-proposed/ussuri',
++    'bionic-ussuri/proposed': 'bionic-proposed/ussuri',
++    'bionic-proposed/ussuri': 'bionic-proposed/ussuri',
++    # Victoria
++    'victoria': 'focal-updates/victoria',
++    'focal-victoria': 'focal-updates/victoria',
++    'focal-victoria/updates': 'focal-updates/victoria',
++    'focal-updates/victoria': 'focal-updates/victoria',
++    'victoria/proposed': 'focal-proposed/victoria',
++    'focal-victoria/proposed': 'focal-proposed/victoria',
++    'focal-proposed/victoria': 'focal-proposed/victoria',
+ }
@@ -181,18 +221,54 @@ def filter_installed_packages(packages):
      return _pkgs
--def apt_cache(in_memory=True, progress=None):
--    """Build and return an apt cache."""
--    from apt import apt_pkg
--    apt_pkg.init()
--    if in_memory:
--        apt_pkg.config.set("Dir::Cache::pkgcache", "")
--        apt_pkg.config.set("Dir::Cache::srcpkgcache", "")
--    return apt_pkg.Cache(progress)
++def filter_missing_packages(packages):
++    """Return a list of packages that are installed.
++
++    :param packages: list of packages to evaluate.
++    :returns list: Packages that are installed.
++    """
++    return list(
++        set(packages) -
++        set(filter_installed_packages(packages))
++    )
++
++
++def apt_cache(*_, **__):
++    """Shim returning an object simulating the apt_pkg Cache.
++
++    :param _: Accept arguments for compability, not used.
++    :type _: any
++    :param __: Accept keyword arguments for compability, not used.
++    :type __: any
++    :returns:Object used to interrogate the system apt and dpkg databases.
++    :rtype:ubuntu_apt_pkg.Cache
++    """
++    if 'apt_pkg' in sys.modules:
++        # NOTE(fnordahl): When our consumer use the upstream ``apt_pkg`` module
++        # in conjunction with the apt_cache helper function, they may expect us
++        # to call ``apt_pkg.init()`` for them.
++        #
++        # Detect this situation, log a warning and make the call to
++        # ``apt_pkg.init()`` to avoid the consumer Python interpreter from
++        # crashing with a segmentation fault.
++        log('Support for use of upstream ``apt_pkg`` module in conjunction'
++            'with charm-helpers is deprecated since 2019-06-25', level=WARNING)
++        sys.modules['apt_pkg'].init()
++    return ubuntu_apt_pkg.Cache()
  def apt_install(packages, options=None, fatal=False):
--    """Install one or more packages."""
++    """Install one or more packages.
++
++    :param packages: Package(s) to install
++    :type packages: Option[str, List[str]]
++    :param options: Options to pass on to apt-get
++    :type options: Option[None, List[str]]
++    :param fatal: Whether the command's output should be checked and
++                  retried.
++    :type fatal: bool
++    :raises: subprocess.CalledProcessError
++    """
      if options is None:
          options = ['--option=Dpkg::Options::=--force-confold']
@@ -209,7 +285,17 @@ def apt_install(packages, options=None, fatal=False):
  def apt_upgrade(options=None, fatal=False, dist=False):
--    """Upgrade all packages."""
++    """Upgrade all packages.
++
++    :param options: Options to pass on to apt-get
++    :type options: Option[None, List[str]]
++    :param fatal: Whether the command's output should be checked and
++                  retried.
++    :type fatal: bool
++    :param dist: Whether ``dist-upgrade`` should be used over ``upgrade``
++    :type dist: bool
++    :raises: subprocess.CalledProcessError
++    """
      if options is None:
          options = ['--option=Dpkg::Options::=--force-confold']
@@ -230,7 +316,15 @@ def apt_update(fatal=False):
  def apt_purge(packages, fatal=False):
--    """Purge one or more packages."""
++    """Purge one or more packages.
