Merge ~renanrodrigo/ubuntu/+source/ubuntu-advantage-tools:upload-27.11.2-kinetic into ubuntu/+source/ubuntu-advantage-tools:ubuntu/devel
- Git
- lp:~renanrodrigo/ubuntu/+source/ubuntu-advantage-tools
- upload-27.11.2-kinetic
- Merge into ubuntu/devel
Status: | Merged | ||||||||
---|---|---|---|---|---|---|---|---|---|
Merged at revision: | b45db3057e231867380616280685a1523fed059a | ||||||||
Proposed branch: | ~renanrodrigo/ubuntu/+source/ubuntu-advantage-tools:upload-27.11.2-kinetic | ||||||||
Merge into: | ubuntu/+source/ubuntu-advantage-tools:ubuntu/devel | ||||||||
Diff against target: |
1945 lines (+507/-512) 34 files modified
debian/changelog (+20/-0) debian/ubuntu-advantage-tools.postinst (+1/-1) dev/null (+0/-45) features/api_full_auto_attach.feature (+1/-2) features/apt_messages.feature (+24/-25) features/attach_invalidtoken.feature (+1/-1) features/attached_commands.feature (+0/-24) features/attached_enable.feature (+98/-55) features/attached_status.feature (+0/-2) features/enable_fips_vm.feature (+6/-6) features/motd_messages.feature (+98/-98) features/security_status.feature (+78/-99) features/ubuntu_upgrade.feature (+1/-1) features/ubuntu_upgrade_unattached.feature (+1/-0) features/unattached_commands.feature (+15/-3) features/unattached_status.feature (+36/-52) uaclient/api/tests/test_u_pro_attach_auto_full_auto_attach_v1.py (+8/-8) uaclient/apt.py (+2/-5) uaclient/cli.py (+7/-7) uaclient/entitlements/esm.py (+4/-3) uaclient/entitlements/ros.py (+1/-0) uaclient/entitlements/tests/test_esm.py (+25/-18) uaclient/jobs/tests/test_update_messaging.py (+1/-1) uaclient/jobs/update_messaging.py (+28/-1) uaclient/messages.py (+10/-1) uaclient/security_status.py (+9/-4) uaclient/tests/test_apt.py (+1/-1) uaclient/tests/test_cli.py (+0/-2) uaclient/tests/test_cli_disable.py (+2/-2) uaclient/tests/test_cli_enable.py (+2/-2) uaclient/tests/test_cli_security_status.py (+1/-2) uaclient/tests/test_cli_status.py (+19/-32) uaclient/tests/test_status.py (+6/-8) uaclient/version.py (+1/-1) |
||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Andreas Hasenack | Approve | ||
Canonical Server | Pending | ||
Review via email:
|
Commit message
Make esm-apps beta again
Add back the beta flag to esm-apps (and to ROS as a consequence).
Also adjust the messages in APT to mention Pro beta, and remove esm-apps information from pro security-status when the service is not enabled.
Description of the change
This is the ubuntu-
The intention here is to cover the last-minute changes needed to launch Ubuntu Pro (beta).
Add back the beta flag to esm-apps (and to ROS as a consequence).
Also adjust the messages in APT to mention Pro beta, and remove esm-apps information from pro security-status when the service is not enabled.
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Andreas Hasenack (ahasenack) wrote : | # |
Kinetic uploaded:
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Andreas Hasenack (ahasenack) wrote : | # |
Jammy uploaded:
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Andreas Hasenack (ahasenack) wrote : | # |
Focal uploaded:
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Andreas Hasenack (ahasenack) wrote : | # |
Bionic uploaded:
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Andreas Hasenack (ahasenack) wrote : | # |
Xenial uploaded:
Uploading to ubuntu (via ftp to upload.ubuntu.com):
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
Uploading ubuntu-
Successfully uploaded packages.
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index 0d85b03..a5acfc4 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,23 @@ |
6 | +ubuntu-advantage-tools (27.11.2~22.10.1) kinetic; urgency=medium |
7 | + |
8 | + * New upstream release 27.11.2: (LP: #1991173) |
9 | + - esm: add the --beta flag back to esm-apps |
10 | + - messaging: show Ubuntu Pro beta message in apt output |
11 | + - security-status: don't show esm-apps information when the service is not |
12 | + enabled |
13 | + - ros: add the --beta flag back to ros and ros-updates |
14 | + |
15 | + -- Renan Rodrigo <renanrodrigo@canonical.com> Thu, 29 Sep 2022 16:20:42 -0300 |
16 | + |
17 | +ubuntu-advantage-tools (27.11.1~22.10.1) kinetic; urgency=medium |
18 | + |
19 | + * New upstream release 27.11.1: (LP: #1990907) |
20 | + - Fix release upgrade when ESM packages are installed |
21 | + + d/postinst: remove series information from the APT preferences template |
22 | + + esm: remove series information from the APT preferences file |
23 | + |
24 | + -- Renan Rodrigo <renanrodrigo@canonical.com> Tue, 27 Sep 2022 16:19:41 -0300 |
25 | + |
26 | ubuntu-advantage-tools (27.11~22.10.1) kinetic; urgency=medium |
27 | |
28 | * d/control: |
29 | diff --git a/debian/ubuntu-advantage-tools.postinst b/debian/ubuntu-advantage-tools.postinst |
30 | index 4330448..4a677fc 100644 |
31 | --- a/debian/ubuntu-advantage-tools.postinst |
32 | +++ b/debian/ubuntu-advantage-tools.postinst |
33 | @@ -217,7 +217,7 @@ EOF |
34 | cat > "${apt_pref_file}" <<EOF |
35 | # Written by ubuntu-advantage-tools |
36 | Package: * |
37 | -Pin: release o=${apt_origin}, n=${release} |
38 | +Pin: release o=${apt_origin} |
39 | Pin-Priority: never |
40 | EOF |
41 | fi |
42 | diff --git a/features/api_full_auto_attach.feature b/features/api_full_auto_attach.feature |
43 | index 1aac22e..240e06f 100644 |
44 | --- a/features/api_full_auto_attach.feature |
45 | +++ b/features/api_full_auto_attach.feature |
46 | @@ -17,13 +17,12 @@ Feature: Full Auto-Attach Endpoint |
47 | """ |
48 | from uaclient.api.u.pro.attach.auto.full_auto_attach.v1 import full_auto_attach, FullAutoAttachOptions |
49 | |
50 | - full_auto_attach(FullAutoAttachOptions(enable=["esm-infra", "esm-apps"])) |
51 | + full_auto_attach(FullAutoAttachOptions(enable=["esm-infra"])) |
52 | """ |
53 | And I run `python3 /tmp/full_auto_attach.py` with sudo |
54 | And I run `pro status --all` with sudo |
55 | Then stdout matches regexp: |
56 | """ |
57 | - esm-apps +yes +enabled +Expanded Security Maintenance for Applications |
58 | esm-infra +yes +enabled +Expanded Security Maintenance for Infrastructure |
59 | """ |
60 | Then stdout matches regexp: |
61 | diff --git a/features/apt_messages.feature b/features/apt_messages.feature |
62 | index af9b17e..27d67cb 100644 |
63 | --- a/features/apt_messages.feature |
64 | +++ b/features/apt_messages.feature |
65 | @@ -225,9 +225,8 @@ Feature: APT Messages |
66 | Building dependency tree... |
67 | Reading state information... |
68 | Calculating upgrade... |
69 | - The following security updates require Ubuntu Pro with 'esm-apps' enabled: |
70 | - hello |
71 | - Learn more about Ubuntu Pro at https://ubuntu.com/pro |
72 | + Try Ubuntu Pro beta with a free personal subscription on up to 5 machines. |
73 | + Learn more at https://ubuntu.com/pro |
74 | 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. |
75 | """ |
76 | When I attach `contract_token` with sudo |
77 | @@ -241,23 +240,23 @@ Feature: APT Messages |
78 | The following packages will be upgraded: |
79 | hello |
80 | """ |
81 | - When I update contract to use `effectiveTo` as `days=-20` |
82 | - When I run `pro refresh messages` with sudo |
83 | - When I run `apt-get upgrade --dry-run` with sudo |
84 | - Then stdout matches regexp: |
85 | - """ |
86 | - Reading package lists... |
87 | - Building dependency tree... |
88 | - Reading state information... |
89 | - Calculating upgrade... |
90 | - |
91 | - \*Your Ubuntu Pro subscription has EXPIRED\* |
92 | - The following security updates require Ubuntu Pro with 'esm-apps' enabled: |
93 | - hello |
94 | - Renew your service at https:\/\/ubuntu.com\/pro |
95 | - |
96 | - The following packages will be upgraded: |
97 | - """ |
98 | +# When I update contract to use `effectiveTo` as `days=-20` |
99 | +# When I run `pro refresh messages` with sudo |
100 | +# When I run `apt-get upgrade --dry-run` with sudo |
101 | +# Then stdout matches regexp: |
102 | +# """ |
103 | +# Reading package lists... |
104 | +# Building dependency tree... |
105 | +# Reading state information... |
106 | +# Calculating upgrade... |
107 | +# |
108 | +# \*Your Ubuntu Pro subscription has EXPIRED\* |
109 | +# The following security updates require Ubuntu Pro with 'esm-apps' enabled: |
110 | +# hello |
111 | +# Renew your service at https:\/\/ubuntu.com\/pro |
112 | +# |
113 | +# The following packages will be upgraded: |
114 | +# """ |
115 | When I run `apt-get upgrade -y` with sudo |
116 | When I run `pro detach --assume-yes` with sudo |
117 | When I run `pro refresh messages` with sudo |
118 | @@ -268,8 +267,8 @@ Feature: APT Messages |
119 | Building dependency tree... |
120 | Reading state information... |
121 | Calculating upgrade... |
122 | - Receive additional future security updates with Ubuntu Pro. |
123 | - Learn more about Ubuntu Pro at https:\/\/ubuntu\.com\/pro |
124 | + Try Ubuntu Pro beta with a free personal subscription on up to 5 machines. |
125 | + Learn more at https:\/\/ubuntu.com\/pro |
126 | 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded\. |
127 | """ |
128 | Examples: ubuntu release |
129 | @@ -291,7 +290,7 @@ Feature: APT Messages |
130 | Examples: ubuntu release |
131 | | release | msg | |
132 | | xenial | Learn more about Ubuntu Pro for 16\.04 at https:\/\/ubuntu\.com\/16-04 | |
133 | - | bionic | Learn more about Ubuntu Pro on AWS at https:\/\/ubuntu\.com\/aws\/pro | |