++
++    :param packages: Package(s) to install
++    :type packages: Option[str, List[str]]
++    :param fatal: Whether the command's output should be checked and
++                  retried.
++    :type fatal: bool
++    :raises: subprocess.CalledProcessError
++    """
      cmd = ['apt-get', '--assume-yes', 'purge']
      if isinstance(packages, six.string_types):
          cmd.append(packages)
@@ -240,6 +334,21 @@ def apt_purge(packages, fatal=False):
      _run_apt_command(cmd, fatal)
++def apt_autoremove(purge=True, fatal=False):
++    """Purge one or more packages.
++    :param purge: Whether the ``--purge`` option should be passed on or not.
++    :type purge: bool
++    :param fatal: Whether the command's output should be checked and
++                  retried.
++    :type fatal: bool
++    :raises: subprocess.CalledProcessError
++    """
++    cmd = ['apt-get', '--assume-yes', 'autoremove']
++    if purge:
++        cmd.append('--purge')
++    _run_apt_command(cmd, fatal)
++
++
  def apt_mark(packages, mark, fatal=False):
      """Flag one or more packages using apt-mark."""
      log("Marking {} as {}".format(packages, mark))
@@ -266,13 +375,18 @@ def apt_unhold(packages, fatal=False):
  def import_key(key):
      """Import an ASCII Armor key.
--    /!\ A Radix64 format keyid is also supported for backwards
--    compatibility, but should never be used; the key retrieval
--    mechanism is insecure and subject to man-in-the-middle attacks
--    voiding all signature checks using that key.
--
--    :param keyid: The key in ASCII armor format,
--                  including BEGIN and END markers.
++    A Radix64 format keyid is also supported for backwards
++    compatibility. In this case Ubuntu keyserver will be
++    queried for a key via HTTPS by its keyid. This method
++    is less preferrable because https proxy servers may
++    require traffic decryption which is equivalent to a
++    man-in-the-middle attack (a proxy server impersonates
++    keyserver TLS certificates and has to be explicitly
++    trusted by the system).
++
++    :param key: A GPG key in ASCII armor format,
++                  including BEGIN and END markers or a keyid.
++    :type key: (bytes, str)
      :raises: GPGKeyError if the key could not be imported
      """
      key = key.strip()
@@ -283,35 +397,131 @@ def import_key(key):
          log("PGP key found (looks like ASCII Armor format)", level=DEBUG)
          if ('-----BEGIN PGP PUBLIC KEY BLOCK-----' in key and
                  '-----END PGP PUBLIC KEY BLOCK-----' in key):
--            log("Importing ASCII Armor PGP key", level=DEBUG)
--            with NamedTemporaryFile() as keyfile:
--                with open(keyfile.name, 'w') as fd:
--                    fd.write(key)
--                    fd.write("\n")
--                cmd = ['apt-key', 'add', keyfile.name]
--                try:
--                    subprocess.check_call(cmd)
--                except subprocess.CalledProcessError:
--                    error = "Error importing PGP key '{}'".format(key)
--                    log(error)
--                    raise GPGKeyError(error)
++            log("Writing provided PGP key in the binary format", level=DEBUG)
++            if six.PY3:
++                key_bytes = key.encode('utf-8')
++            else:
++                key_bytes = key
++            key_name = _get_keyid_by_gpg_key(key_bytes)
++            key_gpg = _dearmor_gpg_key(key_bytes)
++            _write_apt_gpg_keyfile(key_name=key_name, key_material=key_gpg)
          else:
              raise GPGKeyError("ASCII armor markers missing from GPG key")
      else:
--        # We should only send things obviously not a keyid offsite
--        # via this unsecured protocol, as it may be a secret or part
--        # of one.
          log("PGP key found (looks like Radix64 format)", level=WARNING)
--        log("INSECURLY importing PGP key from keyserver; "
++        log("SECURELY importing PGP key from keyserver; "
              "full key not provided.", level=WARNING)
--        cmd = ['apt-key', 'adv', '--keyserver',
--               'hkp://keyserver.ubuntu.com:80', '--recv-keys', key]
--        try:
--            subprocess.check_call(cmd)
--        except subprocess.CalledProcessError:
--            error = "Error importing PGP key '{}'".format(key)
--            log(error)
--            raise GPGKeyError(error)
++        # as of bionic add-apt-repository uses curl with an HTTPS keyserver URL
++        # to retrieve GPG keys. `apt-key adv` command is deprecated as is
++        # apt-key in general as noted in its manpage. See lp:1433761 for more
++        # history. Instead, /etc/apt/trusted.gpg.d is used directly to drop
++        # gpg
++        key_asc = _get_key_by_keyid(key)
++        # write the key in GPG format so that apt-key list shows it
++        key_gpg = _dearmor_gpg_key(key_asc)
++        _write_apt_gpg_keyfile(key_name=key, key_material=key_gpg)
++
++
++def _get_keyid_by_gpg_key(key_material):
++    """Get a GPG key fingerprint by GPG key material.
++    Gets a GPG key fingerprint (40-digit, 160-bit) by the ASCII armor-encoded
++    or binary GPG key material. Can be used, for example, to generate file
++    names for keys passed via charm options.
++
++    :param key_material: ASCII armor-encoded or binary GPG key material
++    :type key_material: bytes
++    :raises: GPGKeyError if invalid key material has been provided
++    :returns: A GPG key fingerprint
++    :rtype: str
++    """
++    # Use the same gpg command for both Xenial and Bionic
++    cmd = 'gpg --with-colons --with-fingerprint'
++    ps = subprocess.Popen(cmd.split(),
++                          stdout=subprocess.PIPE,
++                          stderr=subprocess.PIPE,
++                          stdin=subprocess.PIPE)
++    out, err = ps.communicate(input=key_material)
++    if six.PY3:
++        out = out.decode('utf-8')
++        err = err.decode('utf-8')
++    if 'gpg: no valid OpenPGP data found.' in err:
++        raise GPGKeyError('Invalid GPG key material provided')
++    # from gnupg2 docs: fpr :: Fingerprint (fingerprint is in field 10)
++    return re.search(r"^fpr:{9}([0-9A-F]{40}):$", out, re.MULTILINE).group(1)
++
++
++def _get_key_by_keyid(keyid):
++    """Get a key via HTTPS from the Ubuntu keyserver.
++    Different key ID formats are supported by SKS keyservers (the longer ones
++    are more secure, see "dead beef attack" and https://evil32.com/). Since
++    HTTPS is used, if SSLBump-like HTTPS proxies are in place, they will
++    impersonate keyserver.ubuntu.com and generate a certificate with
++    keyserver.ubuntu.com in the CN field or in SubjAltName fields of a
++    certificate. If such proxy behavior is expected it is necessary to add the
++    CA certificate chain containing the intermediate CA of the SSLBump proxy to
++    every machine that this code runs on via ca-certs cloud-init directive (via
++    cloudinit-userdata model-config) or via other means (such as through a
++    custom charm option). Also note that DNS resolution for the hostname in a
++    URL is done at a proxy server - not at the client side.
++
++    8-digit (32 bit) key ID
++    https://keyserver.ubuntu.com/pks/lookup?search=0x4652B4E6
++    16-digit (64 bit) key ID
++    https://keyserver.ubuntu.com/pks/lookup?search=0x6E85A86E4652B4E6
++    40-digit key ID:
++    https://keyserver.ubuntu.com/pks/lookup?search=0x35F77D63B5CEC106C577ED856E85A86E4652B4E6
++
++    :param keyid: An 8, 16 or 40 hex digit keyid to find a key for
++    :type keyid: (bytes, str)
++    :returns: A key material for the specified GPG key id
++    :rtype: (str, bytes)
++    :raises: subprocess.CalledProcessError
++    """
++    # options=mr - machine-readable output (disables html wrappers)
++    keyserver_url = ('https://keyserver.ubuntu.com'
++                     '/pks/lookup?op=get&options=mr&exact=on&search=0x{}')
++    curl_cmd = ['curl', keyserver_url.format(keyid)]
++    # use proxy server settings in order to retrieve the key
++    return subprocess.check_output(curl_cmd,
++                                   env=env_proxy_settings(['https']))
++
++
++def _dearmor_gpg_key(key_asc):
++    """Converts a GPG key in the ASCII armor format to the binary format.