134 | +# | bionic | Learn more about Ubuntu Pro on AWS at https:\/\/ubuntu\.com\/aws\/pro | |
135 | |
136 | @series.xenial |
137 | @series.bionic |
138 | @@ -308,7 +307,7 @@ Feature: APT Messages |
139 | Examples: ubuntu release |
140 | | release | msg | |
141 | | xenial | Learn more about Ubuntu Pro for 16\.04 on Azure at https:\/\/ubuntu\.com\/16-04\/azure | |
142 | - | bionic | Learn more about Ubuntu Pro on Azure at https:\/\/ubuntu\.com\/azure\/pro | |
143 | +# | bionic | Learn more about Ubuntu Pro on Azure at https:\/\/ubuntu\.com\/azure\/pro | |
144 | |
145 | @series.xenial |
146 | @series.bionic |
147 | @@ -325,4 +324,4 @@ Feature: APT Messages |
148 | Examples: ubuntu release |
149 | | release | msg | |
150 | | xenial | Learn more about Ubuntu Pro for 16\.04 at https:\/\/ubuntu\.com\/16-04 | |
151 | - | bionic | Learn more about Ubuntu Pro on GCP at https:\/\/ubuntu\.com\/gcp\/pro | |
152 | +# | bionic | Learn more about Ubuntu Pro on GCP at https:\/\/ubuntu\.com\/gcp\/pro | |
153 | diff --git a/features/attach_invalidtoken.feature b/features/attach_invalidtoken.feature |
154 | index 95cc47d..dbd2f26 100644 |
155 | --- a/features/attach_invalidtoken.feature |
156 | +++ b/features/attach_invalidtoken.feature |
157 | @@ -46,7 +46,7 @@ Feature: Command behaviour when trying to attach a machine to an Ubuntu |
158 | Then stdout is a json matching the `ua_operation` schema |
159 | And I will see the following on stdout: |
160 | """ |
161 | - {"_schema_version": "0.1", "errors": [{"additional_info": {"contract_expiry_date": "12-31-2019", "contract_id": "cAJ4NHcl2qAld2CbJt5cufzZNHgVZ0YTPIH96Ihsy4bU"}, "message": "Attach denied:\nContract \"cAJ4NHcl2qAld2CbJt5cufzZNHgVZ0YTPIH96Ihsy4bU\" expired on December 31, 2019\nVisit https://ubuntu.com/pro to manage contract tokens.", "message_code": "attach-forbidden-expired", "service": null, "type": "system"}], "failed_services": [], "needs_reboot": false, "processed_services": [], "result": "failure", "warnings": []} |
162 | + {"_schema_version": "0.1", "errors": [{"additional_info": {"contract_expiry_date": "08-21-2022", "contract_id": "cAHT7ADjWMRCjo5Q53QlTawtPlrhxeRg7cbEnquxxm1g"}, "message": "Attach denied:\nContract \"cAHT7ADjWMRCjo5Q53QlTawtPlrhxeRg7cbEnquxxm1g\" expired on August 21, 2022\nVisit https://ubuntu.com/pro to manage contract tokens.", "message_code": "attach-forbidden-expired", "service": null, "type": "system"}], "failed_services": [], "needs_reboot": false, "processed_services": [], "result": "failure", "warnings": []} |
163 | """ |
164 | |
165 | Examples: ubuntu release |
166 | diff --git a/features/attached_commands.feature b/features/attached_commands.feature |
167 | index faa8d52..ba16aa6 100644 |
168 | --- a/features/attached_commands.feature |
169 | +++ b/features/attached_commands.feature |
170 | @@ -540,8 +540,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
171 | \(https://ubuntu.com/cc-eal\) |
172 | - cis: Security compliance and audit tools |
173 | \(https://ubuntu.com/security/certifications/docs/usg\) |
174 | - - esm-apps: Expanded Security Maintenance for Applications |
175 | - \(https://ubuntu.com/security/esm\) |
176 | - esm-infra: Expanded Security Maintenance for Infrastructure |
177 | \(https://ubuntu.com/security/esm\) |
178 | - fips-updates: NIST-certified core packages with priority security updates |
179 | @@ -550,10 +548,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
180 | \(https://ubuntu.com/security/certifications#fips\) |
181 | - livepatch: Canonical Livepatch service |
182 | \(https://ubuntu.com/security/livepatch\) |
183 | - - ros-updates: All Updates for the Robot Operating System |
184 | - \(https://ubuntu.com/robotics/ros-esm\) |
185 | - - ros: Security Updates for the Robot Operating System |
186 | - \(https://ubuntu.com/robotics/ros-esm\) |
187 | """ |
188 | When I run `pro help` with sudo |
189 | Then stdout matches regexp: |
190 | @@ -563,8 +557,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
191 | \(https://ubuntu.com/cc-eal\) |
192 | - cis: Security compliance and audit tools |
193 | \(https://ubuntu.com/security/certifications/docs/usg\) |
194 | - - esm-apps: Expanded Security Maintenance for Applications |
195 | - \(https://ubuntu.com/security/esm\) |
196 | - esm-infra: Expanded Security Maintenance for Infrastructure |
197 | \(https://ubuntu.com/security/esm\) |
198 | - fips-updates: NIST-certified core packages with priority security updates |
199 | @@ -573,10 +565,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
200 | \(https://ubuntu.com/security/certifications#fips\) |
201 | - livepatch: Canonical Livepatch service |
202 | \(https://ubuntu.com/security/livepatch\) |
203 | - - ros-updates: All Updates for the Robot Operating System |
204 | - \(https://ubuntu.com/robotics/ros-esm\) |
205 | - - ros: Security Updates for the Robot Operating System |
206 | - \(https://ubuntu.com/robotics/ros-esm\) |
207 | """ |
208 | When I run `pro help --all` as non-root |
209 | Then stdout matches regexp: |
210 | @@ -652,8 +640,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
211 | Client to manage Ubuntu Pro services on a machine. |
212 | - cc-eal: Common Criteria EAL2 Provisioning Packages |
213 | \(https://ubuntu.com/cc-eal\) |
214 | - - esm-apps: Expanded Security Maintenance for Applications |
215 | - \(https://ubuntu.com/security/esm\) |
216 | - esm-infra: Expanded Security Maintenance for Infrastructure |
217 | \(https://ubuntu.com/security/esm\) |
218 | - fips-updates: NIST-certified core packages with priority security updates |
219 | @@ -662,10 +648,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
220 | \(https://ubuntu.com/security/certifications#fips\) |
221 | - livepatch: Canonical Livepatch service |
222 | \(https://ubuntu.com/security/livepatch\) |
223 | - - ros-updates: All Updates for the Robot Operating System |
224 | - \(https://ubuntu.com/robotics/ros-esm\) |
225 | - - ros: Security Updates for the Robot Operating System |
226 | - \(https://ubuntu.com/robotics/ros-esm\) |
227 | - usg: Security compliance and audit tools |
228 | \(https://ubuntu.com/security/certifications/docs/usg\) |
229 | """ |
230 | @@ -675,8 +657,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
231 | Client to manage Ubuntu Pro services on a machine. |
232 | - cc-eal: Common Criteria EAL2 Provisioning Packages |
233 | \(https://ubuntu.com/cc-eal\) |
234 | - - esm-apps: Expanded Security Maintenance for Applications |
235 | - \(https://ubuntu.com/security/esm\) |
236 | - esm-infra: Expanded Security Maintenance for Infrastructure |
237 | \(https://ubuntu.com/security/esm\) |
238 | - fips-updates: NIST-certified core packages with priority security updates |
239 | @@ -685,10 +665,6 @@ Feature: Command behaviour when attached to an Ubuntu Pro subscription |
240 | \(https://ubuntu.com/security/certifications#fips\) |
241 | - livepatch: Canonical Livepatch service |
242 | \(https://ubuntu.com/security/livepatch\) |
243 | - - ros-updates: All Updates for the Robot Operating System |
244 | - \(https://ubuntu.com/robotics/ros-esm\) |
245 | - - ros: Security Updates for the Robot Operating System |
246 | - \(https://ubuntu.com/robotics/ros-esm\) |
247 | - usg: Security compliance and audit tools |
248 | \(https://ubuntu.com/security/certifications/docs/usg\) |
249 | """ |
250 | diff --git a/features/attached_enable.feature b/features/attached_enable.feature |
251 | index b68f8c0..36138db 100644 |
252 | --- a/features/attached_enable.feature |
253 | +++ b/features/attached_enable.feature |
254 | @@ -165,11 +165,11 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
255 | """ |
256 | {"_schema_version": "0.1", "errors": [{"message": "Cannot enable unknown service 'foobar'.\nTry <valid_services>", "message_code": "invalid-service-or-failure", "service": null, "type": "system"}], "failed_services": ["foobar"], "needs_reboot": false, "processed_services": [], "result": "failure", "warnings": []} |
257 | """ |
258 | - And I verify that running `pro enable realtime-kernel foobar --format json --assume-yes` `with sudo` exits `1` |
259 | + And I verify that running `pro enable ros foobar --format json --assume-yes` `with sudo` exits `1` |
260 | And stdout is a json matching the `ua_operation` schema |
261 | And I will see the following on stdout: |
262 | """ |
263 | - {"_schema_version": "0.1", "errors": [{"message": "Cannot enable unknown service 'foobar, realtime-kernel'.\nTry <valid_services>", "message_code": "invalid-service-or-failure", "service": null, "type": "system"}], "failed_services": ["foobar", "realtime-kernel"], "needs_reboot": false, "processed_services": [], "result": "failure", "warnings": []} |
264 | + {"_schema_version": "0.1", "errors": [{"message": "Cannot enable unknown service 'foobar, ros'.\nTry <valid_services>", "message_code": "invalid-service-or-failure", "service": null, "type": "system"}], "failed_services": ["foobar", "ros"], "needs_reboot": false, "processed_services": [], "result": "failure", "warnings": []} |
265 | """ |
266 | And I verify that running `pro enable esm-infra --format json --assume-yes` `with sudo` exits `1` |
267 | And stdout is a json matching the `ua_operation` schema |
268 | @@ -200,11 +200,11 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
269 | """ |
270 | |
271 | Examples: ubuntu release |
272 | - | release | valid_services | |