++
++    :param key_asc: A GPG key in ASCII armor format.
++    :type key_asc: (str, bytes)
++    :returns: A GPG key in binary format
++    :rtype: (str, bytes)
++    :raises: GPGKeyError
++    """
++    ps = subprocess.Popen(['gpg', '--dearmor'],
++                          stdout=subprocess.PIPE,
++                          stderr=subprocess.PIPE,
++                          stdin=subprocess.PIPE)
++    out, err = ps.communicate(input=key_asc)
++    # no need to decode output as it is binary (invalid utf-8), only error
++    if six.PY3:
++        err = err.decode('utf-8')
++    if 'gpg: no valid OpenPGP data found.' in err:
++        raise GPGKeyError('Invalid GPG key material. Check your network setup'
++                          ' (MTU, routing, DNS) and/or proxy server settings'
++                          ' as well as destination keyserver status.')
++    else:
++        return out
++
++
++def _write_apt_gpg_keyfile(key_name, key_material):
++    """Writes GPG key material into a file at a provided path.
++
++    :param key_name: A key name to use for a key file (could be a fingerprint)
++    :type key_name: str
++    :param key_material: A GPG key material (binary)
++    :type key_material: (str, bytes)
++    """
++    with open('/etc/apt/trusted.gpg.d/{}.gpg'.format(key_name),
++              'wb') as keyf:
++        keyf.write(key_material)
  def add_source(source, key=None, fail_invalid=False):
@@ -386,14 +596,16 @@ def add_source(source, key=None, fail_invalid=False):
      for r, fn in six.iteritems(_mapping):
          m = re.match(r, source)
          if m:
--            # call the assoicated function with the captured groups
--            # raises SourceConfigError on error.
--            fn(*m.groups())
              if key:
++                # Import key before adding the source which depends on it,
++                # as refreshing packages could fail otherwise.
                  try:
                      import_key(key)
                  except GPGKeyError as e:
                      raise SourceConfigError(str(e))
++            # call the associated function with the captured groups
++            # raises SourceConfigError on error.
++            fn(*m.groups())
              break
      else:
          # nothing matched.  log an error and maybe sys.exit
@@ -406,13 +618,13 @@ def add_source(source, key=None, fail_invalid=False):
  def _add_proposed():
      """Add the PROPOSED_POCKET as /etc/apt/source.list.d/proposed.list
--    Uses lsb_release()['DISTRIB_CODENAME'] to determine the correct staza for
++    Uses get_distrib_codename to determine the correct stanza for
      the deb line.
      For intel architecutres PROPOSED_POCKET is used for the release, but for
      other architectures PROPOSED_PORTS_POCKET is used for the release.
      """
--    release = lsb_release()['DISTRIB_CODENAME']
++    release = get_distrib_codename()
      arch = platform.machine()
      if arch not in six.iterkeys(ARCH_TO_PROPOSED_POCKET):
          raise SourceConfigError("Arch {} not supported for (distro-)proposed"
@@ -425,8 +637,16 @@ def _add_apt_repository(spec):
      """Add the spec using add_apt_repository
      :param spec: the parameter to pass to add_apt_repository
++    :type spec: str
      """
--    _run_with_retries(['add-apt-repository', '--yes', spec])
++    if '{series}' in spec:
++        series = get_distrib_codename()
++        spec = spec.replace('{series}', series)
++    # software-properties package for bionic properly reacts to proxy settings
++    # passed as environment variables (See lp:1433761). This is not the case
++    # LTS and non-LTS releases below bionic.
++    _run_with_retries(['add-apt-repository', '--yes', spec],
++                      cmd_env=env_proxy_settings(['https']))
  def _add_cloud_pocket(pocket):
@@ -495,7 +715,7 @@ def _verify_is_ubuntu_rel(release, os_release):
      :raises: SourceConfigError if the release is not the same as the ubuntu
          release.
      """
--    ubuntu_rel = lsb_release()['DISTRIB_CODENAME']
++    ubuntu_rel = get_distrib_codename()
      if release != ubuntu_rel:
          raise SourceConfigError(
              'Invalid Cloud Archive release specified: {}-{} on this Ubuntu'
@@ -506,21 +726,22 @@ def _run_with_retries(cmd, max_retries=CMD_RETRY_COUNT, retry_exitcodes=(1,),
                        retry_message="", cmd_env=None):
      """Run a command and retry until success or max_retries is reached.
--    :param: cmd: str: The apt command to run.
--    :param: max_retries: int: The number of retries to attempt on a fatal
--        command. Defaults to CMD_RETRY_COUNT.
--    :param: retry_exitcodes: tuple: Optional additional exit codes to retry.
--        Defaults to retry on exit code 1.
--    :param: retry_message: str: Optional log prefix emitted during retries.
--    :param: cmd_env: dict: Environment variables to add to the command run.
++    :param cmd: The apt command to run.
++    :type cmd: str
++    :param max_retries: The number of retries to attempt on a fatal
++                        command. Defaults to CMD_RETRY_COUNT.
++    :type max_retries: int
++    :param retry_exitcodes: Optional additional exit codes to retry.
++                            Defaults to retry on exit code 1.
++    :type retry_exitcodes: tuple
++    :param retry_message: Optional log prefix emitted during retries.
++    :type retry_message: str
++    :param: cmd_env: Environment variables to add to the command run.
++    :type cmd_env: Option[None, Dict[str, str]]
      """
--
--    env = None
--    kwargs = {}
++    env = get_apt_dpkg_env()
      if cmd_env:
--        env = os.environ.copy()
          env.update(cmd_env)
--        kwargs['env'] = env
      if not retry_message:
          retry_message = "Failed executing '{}'".format(" ".join(cmd))
@@ -532,8 +753,7 @@ def _run_with_retries(cmd, max_retries=CMD_RETRY_COUNT, retry_exitcodes=(1,),
      retry_results = (None,) + retry_exitcodes
      while result in retry_results:
          try:
--            # result = subprocess.check_call(cmd, env=env)
--            result = subprocess.check_call(cmd, **kwargs)
++            result = subprocess.check_call(cmd, env=env)
          except subprocess.CalledProcessError as e:
              retry_count = retry_count + 1
              if retry_count > max_retries:
@@ -546,22 +766,18 @@ def _run_with_retries(cmd, max_retries=CMD_RETRY_COUNT, retry_exitcodes=(1,),
  def _run_apt_command(cmd, fatal=False):
      """Run an apt command with optional retries.
--    :param: cmd: str: The apt command to run.
--    :param: fatal: bool: Whether the command's output should be checked and
--        retried.
++    :param cmd: The apt command to run.
++    :type cmd: str
++    :param fatal: Whether the command's output should be checked and
++                  retried.
++    :type fatal: bool
      """
--    # Provide DEBIAN_FRONTEND=noninteractive if not present in the environment.