273 | - | xenial | cc-eal, cis, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates. | |
274 | - | bionic | cc-eal, cis, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates. | |
275 | - | focal | cc-eal, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates, usg. | |
276 | - | jammy | cc-eal, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates, usg. | |
277 | + | release | valid_services | |
278 | + | xenial | cc-eal, cis, esm-infra, fips, fips-updates, livepatch. | |
279 | + | bionic | cc-eal, cis, esm-infra, fips, fips-updates, livepatch. | |
280 | + | focal | cc-eal, esm-infra, fips, fips-updates, livepatch, usg. | |
281 | + | jammy | cc-eal, esm-infra, fips, fips-updates, livepatch, usg. | |
282 | |
283 | @series.lts |
284 | @uses.config.machine_type.lxd.container |
285 | @@ -213,36 +213,36 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
286 | When I attach `contract_token` with sudo |
287 | Then I verify that running `pro enable foobar` `as non-root` exits `1` |
288 | And I will see the following on stderr: |
289 | - """ |
290 | - This command must be run as root (try using sudo). |
291 | - """ |
292 | + """ |
293 | + This command must be run as root (try using sudo). |
294 | + """ |
295 | And I verify that running `pro enable foobar` `with sudo` exits `1` |
296 | And I will see the following on stdout: |
297 | - """ |
298 | - One moment, checking your subscription first |
299 | - """ |
300 | + """ |
301 | + One moment, checking your subscription first |
302 | + """ |
303 | And stderr matches regexp: |
304 | - """ |
305 | - Cannot enable unknown service 'foobar'. |
306 | - Try cc-eal, cis, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates. |
307 | - """ |
308 | - And I verify that running `pro enable realtime-kernel foobar` `with sudo` exits `1` |
309 | + """ |
310 | + Cannot enable unknown service 'foobar'. |
311 | + Try cc-eal, cis, esm-infra, fips, fips-updates, livepatch. |
312 | + """ |
313 | + And I verify that running `pro enable ros foobar` `with sudo` exits `1` |
314 | And I will see the following on stdout: |
315 | - """ |
316 | - One moment, checking your subscription first |
317 | - """ |
318 | + """ |
319 | + One moment, checking your subscription first |
320 | + """ |
321 | And stderr matches regexp: |
322 | """ |
323 | - Cannot enable unknown service 'foobar, realtime-kernel'. |
324 | - Try cc-eal, cis, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates. |
325 | + Cannot enable unknown service 'foobar, ros'. |
326 | + Try cc-eal, cis, esm-infra, fips, fips-updates, livepatch. |
327 | """ |
328 | And I verify that running `pro enable esm-infra` `with sudo` exits `1` |
329 | And I will see the following on stdout: |
330 | - """ |
331 | - One moment, checking your subscription first |
332 | - Ubuntu Pro: ESM Infra is already enabled. |
333 | - See: sudo pro status |
334 | - """ |
335 | + """ |
336 | + One moment, checking your subscription first |
337 | + Ubuntu Pro: ESM Infra is already enabled. |
338 | + See: sudo pro status |
339 | + """ |
340 | When I run `apt-cache policy` with sudo |
341 | Then apt-cache policy for the following url has permission `500` |
342 | """ |
343 | @@ -269,36 +269,36 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
344 | When I attach `contract_token` with sudo |
345 | Then I verify that running `pro enable foobar` `as non-root` exits `1` |
346 | And I will see the following on stderr: |
347 | - """ |
348 | - This command must be run as root (try using sudo). |
349 | - """ |
350 | + """ |
351 | + This command must be run as root (try using sudo). |
352 | + """ |
353 | And I verify that running `pro enable foobar` `with sudo` exits `1` |
354 | And I will see the following on stdout: |
355 | - """ |
356 | - One moment, checking your subscription first |
357 | - """ |
358 | + """ |
359 | + One moment, checking your subscription first |
360 | + """ |
361 | And stderr matches regexp: |
362 | """ |
363 | Cannot enable unknown service 'foobar'. |
364 | - Try cc-eal, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates, usg. |
365 | + Try cc-eal, esm-infra, fips, fips-updates, livepatch, usg. |
366 | """ |
367 | - And I verify that running `pro enable realtime-kernel foobar` `with sudo` exits `1` |
368 | + And I verify that running `pro enable ros foobar` `with sudo` exits `1` |
369 | And I will see the following on stdout: |
370 | - """ |
371 | - One moment, checking your subscription first |
372 | - """ |
373 | + """ |
374 | + One moment, checking your subscription first |
375 | + """ |
376 | And stderr matches regexp: |
377 | """ |
378 | - Cannot enable unknown service 'foobar, realtime-kernel'. |
379 | - Try cc-eal, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates, usg. |
380 | + Cannot enable unknown service 'foobar, ros'. |
381 | + Try cc-eal, esm-infra, fips, fips-updates, livepatch, usg. |
382 | """ |
383 | And I verify that running `pro enable esm-infra` `with sudo` exits `1` |
384 | Then I will see the following on stdout: |
385 | - """ |
386 | - One moment, checking your subscription first |
387 | - Ubuntu Pro: ESM Infra is already enabled. |
388 | - See: sudo pro status |
389 | - """ |
390 | + """ |
391 | + One moment, checking your subscription first |
392 | + Ubuntu Pro: ESM Infra is already enabled. |
393 | + See: sudo pro status |
394 | + """ |
395 | When I run `apt-cache policy` with sudo |
396 | Then apt-cache policy for the following url has permission `500` |
397 | """ |
398 | @@ -558,10 +558,10 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
399 | """ |
400 | One moment, checking your subscription first |
401 | """ |
402 | - And stderr matches regexp: |
403 | + Then I will see the following on stderr: |
404 | """ |
405 | Cannot enable unknown service 'usg'. |
406 | - Try cc-eal, cis, esm-apps, esm-infra, fips, fips-updates, livepatch, ros,\nros-updates. |
407 | + Try cc-eal, cis, esm-infra, fips, fips-updates, livepatch. |
408 | """ |
409 | |
410 | Examples: cis service |
411 | @@ -803,7 +803,7 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
412 | FIPS enabled |
413 | A reboot is required to complete install. |
414 | """ |
415 | - When I run `pro status` with sudo |
416 | + When I run `pro status --all` with sudo |
417 | Then stdout matches regexp: |
418 | """ |
419 | fips +yes +enabled |
420 | @@ -868,7 +868,7 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
421 | """ |
422 | ros +yes disabled Security Updates for the Robot Operating System |
423 | """ |
424 | - When I run `pro enable ros --assume-yes` with sudo |
425 | + When I run `pro enable ros --assume-yes --beta` with sudo |
426 | And I run `pro status --all` as non-root |
427 | Then stdout matches regexp |
428 | """ |
429 | @@ -904,13 +904,13 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
430 | """ |
431 | esm-apps +yes disabled Expanded Security Maintenance for Applications |
432 | """ |
433 | - When I verify that running `pro enable ros` `with sudo` and stdin `N` exits `1` |
434 | + When I verify that running `pro enable ros --beta` `with sudo` and stdin `N` exits `1` |
435 | Then stdout matches regexp |
436 | """ |
437 | ROS ESM Security Updates cannot be enabled with Ubuntu Pro: ESM Apps disabled. |
438 | Enable Ubuntu Pro: ESM Apps and proceed to enable ROS ESM Security Updates\? \(y\/N\) Cannot enable ROS ESM Security Updates when Ubuntu Pro: ESM Apps is disabled. |
439 | """ |
440 | - When I run `pro enable ros` `with sudo` and stdin `y` |
441 | + When I run `pro enable ros --beta` `with sudo` and stdin `y` |
442 | Then stdout matches regexp |
443 | """ |
444 | One moment, checking your subscription first |
445 | @@ -941,7 +941,7 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
446 | When I run `apt install python3-catkin-pkg -y` with sudo |
447 | Then I verify that `python3-catkin-pkg` is installed from apt source `<ros-security-source>` |
448 | |
449 | - When I run `pro enable ros-updates --assume-yes` with sudo |
450 | + When I run `pro enable ros-updates --assume-yes --beta` with sudo |
451 | And I run `pro status --all` as non-root |
452 | Then stdout matches regexp |
453 | """ |
454 | @@ -961,7 +961,7 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
455 | Disable ROS ESM All Updates and proceed to disable ROS ESM Security Updates\? \(y\/N\) Disabling dependent service: ROS ESM All Updates |
456 | Updating package lists |
457 | """ |
458 | - When I run `pro enable ros-updates` `with sudo` and stdin `y` |
459 | + When I run `pro enable ros-updates --beta` `with sudo` and stdin `y` |
460 | Then stdout matches regexp |
461 | """ |
462 | One moment, checking your subscription first |
463 | @@ -984,7 +984,7 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
464 | When I run `pro disable ros --assume-yes` with sudo |
465 | When I run `pro disable esm-apps --assume-yes` with sudo |
466 | When I run `pro disable esm-infra --assume-yes` with sudo |
467 | - When I run `pro enable ros-updates --assume-yes` with sudo |
468 | + When I run `pro enable ros-updates --assume-yes --beta` with sudo |
469 | When I run `pro status --all` as non-root |
470 | Then stdout matches regexp |
471 | """ |
472 | @@ -1132,3 +1132,46 @@ Feature: Enable command behaviour when attached to an Ubuntu Pro subscription |
473 | Examples: ubuntu release |
474 | | release | |
475 | | xenial | |
476 | + |
477 | + @series.lts |