--    cmd_env = {
--        'DEBIAN_FRONTEND': os.environ.get('DEBIAN_FRONTEND', 'noninteractive')}
--
      if fatal:
          _run_with_retries(
--            cmd, cmd_env=cmd_env, retry_exitcodes=(1, APT_NO_LOCK,),
++            cmd, retry_exitcodes=(1, APT_NO_LOCK,),
              retry_message="Couldn't acquire DPKG lock")
      else:
--        env = os.environ.copy()
--        env.update(cmd_env)
--        subprocess.call(cmd, env=env)
++        subprocess.call(cmd, env=get_apt_dpkg_env())
  def get_upstream_version(package):
@@ -569,7 +785,6 @@ def get_upstream_version(package):
      @returns None (if not installed) or the upstream version
      """
--    import apt_pkg
      cache = apt_cache()
      try:
          pkg = cache[package]
@@ -581,4 +796,18 @@ def get_upstream_version(package):
          # package is known, but no version is currently installed.
          return None
--    return apt_pkg.upstream_version(pkg.current_ver.ver_str)
++    return ubuntu_apt_pkg.upstream_version(pkg.current_ver.ver_str)
++
++
++def get_apt_dpkg_env():
++    """Get environment suitable for execution of APT and DPKG tools.
++
++    We keep this in a helper function instead of in a global constant to
++    avoid execution on import of the library.
++    :returns: Environment suitable for execution of APT and DPKG tools.
++    :rtype: Dict[str, str]
++    """
++    # The fallback is used in the event of ``/etc/environment`` not containing
++    # avalid PATH variable.
++    return {'DEBIAN_FRONTEND': 'noninteractive',
++            'PATH': get_system_env('PATH', '/usr/sbin:/usr/bin:/sbin:/bin')}
 diff --git a/lib/charmhelpers/fetch/ubuntu_apt_pkg.py b/lib/charmhelpers/fetch/ubuntu_apt_pkg.py
 new file mode 100644
 index 0000000..929a75d
 --- /dev/null
 +++ b/lib/charmhelpers/fetch/ubuntu_apt_pkg.py
@@ -0,0 +1,267 @@
++# Copyright 2019 Canonical Ltd
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#  http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++"""Provide a subset of the ``python-apt`` module API.
++
++Data collection is done through subprocess calls to ``apt-cache`` and
++``dpkg-query`` commands.
++
++The main purpose for this module is to avoid dependency on the
++``python-apt`` python module.
++
++The indicated python module is a wrapper around the ``apt`` C++ library
++which is tightly connected to the version of the distribution it was
++shipped on.  It is not developed in a backward/forward compatible manner.
++
++This in turn makes it incredibly hard to distribute as a wheel for a piece
++of python software that supports a span of distro releases [0][1].
++
++Upstream feedback like [2] does not give confidence in this ever changing,
++so with this we get rid of the dependency.
++
++0: https://github.com/juju-solutions/layer-basic/pull/135
++1: https://bugs.launchpad.net/charm-octavia/+bug/1824112
++2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845330#10
++"""
++
++import locale
++import os
++import subprocess
++import sys
++
++
++class _container(dict):
++    """Simple container for attributes."""
++    __getattr__ = dict.__getitem__
++    __setattr__ = dict.__setitem__
++
++
++class Package(_container):
++    """Simple container for package attributes."""
++
++
++class Version(_container):
++    """Simple container for version attributes."""
++
++
++class Cache(object):
++    """Simulation of ``apt_pkg`` Cache object."""
++    def __init__(self, progress=None):
++        pass
++
++    def __contains__(self, package):
++        try:
++            pkg = self.__getitem__(package)
++            return pkg is not None
++        except KeyError:
++            return False
++
++    def __getitem__(self, package):
++        """Get information about a package from apt and dpkg databases.
++
++        :param package: Name of package
++        :type package: str
++        :returns: Package object
++        :rtype: object
++        :raises: KeyError, subprocess.CalledProcessError
++        """
++        apt_result = self._apt_cache_show([package])[package]
++        apt_result['name'] = apt_result.pop('package')
++        pkg = Package(apt_result)
++        dpkg_result = self._dpkg_list([package]).get(package, {})
++        current_ver = None
++        installed_version = dpkg_result.get('version')
++        if installed_version:
++            current_ver = Version({'ver_str': installed_version})
++        pkg.current_ver = current_ver
++        pkg.architecture = dpkg_result.get('architecture')
++        return pkg
++
++    def _dpkg_list(self, packages):
++        """Get data from system dpkg database for package.
++
++        :param packages: Packages to get data from
++        :type packages: List[str]
++        :returns: Structured data about installed packages, keys like
++                  ``dpkg-query --list``
++        :rtype: dict
++        :raises: subprocess.CalledProcessError
++        """
++        pkgs = {}
++        cmd = ['dpkg-query', '--list']
++        cmd.extend(packages)
++        if locale.getlocale() == (None, None):
++            # subprocess calls out to locale.getpreferredencoding(False) to
++            # determine encoding.  Workaround for Trusty where the
++            # environment appears to not be set up correctly.
++            locale.setlocale(locale.LC_ALL, 'en_US.UTF-8')
++        try:
++            output = subprocess.check_output(cmd,
++                                             stderr=subprocess.STDOUT,
++                                             universal_newlines=True)
++        except subprocess.CalledProcessError as cp:
++            # ``dpkg-query`` may return error and at the same time have
++            # produced useful output, for example when asked for multiple
++            # packages where some are not installed
++            if cp.returncode != 1:
++                raise
++            output = cp.output
++        headings = []
++        for line in output.splitlines():
++            if line.startswith('||/'):
++                headings = line.split()
++                headings.pop(0)
++                continue
++            elif (line.startswith('|') or line.startswith('+') or
++                  line.startswith('dpkg-query:')):
++                continue
++            else:
++                data = line.split(None, 4)
++                status = data.pop(0)
++                if status != 'ii':
++                    continue
++                pkg = {}
++                pkg.update({k.lower(): v for k, v in zip(headings, data)})
++                if 'name' in pkg:
++                    pkgs.update({pkg['name']: pkg})
++        return pkgs
++
++    def _apt_cache_show(self, packages):
++        """Get data from system apt cache for package.
++
++        :param packages: Packages to get data from
++        :type packages: List[str]
++        :returns: Structured data about package, keys like
++                  ``apt-cache show``
++        :rtype: dict
++        :raises: subprocess.CalledProcessError
++        """
++        pkgs = {}
++        cmd = ['apt-cache', 'show', '--no-all-versions']
++        cmd.extend(packages)
++        if locale.getlocale() == (None, None):
++            # subprocess calls out to locale.getpreferredencoding(False) to
++            # determine encoding.  Workaround for Trusty where the
++            # environment appears to not be set up correctly.
++            locale.setlocale(locale.LC_ALL, 'en_US.UTF-8')
++        try:
++            output = subprocess.check_output(cmd,
++                                             stderr=subprocess.STDOUT,
++                                             universal_newlines=True)
++            previous = None
++            pkg = {}
++            for line in output.splitlines():
++                if not line:
++                    if 'package' in pkg:
++                        pkgs.update({pkg['package']: pkg})
++                        pkg = {}
++                    continue
++                if line.startswith(' '):
++                    if previous and previous in pkg:
++                        pkg[previous] += os.linesep + line.lstrip()
++                    continue
++                if ':' in line:
++                    kv = line.split(':', 1)
++                    key = kv[0].lower()
++                    if key == 'n':
++                        continue
++                    previous = key
++                    pkg.update({key: kv[1].lstrip()})
++        except subprocess.CalledProcessError as cp:
++            # ``apt-cache`` returns 100 if none of the packages asked for
++            # exist in the apt cache.
++            if cp.returncode != 100:
++                raise
++        return pkgs
++
++
++class Config(_container):
++    def __init__(self):
++        super(Config, self).__init__(self._populate())
++
++    def _populate(self):
++        cfgs = {}
++        cmd = ['apt-config', 'dump']
++        output = subprocess.check_output(cmd,
++                                         stderr=subprocess.STDOUT,
++                                         universal_newlines=True)
++        for line in output.splitlines():
++            if not line.startswith("CommandLine"):
++                k, v = line.split(" ", 1)
++                cfgs[k] = v.strip(";").strip("\"")
++
++        return cfgs
++
++
++# Backwards compatibility with old apt_pkg module
++sys.modules[__name__].config = Config()
++
++
++def init():
++    """Compability shim that does nothing."""