478 | + @uses.config.machine_type.lxd.container |
479 | + Scenario Outline: Attached enable esm-apps on a machine |
480 | + Given a `<release>` machine with ubuntu-advantage-tools installed |
481 | + When I attach `contract_token` with sudo |
482 | + And I run `pro status --all` as non-root |
483 | + Then stdout matches regexp |
484 | + """ |
485 | + esm-apps +yes enabled Expanded Security Maintenance for Applications |
486 | + """ |
487 | + And I verify that running `apt update` `with sudo` exits `0` |
488 | + When I run `apt-cache policy` as non-root |
489 | + Then apt-cache policy for the following url has permission `500` |
490 | + """ |
491 | + https://esm.ubuntu.com/apps/ubuntu <release>-apps-updates/main amd64 Packages |
492 | + """ |
493 | + And apt-cache policy for the following url has permission `500` |
494 | + """ |
495 | + https://esm.ubuntu.com/apps/ubuntu <release>-apps-security/main amd64 Packages |
496 | + """ |
497 | + And I verify that running `apt update` `with sudo` exits `0` |
498 | + When I run `apt install -y <apps-pkg>` with sudo, retrying exit [100] |
499 | + And I run `apt-cache policy <apps-pkg>` as non-root |
500 | + Then stdout matches regexp: |
501 | + """ |
502 | + Version table: |
503 | + \s*\*\*\* .* 500 |
504 | + \s*500 https://esm.ubuntu.com/apps/ubuntu <release>-apps-security/main amd64 Packages |
505 | + """ |
506 | + When I verify that running `pro enable esm-apps` `with sudo` exits `1` |
507 | + Then stdout matches regexp |
508 | + """ |
509 | + One moment, checking your subscription first |
510 | + Ubuntu Pro: ESM Apps is already enabled. |
511 | + See: sudo pro status |
512 | + """ |
513 | + |
514 | + Examples: ubuntu release |
515 | + | release | apps-pkg | |
516 | + | xenial | jq | |
517 | + | bionic | bundler | |
518 | + | focal | ant | |
519 | diff --git a/features/attached_status.feature b/features/attached_status.feature |
520 | index b6cf42d..aee637e 100644 |
521 | --- a/features/attached_status.feature |
522 | +++ b/features/attached_status.feature |
523 | @@ -76,8 +76,6 @@ Feature: Attached status |
524 | esm-infra +yes +enabled +Expanded Security Maintenance for Infrastructure |
525 | fips +yes +disabled +NIST-certified core packages |
526 | fips-updates +yes +disabled +NIST-certified core packages with priority security updates |
527 | - ros +yes +disabled +Security Updates for the Robot Operating System |
528 | - ros-updates +yes +disabled +All Updates for the Robot Operating System |
529 | |
530 | Enable services with: pro enable <service> |
531 | """ |
532 | diff --git a/features/enable_fips_vm.feature b/features/enable_fips_vm.feature |
533 | index 2c8f1d9..ea6c38e 100644 |
534 | --- a/features/enable_fips_vm.feature |
535 | +++ b/features/enable_fips_vm.feature |
536 | @@ -45,10 +45,10 @@ Feature: FIPS enablement in lxd VMs |
537 | And I verify that `openssh-server-hmac` is installed from apt source `<fips-apt-source>` |
538 | And I verify that `openssh-client-hmac` is installed from apt source `<fips-apt-source>` |
539 | And I verify that `strongswan-hmac` is installed from apt source `<fips-apt-source>` |
540 | - When I run `pro status --format json` with sudo |
541 | + When I run `pro status --format json --all` with sudo |
542 | Then stdout contains substring: |
543 | """ |
544 | - {"available": "yes", "blocked_by": [{"name": "fips", "reason": "Livepatch cannot be enabled while running the official FIPS certified kernel. If you would like a FIPS compliant kernel with additional bug fixes and security updates, you can use the FIPS Updates service with Livepatch.", "reason_code": "livepatch-invalidates-fips"}], "description": "Canonical Livepatch service", "description_override": null, "entitled": "yes", "name": "livepatch", "status": "n/a", "status_details": "Cannot enable Livepatch when FIPS is enabled."} |
545 | + {"available": "no", "blocked_by": [{"name": "fips", "reason": "Livepatch cannot be enabled while running the official FIPS certified kernel. If you would like a FIPS compliant kernel with additional bug fixes and security updates, you can use the FIPS Updates service with Livepatch.", "reason_code": "livepatch-invalidates-fips"}], "description": "Canonical Livepatch service", "description_override": null, "entitled": "yes", "name": "livepatch", "status": "n/a", "status_details": "Cannot enable Livepatch when FIPS is enabled."} |
546 | """ |
547 | |
548 | When I reboot the machine |
549 | @@ -168,10 +168,10 @@ Feature: FIPS enablement in lxd VMs |
550 | And I verify that `openssh-server-hmac` is installed from apt source `<fips-apt-source>` |
551 | And I verify that `openssh-client-hmac` is installed from apt source `<fips-apt-source>` |
552 | And I verify that `strongswan-hmac` is installed from apt source `<fips-apt-source>` |
553 | - When I run `pro status --format json` with sudo |
554 | + When I run `pro status --all --format json` with sudo |
555 | Then stdout contains substring: |
556 | """ |
557 | - {"available": "yes", "blocked_by": [{"name": "fips-updates", "reason": "FIPS cannot be enabled if FIPS Updates has ever been enabled because FIPS Updates installs security patches that aren't officially certified.", "reason_code": "fips-updates-invalidates-fips"}], "description": "NIST-certified core packages", "description_override": null, "entitled": "yes", "name": "fips", "status": "n/a", "status_details": "Cannot enable FIPS when FIPS Updates is enabled."} |
558 | + {"available": "no", "blocked_by": [{"name": "fips-updates", "reason": "FIPS cannot be enabled if FIPS Updates has ever been enabled because FIPS Updates installs security patches that aren't officially certified.", "reason_code": "fips-updates-invalidates-fips"}], "description": "NIST-certified core packages", "description_override": null, "entitled": "yes", "name": "fips", "status": "n/a", "status_details": "Cannot enable FIPS when FIPS Updates is enabled."} |
559 | """ |
560 | |
561 | When I reboot the machine |
562 | @@ -242,10 +242,10 @@ Feature: FIPS enablement in lxd VMs |
563 | """ |
564 | livepatch +yes +enabled |
565 | """ |
566 | - When I run `pro status --format json` with sudo |
567 | + When I run `pro status --all --format json` with sudo |
568 | Then stdout contains substring: |
569 | """ |
570 | - {"available": "yes", "blocked_by": [{"name": "livepatch", "reason": "Livepatch cannot be enabled while running the official FIPS certified kernel. If you would like a FIPS compliant kernel with additional bug fixes and security updates, you can use the FIPS Updates service with Livepatch.", "reason_code": "livepatch-invalidates-fips"}, {"name": "fips-updates", "reason": "FIPS cannot be enabled if FIPS Updates has ever been enabled because FIPS Updates installs security patches that aren't officially certified.", "reason_code": "fips-updates-invalidates-fips"}], "description": "NIST-certified core packages", "description_override": null, "entitled": "yes", "name": "fips", "status": "n/a", "status_details": "Cannot enable FIPS when FIPS Updates is enabled."} |
571 | + {"available": "no", "blocked_by": [{"name": "livepatch", "reason": "Livepatch cannot be enabled while running the official FIPS certified kernel. If you would like a FIPS compliant kernel with additional bug fixes and security updates, you can use the FIPS Updates service with Livepatch.", "reason_code": "livepatch-invalidates-fips"}, {"name": "fips-updates", "reason": "FIPS cannot be enabled if FIPS Updates has ever been enabled because FIPS Updates installs security patches that aren't officially certified.", "reason_code": "fips-updates-invalidates-fips"}], "description": "NIST-certified core packages", "description_override": null, "entitled": "yes", "name": "fips", "status": "n/a", "status_details": "Cannot enable FIPS when FIPS Updates is enabled."} |
572 | """ |
573 | When I run `pro disable <fips-service> --assume-yes` with sudo |
574 | And I run `pro enable <fips-service> --assume-yes --format json --assume-yes` with sudo |
575 | diff --git a/features/motd_messages.feature b/features/motd_messages.feature |
576 | index 198cac0..2ba533b 100644 |
577 | --- a/features/motd_messages.feature |
578 | +++ b/features/motd_messages.feature |
579 | @@ -1,102 +1,102 @@ |
580 | Feature: MOTD Messages |
581 | |
582 | - @series.xenial |
583 | - @series.bionic |
584 | - @uses.config.machine_type.lxd.container |
585 | - Scenario Outline: MOTD Announce Message |
586 | - Given a `<release>` machine with ubuntu-advantage-tools installed |
587 | - When I run `apt-get install -y update-motd` with sudo |
588 | - When I run `pro refresh messages` with sudo |
589 | - And I run `run-parts /etc/update-motd.d/` with sudo |
590 | - Then stdout matches regexp: |
591 | - """ |
592 | - |
593 | - \* Introducing Expanded Security Maintenance for Applications\. |
594 | - Receive updates to over 25,000 software packages with your |
595 | - Ubuntu Pro subscription\. Free for personal use\. |
596 | - |
597 | - <url> |
598 | - |
599 | - [\w\d]+ |
600 | - """ |
601 | - When I attach `contract_token` with sudo |
602 | - And I run `update-motd` with sudo |
603 | - And I run `run-parts /etc/update-motd.d/` with sudo |
604 | - Then stdout does not match regexp: |
605 | - """ |
606 | - \* Introducing Expanded Security Maintenance for Applications\. |
607 | - Receive updates to over 25,000 software packages with your |
608 | - Ubuntu Pro subscription\. Free for personal use\. |