++    pass
++
++
++def upstream_version(version):
++    """Extracts upstream version from a version string.
++
++    Upstream reference: https://salsa.debian.org/apt-team/apt/blob/master/
++                                apt-pkg/deb/debversion.cc#L259
++
++    :param version: Version string
++    :type version: str
++    :returns: Upstream version
++    :rtype: str
++    """
++    if version:
++        version = version.split(':')[-1]
++        version = version.split('-')[0]
++    return version
++
++
++def version_compare(a, b):
++    """Compare the given versions.
++
++    Call out to ``dpkg`` to make sure the code doing the comparison is
++    compatible with what the ``apt`` library would do.  Mimic the return
++    values.
++
++    Upstream reference:
++    https://apt-team.pages.debian.net/python-apt/library/apt_pkg.html
++            ?highlight=version_compare#apt_pkg.version_compare
++
++    :param a: version string
++    :type a: str
++    :param b: version string
++    :type b: str
++    :returns: >0 if ``a`` is greater than ``b``, 0 if a equals b,
++              <0 if ``a`` is smaller than ``b``
++    :rtype: int
++    :raises: subprocess.CalledProcessError, RuntimeError
++    """
++    for op in ('gt', 1), ('eq', 0), ('lt', -1):
++        try:
++            subprocess.check_call(['dpkg', '--compare-versions',
++                                   a, op[0], b],
++                                  stderr=subprocess.STDOUT,
++                                  universal_newlines=True)
++            return op[1]
++        except subprocess.CalledProcessError as cp:
++            if cp.returncode == 1:
++                continue
++            raise
++    else:
++        raise RuntimeError('Unable to compare "{}" and "{}", according to '
++                           'our logic they are neither greater, equal nor '
++                           'less than each other.')
 diff --git a/lib/charmhelpers/osplatform.py b/lib/charmhelpers/osplatform.py
 index d9a4d5c..78c81af 100644
 --- a/lib/charmhelpers/osplatform.py
 +++ b/lib/charmhelpers/osplatform.py
@@ -1,4 +1,5 @@
  import platform
++import os
  def get_platform():
@@ -9,9 +10,13 @@ def get_platform():
      This string is used to decide which platform module should be imported.
      """
      # linux_distribution is deprecated and will be removed in Python 3.7
--    # Warings *not* disabled, as we certainly need to fix this.
--    tuple_platform = platform.linux_distribution()
--    current_platform = tuple_platform[0]
++    # Warnings *not* disabled, as we certainly need to fix this.
++    if hasattr(platform, 'linux_distribution'):
++        tuple_platform = platform.linux_distribution()
++        current_platform = tuple_platform[0]
++    else:
++        current_platform = _get_platform_from_fs()
++
      if "Ubuntu" in current_platform:
          return "ubuntu"
      elif "CentOS" in current_platform:
@@ -20,6 +25,22 @@ def get_platform():
          # Stock Python does not detect Ubuntu and instead returns debian.
          # Or at least it does in some build environments like Travis CI
          return "ubuntu"
++    elif "elementary" in current_platform:
++        # ElementaryOS fails to run tests locally without this.
++        return "ubuntu"
      else:
          raise RuntimeError("This module is not supported on {}."
                             .format(current_platform))
++
++
++def _get_platform_from_fs():
++    """Get Platform from /etc/os-release."""
++    with open(os.path.join(os.sep, 'etc', 'os-release')) as fin:
++        content = dict(
++            line.split('=', 1)
++            for line in fin.read().splitlines()
++            if '=' in line
++        )
++    for k, v in content.items():
++        content[k] = v.strip('"')
++    return content["NAME"]

Container Log Archive Charm

Merge ~hloeung/container-log-archive-charm:charm-helpers-sync into container-log-archive-charm:master

Commit message

Description of the change

Preview Diff

Subscribers