609 | - |
610 | - <url> |
611 | - """ |
612 | - Examples: ubuntu release |
613 | - | release | url | |
614 | - | xenial | https:\/\/ubuntu.com\/16-04 | |
615 | - | bionic | https:\/\/ubuntu.com\/pro | |
616 | - |
617 | - @series.xenial |
618 | - @series.bionic |
619 | - @uses.config.machine_type.aws.generic |
620 | - Scenario Outline: AWS URLs |
621 | - Given a `<release>` machine with ubuntu-advantage-tools installed |
622 | - When I run `apt-get install -y update-motd` with sudo |
623 | - When I run `pro refresh messages` with sudo |
624 | - And I run `run-parts /etc/update-motd.d/` with sudo |
625 | - Then stdout matches regexp: |
626 | - """ |
627 | - \* Introducing Expanded Security Maintenance for Applications\. |
628 | - Receive updates to over 25,000 software packages with your |
629 | - Ubuntu Pro subscription\. Free for personal use\. |
630 | - |
631 | - <url> |
632 | - """ |
633 | - Examples: ubuntu release |
634 | - | release | url | |
635 | - | xenial | https:\/\/ubuntu.com\/16-04 | |
636 | - | bionic | https:\/\/ubuntu.com\/aws\/pro | |
637 | - |
638 | - @series.xenial |
639 | - @series.bionic |
640 | - @uses.config.machine_type.azure.generic |
641 | - Scenario Outline: Azure URLs |
642 | - Given a `<release>` machine with ubuntu-advantage-tools installed |
643 | - When I run `apt-get install -y update-motd` with sudo |
644 | - When I run `pro refresh messages` with sudo |
645 | - And I run `run-parts /etc/update-motd.d/` with sudo |
646 | - Then stdout matches regexp: |
647 | - """ |
648 | - \* Introducing Expanded Security Maintenance for Applications\. |
649 | - Receive updates to over 25,000 software packages with your |
650 | - Ubuntu Pro subscription\. Free for personal use\. |
651 | - |
652 | - <url> |
653 | - """ |
654 | - Examples: ubuntu release |
655 | - | release | url | |
656 | - | xenial | https:\/\/ubuntu.com\/16-04\/azure | |
657 | - | bionic | https:\/\/ubuntu.com\/azure\/pro | |
658 | - |
659 | - @series.xenial |
660 | - @series.bionic |
661 | - @uses.config.machine_type.gcp.generic |
662 | - Scenario Outline: GCP URLs |
663 | - Given a `<release>` machine with ubuntu-advantage-tools installed |
664 | - When I run `apt-get install -y update-motd` with sudo |
665 | - When I run `pro refresh messages` with sudo |
666 | - And I run `run-parts /etc/update-motd.d/` with sudo |
667 | - Then stdout matches regexp: |
668 | - """ |
669 | - \* Introducing Expanded Security Maintenance for Applications\. |
670 | - Receive updates to over 25,000 software packages with your |
671 | - Ubuntu Pro subscription\. Free for personal use\. |
672 | - |
673 | - <url> |
674 | - """ |
675 | - Examples: ubuntu release |
676 | - | release | url | |
677 | - | xenial | https:\/\/ubuntu.com\/16-04 | |
678 | - | bionic | https:\/\/ubuntu.com\/gcp\/pro | |
679 | +# @series.xenial |
680 | +# @series.bionic |
681 | +# @uses.config.machine_type.lxd.container |
682 | +# Scenario Outline: MOTD Announce Message |
683 | +# Given a `<release>` machine with ubuntu-advantage-tools installed |
684 | +# When I run `apt-get install -y update-motd` with sudo |
685 | +# When I run `pro refresh messages` with sudo |
686 | +# And I run `run-parts /etc/update-motd.d/` with sudo |
687 | +# Then stdout matches regexp: |
688 | +# """ |
689 | +# |
690 | +# \* Introducing Expanded Security Maintenance for Applications\. |
691 | +# Receive updates to over 25,000 software packages with your |
692 | +# Ubuntu Pro subscription\. Free for personal use\. |
693 | +# |
694 | +# <url> |
695 | +# |
696 | +# [\w\d]+ |
697 | +# """ |
698 | +# When I attach `contract_token` with sudo |
699 | +# And I run `update-motd` with sudo |
700 | +# And I run `run-parts /etc/update-motd.d/` with sudo |
701 | +# Then stdout does not match regexp: |
702 | +# """ |
703 | +# \* Introducing Expanded Security Maintenance for Applications\. |
704 | +# Receive updates to over 25,000 software packages with your |
705 | +# Ubuntu Pro subscription\. Free for personal use\. |
706 | +# |
707 | +# <url> |
708 | +# """ |
709 | +# Examples: ubuntu release |
710 | +# | release | url | |
711 | +# | xenial | https:\/\/ubuntu.com\/16-04 | |
712 | +# | bionic | https:\/\/ubuntu.com\/pro | |
713 | +# |
714 | +# @series.xenial |
715 | +# @series.bionic |
716 | +# @uses.config.machine_type.aws.generic |
717 | +# Scenario Outline: AWS URLs |
718 | +# Given a `<release>` machine with ubuntu-advantage-tools installed |
719 | +# When I run `apt-get install -y update-motd` with sudo |
720 | +# When I run `pro refresh messages` with sudo |
721 | +# And I run `run-parts /etc/update-motd.d/` with sudo |
722 | +# Then stdout matches regexp: |
723 | +# """ |
724 | +# \* Introducing Expanded Security Maintenance for Applications\. |
725 | +# Receive updates to over 25,000 software packages with your |
726 | +# Ubuntu Pro subscription\. Free for personal use\. |
727 | +# |
728 | +# <url> |
729 | +# """ |
730 | +# Examples: ubuntu release |
731 | +# | release | url | |
732 | +# | xenial | https:\/\/ubuntu.com\/16-04 | |
733 | +# | bionic | https:\/\/ubuntu.com\/aws\/pro | |
734 | +# |
735 | +# @series.xenial |
736 | +# @series.bionic |
737 | +# @uses.config.machine_type.azure.generic |
738 | +# Scenario Outline: Azure URLs |
739 | +# Given a `<release>` machine with ubuntu-advantage-tools installed |
740 | +# When I run `apt-get install -y update-motd` with sudo |
741 | +# When I run `pro refresh messages` with sudo |
742 | +# And I run `run-parts /etc/update-motd.d/` with sudo |
743 | +# Then stdout matches regexp: |
744 | +# """ |
745 | +# \* Introducing Expanded Security Maintenance for Applications\. |
746 | +# Receive updates to over 25,000 software packages with your |
747 | +# Ubuntu Pro subscription\. Free for personal use\. |
748 | +# |
749 | +# <url> |
750 | +# """ |
751 | +# Examples: ubuntu release |
752 | +# | release | url | |
753 | +# | xenial | https:\/\/ubuntu.com\/16-04\/azure | |
754 | +# | bionic | https:\/\/ubuntu.com\/azure\/pro | |
755 | +# |
756 | +# @series.xenial |
757 | +# @series.bionic |
758 | +# @uses.config.machine_type.gcp.generic |
759 | +# Scenario Outline: GCP URLs |
760 | +# Given a `<release>` machine with ubuntu-advantage-tools installed |
761 | +# When I run `apt-get install -y update-motd` with sudo |
762 | +# When I run `pro refresh messages` with sudo |
763 | +# And I run `run-parts /etc/update-motd.d/` with sudo |
764 | +# Then stdout matches regexp: |
765 | +# """ |
766 | +# \* Introducing Expanded Security Maintenance for Applications\. |
767 | +# Receive updates to over 25,000 software packages with your |
768 | +# Ubuntu Pro subscription\. Free for personal use\. |
769 | +# |
770 | +# <url> |
771 | +# """ |
772 | +# Examples: ubuntu release |
773 | +# | release | url | |
774 | +# | xenial | https:\/\/ubuntu.com\/16-04 | |
775 | +# | bionic | https:\/\/ubuntu.com\/gcp\/pro | |
776 | |
777 | @series.xenial |
778 | @series.bionic |
779 | @@ -160,4 +160,4 @@ Feature: MOTD Messages |
780 | Examples: ubuntu release |
781 | | release | service | |
782 | | xenial | esm-infra | |
783 | - | bionic | esm-apps | |
784 | + #| bionic | esm-apps | |
785 | diff --git a/features/security_status.feature b/features/security_status.feature |
786 | index 38d7b4c..3f27b84 100644 |
787 | --- a/features/security_status.feature |
788 | +++ b/features/security_status.feature |
789 | @@ -82,13 +82,13 @@ Feature: Security status command behavior |
790 | Then I will see the following on stderr: |
791 | """ |
792 | usage: security-status [-h] [--format {json,yaml,text}] |
793 | - [--thirdparty | --unavailable | --esm-infra | --esm-apps] |
794 | + [--thirdparty | --unavailable | --esm-infra] |
795 | argument --format: invalid choice: 'unsupported' (choose from 'json', 'yaml', 'text') |
796 | """ |
797 | Examples: ubuntu release |
798 | | release | package | service | |
799 | | xenial | apport | esm-infra | |
800 | - | bionic | libkrb5-3 | esm-apps | |
801 | + # | bionic | libkrb5-3 | esm-apps | |
802 | |
803 | @series.xenial |
804 | @uses.config.machine_type.lxd.vm |
805 | @@ -135,10 +135,8 @@ Feature: Security status command behavior |
806 | Ubuntu Pro with 'esm-infra' enabled provides security updates for |
807 | Main/Restricted packages until 2026 and has \d+ pending security update[s]?\. |
808 | |
809 | - Ubuntu Pro with 'esm-apps' enabled provides security updates for |
810 | - Universe/Multiverse packages until 2026 and has \d+ pending security update[s]?\. |
811 | - |
812 | - Learn more about Ubuntu Pro at https://ubuntu\.com/pro |
813 | + Try Ubuntu Pro beta with a free personal subscription on up to 5 machines. |
814 | + Learn more at https://ubuntu.com/pro |
815 | """ |
816 | When I attach `contract_token` with sudo |
817 | And I verify root and non-root `pro security-status` calls have the same output |
818 | @@ -185,28 +183,28 @@ Feature: Security status command behavior |
819 | apt-cache policy .+ |
820 | to learn more about that package\. |
821 | """ |
822 | - When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
823 | - And I run `pro security-status --esm-apps` as non-root |
824 | - Then stdout matches regexp: |
825 | - """ |
826 | - \d+ packages installed: |
827 | - +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
828 | + # When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
829 | + # And I run `pro security-status --esm-apps` as non-root |
830 | + # Then stdout matches regexp: |
831 | + # """ |
832 | + # \d+ packages installed: |
833 | + # +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
834 | |
835 | - Universe/Multiverse packages are receiving security updates from |
836 | - Ubuntu Pro with 'esm-apps' enabled until 2026\. You have received (\d+|no) security |
837 | - update[s]?\. |
838 | + # Universe/Multiverse packages are receiving security updates from |
839 | + # Ubuntu Pro with 'esm-apps' enabled until 2026\. You have received (\d+|no) security |
840 | + # update[s]?\. |
841 | |
842 | - Run 'pro help esm-apps' to learn more |
843 | + # Run 'pro help esm-apps' to learn more |
844 | |
845 | - Package names in .*bold.* currently have an available update |
846 | - with 'esm-apps' enabled |
847 | - Packages: |
848 | - (.|\n)+ |
849 | + # Package names in .*bold.* currently have an available update |
850 | + # with 'esm-apps' enabled |
851 | + # Packages: |
852 | + # (.|\n)+ |
853 | |
854 | - For example, run: |
855 | - apt-cache policy .+ |
856 | - to learn more about that package\. |
857 | - """ |
858 | + # For example, run: |
859 | + # apt-cache policy .+ |
860 | + # to learn more about that package\. |
861 | + # """ |
862 | When I run `pro disable esm-infra esm-apps` with sudo |
863 | And I verify root and non-root `pro security-status` calls have the same output |
864 | And I run `pro security-status` as non-root |
865 | @@ -225,10 +223,6 @@ Feature: Security status command behavior |
866 | Ubuntu Pro with 'esm-infra' enabled provides security updates for |
867 | Main/Restricted packages until 2026 and has \d+ pending security update[s]?\. |
868 | Enable esm-infra with: pro enable esm-infra |
869 | - |
870 | - Ubuntu Pro with 'esm-apps' enabled provides security updates for |
871 | - Universe/Multiverse packages until 2026 and has \d+ pending security update[s]?\. |
872 | - Enable esm-apps with: pro enable esm-apps |
873 | """ |
874 | When I verify root and non-root `pro security-status --thirdparty` calls have the same output |
875 | And I run `pro security-status --thirdparty` as non-root |
876 | @@ -286,32 +280,32 @@ Feature: Security status command behavior |
877 | apt-cache policy .+ |
878 | to learn more about that package\. |
879 | """ |
880 | - When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
881 | - And I run `pro security-status --esm-apps` as non-root |
882 | - Then stdout matches regexp: |
883 | - """ |
884 | - \d+ packages installed: |
885 | - +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
886 | + # When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
887 | + # And I run `pro security-status --esm-apps` as non-root |
888 | + # Then stdout matches regexp: |
889 | + # """ |
890 | + # \d+ packages installed: |
891 | + # +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
892 | |
893 | - Ubuntu Pro with 'esm-apps' enabled provides security updates for |
894 | - Universe/Multiverse packages until 2026 and has 1 pending security update[s]?\. |
895 | + # Ubuntu Pro with 'esm-apps' enabled provides security updates for |
896 | + # Universe/Multiverse packages until 2026 and has 1 pending security update[s]?\. |
897 | |
898 | - Run 'pro help esm-apps' to learn more |
899 | + # Run 'pro help esm-apps' to learn more |
900 | |
901 | - Package names in .*bold.* currently have an available update |
902 | - with 'esm-apps' enabled |
903 | - Packages: |
904 | - (.|\n)+ |
905 | + # Package names in .*bold.* currently have an available update |
906 | + # with 'esm-apps' enabled |
907 | + # Packages: |
908 | + # (.|\n)+ |
909 | |
910 | - For example, run: |
911 | - apt-cache policy .+ |
912 | - to learn more about that package\. |
913 | - """ |
914 | + # For example, run: |
915 | + # apt-cache policy .+ |
916 | + # to learn more about that package\. |
917 | + # """ |
918 | When I verify that running `pro security-status --thirdparty --unavailable` `as non-root` exits `2` |
919 | Then I will see the following on stderr |
920 | """ |
921 | usage: security-status [-h] [--format {json,yaml,text}] |
922 | - [--thirdparty | --unavailable | --esm-infra | --esm-apps] |
923 | + [--thirdparty | --unavailable | --esm-infra] |
924 | argument --unavailable: not allowed with argument --thirdparty |
925 | """ |
926 | |
927 | @@ -340,10 +334,8 @@ Feature: Security status command behavior |
928 | |
929 | Main/Restricted packages receive updates with LTS until 2025\. |
930 | |
931 | - Ubuntu Pro with 'esm-apps' enabled provides security updates for |
932 | - Universe/Multiverse packages until 2030 and has \d+ pending security update[s]?\. |
933 | - |
934 | - Learn more about Ubuntu Pro at https://ubuntu\.com/pro |
935 | + Try Ubuntu Pro beta with a free personal subscription on up to 5 machines. |
936 | + Learn more at https://ubuntu.com/pro |
937 | """ |
938 | When I attach `contract_token` with sudo |
939 | And I verify root and non-root `pro security-status` calls have the same output |
940 | @@ -378,28 +370,28 @@ Feature: Security status command behavior |
941 | After the LTS period ends, Main/Restricted packages will get security updates |
942 | from Ubuntu Pro with 'esm-infra' enabled\. |
943 | """ |
944 | - When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
945 | - And I run `pro security-status --esm-apps` as non-root |
946 | - Then stdout matches regexp: |
947 | - """ |
948 | - \d+ packages installed: |
949 | - +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
950 | + # When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
951 | + # And I run `pro security-status --esm-apps` as non-root |
952 | + # Then stdout matches regexp: |
953 | + # """ |
954 | + # \d+ packages installed: |
955 | + # +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
956 | |
957 | - Universe/Multiverse packages are receiving security updates from |
958 | - Ubuntu Pro with 'esm-apps' enabled until 2030\. You have received (\d+|no) security |
959 | - update[s]?\. |
960 | + # Universe/Multiverse packages are receiving security updates from |
961 | + # Ubuntu Pro with 'esm-apps' enabled until 2030\. You have received (\d+|no) security |
962 | + # update[s]?\. |
963 | |
964 | - Run 'pro help esm-apps' to learn more |
965 | + # Run 'pro help esm-apps' to learn more |
966 | |
967 | - Package names in .*bold.* currently have an available update |
968 | - with 'esm-apps' enabled |
969 | - Packages: |
970 | - (.|\n)+ |
971 | + # Package names in .*bold.* currently have an available update |
972 | + # with 'esm-apps' enabled |
973 | + # Packages: |
974 | + # (.|\n)+ |
975 | |
976 | - For example, run: |
977 | - apt-cache policy .+ |
978 | - to learn more about that package\. |
979 | - """ |
980 | + # For example, run: |
981 | + # apt-cache policy .+ |
982 | + # to learn more about that package\. |
983 | + # """ |
984 | When I run `pro disable esm-infra esm-apps` with sudo |
985 | And I verify root and non-root `pro security-status` calls have the same output |
986 | And I run `pro security-status` as non-root |
987 | @@ -416,10 +408,6 @@ Feature: Security status command behavior |
988 | for a list of available options\. |
989 | |
990 | Main/Restricted packages receive updates with LTS until 2025\. |
991 | - |
992 | - Ubuntu Pro with 'esm-apps' enabled provides security updates for |
993 | - Universe/Multiverse packages until 2030 and has \d+ pending security update[s]?\. |
994 | - Enable esm-apps with: pro enable esm-apps |
995 | """ |
996 | When I verify root and non-root `pro security-status --thirdparty` calls have the same output |
997 | And I run `pro security-status --thirdparty` as non-root |
998 | @@ -468,32 +456,32 @@ Feature: Security status command behavior |
999 | After the LTS period ends, Main/Restricted packages will get security updates |
1000 | from Ubuntu Pro with 'esm-infra' enabled\. |
1001 | """ |
1002 | - When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
1003 | - And I run `pro security-status --esm-apps` as non-root |
1004 | - Then stdout matches regexp: |
1005 | - """ |
1006 | - \d+ packages installed: |
1007 | - +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
1008 | + # When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
1009 | + # And I run `pro security-status --esm-apps` as non-root |
1010 | + # Then stdout matches regexp: |
1011 | + # """ |
1012 | + # \d+ packages installed: |
1013 | + # +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
1014 | |
1015 | - Ubuntu Pro with 'esm-apps' enabled provides security updates for |
1016 | - Universe/Multiverse packages until 2030 and has 1 pending security update[s]?\. |
1017 | + # Ubuntu Pro with 'esm-apps' enabled provides security updates for |
1018 | + # Universe/Multiverse packages until 2030 and has 1 pending security update[s]?\. |
1019 | |
1020 | - Run 'pro help esm-apps' to learn more |
1021 | + # Run 'pro help esm-apps' to learn more |
1022 | |
1023 | - Package names in .*bold.* currently have an available update |
1024 | - with 'esm-apps' enabled |
1025 | - Packages: |
1026 | - (.|\n)+ |
1027 | + # Package names in .*bold.* currently have an available update |
1028 | + # with 'esm-apps' enabled |
1029 | + # Packages: |
1030 | + # (.|\n)+ |
1031 | |
1032 | - For example, run: |
1033 | - apt-cache policy .+ |
1034 | - to learn more about that package\. |
1035 | - """ |
1036 | + # For example, run: |
1037 | + # apt-cache policy .+ |
1038 | + # to learn more about that package\. |
1039 | + # """ |
1040 | When I verify that running `pro security-status --thirdparty --unavailable` `as non-root` exits `2` |
1041 | Then I will see the following on stderr |
1042 | """ |
1043 | usage: security-status [-h] [--format {json,yaml,text}] |
1044 | - [--thirdparty | --unavailable | --esm-infra | --esm-apps] |
1045 | + [--thirdparty | --unavailable | --esm-infra] |
1046 | argument --unavailable: not allowed with argument --thirdparty |
1047 | """ |
1048 | |
1049 | @@ -531,12 +519,3 @@ Feature: Security status command behavior |
1050 | |
1051 | Ubuntu Pro is not available for non-LTS releases\. |
1052 | """ |
1053 | - When I verify root and non-root `pro security-status --esm-apps` calls have the same output |
1054 | - And I run `pro security-status --esm-apps` as non-root |
1055 | - Then stdout matches regexp: |
1056 | - """ |
1057 | - \d+ packages installed: |
1058 | - +\d+ package[s]? from Ubuntu Universe/Multiverse repository |
1059 | - |
1060 | - Ubuntu Pro is not available for non-LTS releases\. |
1061 | - """ |
1062 | diff --git a/features/staging_commands.feature b/features/staging_commands.feature |
1063 | deleted file mode 100644 |
1064 | index 8633572..0000000 |
1065 | --- a/features/staging_commands.feature |
1066 | +++ /dev/null |
1067 | @@ -1,45 +0,0 @@ |
1068 | -@uses.config.contract_token_staging |
1069 | -Feature: Enable command behaviour when attached to an Ubuntu Pro staging subscription |
1070 | - |
1071 | - @series.lts |
1072 | - @uses.config.machine_type.lxd.container |
1073 | - Scenario Outline: Attached enable esm-apps on a machine |
1074 | - Given a `<release>` machine with ubuntu-advantage-tools installed |
1075 | - When I attach `contract_token_staging` with sudo |
1076 | - And I run `pro status --all` as non-root |
1077 | - Then stdout matches regexp |
1078 | - """ |
1079 | - esm-apps +yes enabled Expanded Security Maintenance for Applications |
1080 | - """ |
1081 | - And I verify that running `apt update` `with sudo` exits `0` |
1082 | - When I run `apt-cache policy` as non-root |
1083 | - Then apt-cache policy for the following url has permission `500` |
1084 | - """ |
1085 | - https://esm.staging.ubuntu.com/apps/ubuntu <release>-apps-updates/main amd64 Packages |
1086 | - """ |
1087 | - And apt-cache policy for the following url has permission `500` |
1088 | - """ |
1089 | - https://esm.staging.ubuntu.com/apps/ubuntu <release>-apps-security/main amd64 Packages |
1090 | - """ |
1091 | - And I verify that running `apt update` `with sudo` exits `0` |
1092 | - When I run `apt install -y <apps-pkg>` with sudo, retrying exit [100] |
1093 | - And I run `apt-cache policy <apps-pkg>` as non-root |
1094 | - Then stdout matches regexp: |
1095 | - """ |
1096 | - Version table: |
1097 | - \s*\*\*\* .* 500 |
1098 | - \s*500 https://esm.staging.ubuntu.com/apps/ubuntu <release>-apps-security/main amd64 Packages |
1099 | - """ |
1100 | - When I verify that running `pro enable esm-apps` `with sudo` exits `1` |
1101 | - Then stdout matches regexp |
1102 | - """ |
1103 | - One moment, checking your subscription first |
1104 | - Ubuntu Pro: ESM Apps is already enabled. |
1105 | - See: sudo pro status |
1106 | - """ |
1107 | - |
1108 | - Examples: ubuntu release |
1109 | - | release | apps-pkg | |
1110 | - | xenial | jq | |
1111 | - | bionic | bundler | |
1112 | - | focal | ant | |
1113 | diff --git a/features/ubuntu_upgrade.feature b/features/ubuntu_upgrade.feature |
1114 | index 2be17d7..f7c5e9b 100644 |
1115 | --- a/features/ubuntu_upgrade.feature |
1116 | +++ b/features/ubuntu_upgrade.feature |
1117 | @@ -32,7 +32,7 @@ Feature: Upgrade between releases when uaclient is attached |
1118 | """ |
1119 | """ |
1120 | When I run `pro refresh` with sudo |
1121 | - And I run `pro status` with sudo |
1122 | + And I run `pro status --all` with sudo |
1123 | Then stdout matches regexp: |
1124 | """ |
1125 | <service1> +yes +<service1_status> |
1126 | diff --git a/features/ubuntu_upgrade_unattached.feature b/features/ubuntu_upgrade_unattached.feature |
1127 | index 41655fd..f669b2e 100644 |
1128 | --- a/features/ubuntu_upgrade_unattached.feature |
1129 | +++ b/features/ubuntu_upgrade_unattached.feature |
1130 | @@ -30,6 +30,7 @@ Feature: Upgrade between releases when uaclient is unattached |
1131 | """ |
1132 | """ |
1133 | When I attach `contract_token` with sudo |
1134 | + And I run `pro status --all` with sudo |
1135 | Then stdout matches regexp: |
1136 | """ |
1137 | esm-infra +yes +<service_status> |
1138 | diff --git a/features/unattached_commands.feature b/features/unattached_commands.feature |
1139 | index 2c4ec35..5f27952 100644 |
1140 | --- a/features/unattached_commands.feature |
1141 | +++ b/features/unattached_commands.feature |
1142 | @@ -40,11 +40,23 @@ Feature: Command behaviour when unattached |
1143 | """ |
1144 | -32768 <esm-infra-url> <release>-infra-updates/main amd64 Packages |
1145 | """ |
1146 | - Then stdout matches regexp: |
1147 | + And stdout does not match regexp: |
1148 | """ |
1149 | - -32768 <esm-infra-url> <release>-infra-security/main amd64 Packages |
1150 | + -32768 <esm-apps-url> <release>-apps-updates/main amd64 Packages |
1151 | """ |
1152 | - And stdout matches regexp: |
1153 | + And stdout does not match regexp: |
1154 | + """ |
1155 | + -32768 <esm-apps-url> <release>-apps-security/main amd64 Packages |
1156 | + """ |
1157 | + When I append the following on uaclient config: |
1158 | + """ |
1159 | + features: |
1160 | + allow_beta: true |
1161 | + """ |
1162 | + And I run `dpkg-reconfigure ubuntu-advantage-tools` with sudo |
1163 | + And I run `apt-get update` with sudo |
1164 | + When I run `apt-cache policy` with sudo |
1165 | + Then stdout matches regexp: |
1166 | """ |
1167 | -32768 <esm-apps-url> <release>-apps-updates/main amd64 Packages |
1168 | """ |
1169 | diff --git a/features/unattached_status.feature b/features/unattached_status.feature |
1170 | index ad8bf89..2826a37 100644 |
1171 | --- a/features/unattached_status.feature |
1172 | +++ b/features/unattached_status.feature |
1173 | @@ -52,13 +52,10 @@ Feature: Unattached status |
1174 | SERVICE +AVAILABLE +DESCRIPTION |
1175 | cc-eal +yes +Common Criteria EAL2 Provisioning Packages |
1176 | cis +yes +Security compliance and audit tools |
1177 | - esm-apps +yes +Expanded Security Maintenance for Applications |
1178 | esm-infra +yes +Expanded Security Maintenance for Infrastructure |
1179 | fips +yes +NIST-certified core packages |
1180 | fips-updates +yes +NIST-certified core packages with priority security updates |
1181 | livepatch +yes +Canonical Livepatch service |
1182 | - ros +yes +Security Updates for the Robot Operating System |
1183 | - ros-updates +yes +All Updates for the Robot Operating System |
1184 | |
1185 | This machine is not attached to an Ubuntu Pro subscription. |
1186 | See https://ubuntu.com/pro |
1187 | @@ -123,7 +120,6 @@ Feature: Unattached status |
1188 | Then stdout matches regexp: |
1189 | """ |
1190 | SERVICE +AVAILABLE +DESCRIPTION |
1191 | - esm-apps +yes +Expanded Security Maintenance for Applications |
1192 | esm-infra +yes +Expanded Security Maintenance for Infrastructure |
1193 | fips +yes +NIST-certified core packages |
1194 | fips-updates +yes +NIST-certified core packages with priority security updates |
1195 | @@ -189,7 +185,6 @@ Feature: Unattached status |
1196 | Then stdout matches regexp: |
1197 | """ |
1198 | SERVICE +AVAILABLE +DESCRIPTION |
1199 | - esm-apps +yes +Expanded Security Maintenance for Applications |
1200 | esm-infra +yes +Expanded Security Maintenance for Infrastructure |
1201 | livepatch +yes +Canonical Livepatch service |
1202 | |
1203 | @@ -253,13 +248,10 @@ Feature: Unattached status |
1204 | SERVICE +AVAILABLE +ENTITLED +AUTO_ENABLED +DESCRIPTION |
1205 | cc-eal +yes +yes +no +Common Criteria EAL2 Provisioning Packages |
1206 | cis +yes +yes +no +Security compliance and audit tools |
1207 | - esm-apps +yes +yes +yes +Expanded Security Maintenance for Applications |
1208 | esm-infra +yes +yes +yes +Expanded Security Maintenance for Infrastructure |
1209 | fips +yes +yes +no +NIST-certified core packages |
1210 | fips-updates +yes +yes +no +NIST-certified core packages with priority security updates |
1211 | livepatch +yes +yes +yes +Canonical Livepatch service |
1212 | - ros +yes +yes +no +Security Updates for the Robot Operating System |
1213 | - ros-updates +yes +yes +no +All Updates for the Robot Operating System |
1214 | """ |
1215 | When I do a preflight check for `contract_token` with the all flag |
1216 | Then stdout matches regexp: |
1217 | @@ -283,24 +275,23 @@ Feature: Unattached status |
1218 | When I verify that a preflight check for `invalid_token` formatted as json exits 1 |
1219 | Then stdout is a json matching the `ua_status` schema |
1220 | And I will see the following on stdout: |
1221 | - """ |
1222 | - {"environment_vars": [], "errors": [{"message": "Invalid token. See https://ubuntu.com/pro", "message_code": "attach-invalid-token", "service": null, "type": "system"}], "result": "failure", "services": [], "warnings": []} |
1223 | - """ |
1224 | + """ |
1225 | + {"environment_vars": [], "errors": [{"message": "Invalid token. See https://ubuntu.com/pro", "message_code": "attach-invalid-token", "service": null, "type": "system"}], "result": "failure", "services": [], "warnings": []} |
1226 | + """ |
1227 | When I verify that a preflight check for `invalid_token` formatted as yaml exits 1 |
1228 | Then stdout is a yaml matching the `ua_status` schema |
1229 | And I will see the following on stdout: |
1230 | - """ |
1231 | - environment_vars: [] |
1232 | - errors: |
1233 | - - message: Invalid token. See https://ubuntu.com/pro |
1234 | - message_code: attach-invalid-token |
1235 | - service: null |
1236 | - type: system |
1237 | - result: failure |
1238 | - services: [] |
1239 | - warnings: [] |
1240 | - """ |
1241 | - |
1242 | + """ |
1243 | + environment_vars: [] |
1244 | + errors: |
1245 | + - message: Invalid token. See https://ubuntu.com/pro |
1246 | + message_code: attach-invalid-token |
1247 | + service: null |
1248 | + type: system |
1249 | + result: failure |
1250 | + services: [] |
1251 | + warnings: [] |
1252 | + """ |
1253 | Examples: ubuntu release |
1254 | | release | |
1255 | | xenial | |
1256 | @@ -315,7 +306,6 @@ Feature: Unattached status |
1257 | Then stdout matches regexp: |
1258 | """ |
1259 | SERVICE +AVAILABLE +ENTITLED +AUTO_ENABLED +DESCRIPTION |
1260 | - esm-apps +yes +yes +yes +Expanded Security Maintenance for Applications |
1261 | esm-infra +yes +yes +yes +Expanded Security Maintenance for Infrastructure |
1262 | fips +yes +yes +no +NIST-certified core packages |
1263 | fips-updates +yes +yes +no +NIST-certified core packages with priority security updates |
1264 | @@ -375,7 +365,6 @@ Feature: Unattached status |
1265 | Then stdout matches regexp: |
1266 | """ |
1267 | SERVICE +AVAILABLE +ENTITLED +AUTO_ENABLED +DESCRIPTION |
1268 | - esm-apps +yes +yes +yes +Expanded Security Maintenance for Applications |
1269 | esm-infra +yes +yes +yes +Expanded Security Maintenance for Infrastructure |
1270 | livepatch +yes +yes +yes +Canonical Livepatch service |
1271 | """ |
1272 | @@ -434,37 +423,34 @@ Feature: Unattached status |
1273 | And I verify that a preflight check for `contract_token_staging_expired` formatted as json exits 1 |
1274 | Then stdout is a json matching the `ua_status` schema |
1275 | And stdout matches regexp: |
1276 | - """ |
1277 | - \"result\": \"failure\" |
1278 | - """ |
1279 | + """ |
1280 | + \"result\": \"failure\" |
1281 | + """ |
1282 | And stdout matches regexp: |
1283 | - """ |
1284 | - \"message\": \"Contract .* expired on .*\" |
1285 | - """ |
1286 | + """ |
1287 | + \"message\": \"Contract .* expired on .*\" |
1288 | + """ |
1289 | When I verify that a preflight check for `contract_token_staging_expired` formatted as yaml exits 1 |
1290 | Then stdout is a yaml matching the `ua_status` schema |
1291 | Then stdout matches regexp: |
1292 | - """ |
1293 | - errors: |
1294 | - - message: Contract .* expired on .* |
1295 | - """ |
1296 | + """ |
1297 | + errors: |
1298 | + - message: Contract .* expired on .* |
1299 | + """ |
1300 | When I verify that a preflight check for `contract_token_staging_expired` without the all flag exits 1 |
1301 | Then stdout matches regexp: |
1302 | - """ |
1303 | - This token is not valid. |
1304 | - Contract \".*\" expired on .* |
1305 | - |
1306 | - SERVICE +AVAILABLE +ENTITLED +AUTO_ENABLED +DESCRIPTION |
1307 | - cc-eal +yes +yes +no +Common Criteria EAL2 Provisioning Packages |
1308 | - cis +yes +yes +no +Security compliance and audit tools |
1309 | - esm-apps +yes +yes +yes +Expanded Security Maintenance for Applications |
1310 | - esm-infra +yes +yes +yes +Expanded Security Maintenance for Infrastructure |
1311 | - fips +yes +yes +no +NIST-certified core packages |
1312 | - fips-updates +yes +yes +no +NIST-certified core packages with priority security updates |
1313 | - livepatch +yes +yes +yes +Canonical Livepatch service |
1314 | - ros +yes +yes +no +Security Updates for the Robot Operating System |
1315 | - ros-updates +yes +yes +no +All Updates for the Robot Operating System |
1316 | - """ |
1317 | + """ |
1318 | + This token is not valid. |
1319 | + Contract \".*\" expired on .* |
1320 | + |
1321 | + SERVICE +AVAILABLE +ENTITLED +AUTO_ENABLED +DESCRIPTION |
1322 | + cc-eal +yes +yes +no +Common Criteria EAL2 Provisioning Packages |
1323 | + cis +yes +yes +no +Security compliance and audit tools |
1324 | + esm-infra +yes +yes +yes +Expanded Security Maintenance for Infrastructure |
1325 | + fips +yes +yes +no +NIST-certified core packages |
1326 | + fips-updates +yes +yes +no +NIST-certified core packages with priority security updates |
1327 | + livepatch +yes +yes +yes +Canonical Livepatch service |
1328 | + """ |
1329 | |
1330 | Examples: ubuntu release |
1331 | | release | |
1332 | @@ -501,7 +487,6 @@ Feature: Unattached status |
1333 | Contract \".*\" expired on .* |
1334 | |
1335 | SERVICE +AVAILABLE +ENTITLED +AUTO_ENABLED +DESCRIPTION |
1336 | - esm-apps +yes +yes +yes +Expanded Security Maintenance for Applications |
1337 | esm-infra +yes +yes +yes +Expanded Security Maintenance for Infrastructure |
1338 | fips +yes +yes +no +NIST-certified core packages |
1339 | fips-updates +yes +yes +no +NIST-certified core packages with priority security updates |
1340 | @@ -543,7 +528,6 @@ Feature: Unattached status |
1341 | Contract \".*\" expired on .* |
1342 | |
1343 | SERVICE +AVAILABLE +ENTITLED +AUTO_ENABLED +DESCRIPTION |
1344 | - esm-apps +yes +yes +yes +Expanded Security Maintenance for Applications |
1345 | esm-infra +yes +yes +yes +Expanded Security Maintenance for Infrastructure |
1346 | livepatch +yes +yes +yes +Canonical Livepatch service |
1347 | """ |
1348 | diff --git a/uaclient/api/tests/test_u_pro_attach_auto_full_auto_attach_v1.py b/uaclient/api/tests/test_u_pro_attach_auto_full_auto_attach_v1.py |
1349 | index 3682000..515a959 100644 |
1350 | --- a/uaclient/api/tests/test_u_pro_attach_auto_full_auto_attach_v1.py |
1351 | +++ b/uaclient/api/tests/test_u_pro_attach_auto_full_auto_attach_v1.py |
1352 | @@ -50,8 +50,8 @@ class TestFullAutoAttachV1: |
1353 | ): |
1354 | cfg = FakeConfig(root_mode=True) |
1355 | options = FullAutoAttachOptions( |
1356 | - enable=["esm-infra", "esm-apps", "cis"], |
1357 | - enable_beta=["realtime-kernel", "test", "wrong"], |
1358 | + enable=["esm-infra", "cis"], |
1359 | + enable_beta=["esm-apps", "realtime-kernel", "test", "wrong"], |
1360 | ) |
1361 | with pytest.raises(exceptions.EntitlementNotFoundError): |
1362 | _full_auto_attach(options, cfg) |
1363 | @@ -79,8 +79,8 @@ class TestFullAutoAttachV1: |
1364 | ): |
1365 | cfg = FakeConfig(root_mode=True) |
1366 | options = FullAutoAttachOptions( |
1367 | - enable=["esm-infra", "esm-apps", "cis"], |
1368 | - enable_beta=["realtime-kernel"], |
1369 | + enable=["esm-infra", "cis"], |
1370 | + enable_beta=["esm-apps", "realtime-kernel"], |
1371 | ) |
1372 | with pytest.raises(exceptions.EntitlementNotEnabledError): |
1373 | _full_auto_attach(options, cfg) |
1374 | @@ -102,8 +102,8 @@ class TestFullAutoAttachV1: |
1375 | ): |
1376 | cfg = FakeConfig(root_mode=True) |
1377 | options = FullAutoAttachOptions( |
1378 | - enable=["esm-infra", "esm-apps", "fips"], |
1379 | - enable_beta=["ros"], |
1380 | + enable=["esm-infra", "fips"], |
1381 | + enable_beta=["esm-apps", "ros"], |
1382 | ) |
1383 | with pytest.raises(exceptions.EntitlementNotEnabledError): |
1384 | _full_auto_attach(options, cfg) |
1385 | @@ -116,8 +116,8 @@ class TestFullAutoAttachV1: |
1386 | ): |
1387 | cfg = FakeConfig(root_mode=True) |
1388 | options = FullAutoAttachOptions( |
1389 | - enable=["esm-infra", "esm-apps", "fips"], |
1390 | - enable_beta=["livepatch"], |
1391 | + enable=["esm-infra", "fips"], |
1392 | + enable_beta=["esm-apps", "livepatch"], |
1393 | ) |
1394 | with pytest.raises(exceptions.IncompatibleEntitlementsDetected) as e: |
1395 | _full_auto_attach(options, cfg) |
1396 | diff --git a/uaclient/apt.py b/uaclient/apt.py |
1397 | index 7a1f09e..e6b5615 100644 |
1398 | --- a/uaclient/apt.py |
1399 | +++ b/uaclient/apt.py |
1400 | @@ -397,16 +397,13 @@ def restore_commented_apt_list_file(filename: str) -> None: |
1401 | |
1402 | def add_ppa_pinning(apt_preference_file, repo_url, origin, priority): |
1403 | """Add an apt preferences file and pin for a PPA.""" |
1404 | - series = system.get_platform_info()["series"] |
1405 | _protocol, repo_path = repo_url.split("://") |
1406 | if repo_path.endswith("/"): # strip trailing slash |
1407 | repo_path = repo_path[:-1] |
1408 | content = ( |
1409 | "Package: *\n" |
1410 | - "Pin: release o={origin}, n={series}\n" |
1411 | - "Pin-Priority: {priority}\n".format( |
1412 | - origin=origin, priority=priority, series=series |
1413 | - ) |
1414 | + "Pin: release o={origin}\n" |
1415 | + "Pin-Priority: {priority}\n".format(origin=origin, priority=priority) |
1416 | ) |
1417 | system.write_file(apt_preference_file, content) |
1418 | |
1419 | diff --git a/uaclient/cli.py b/uaclient/cli.py |
1420 | index 0df3032..3473414 100644 |
1421 | --- a/uaclient/cli.py |
1422 | +++ b/uaclient/cli.py |
1423 | @@ -505,11 +505,11 @@ def security_status_parser(parser): |
1424 | help=("List and present information about esm-infra packages"), |
1425 | action="store_true", |
1426 | ) |
1427 | - group.add_argument( |
1428 | - "--esm-apps", |
1429 | - help=("List and present information about esm-apps packages"), |
1430 | - action="store_true", |
1431 | - ) |
1432 | + # group.add_argument( |
1433 | + # "--esm-apps", |
1434 | + # help=("List and present information about esm-apps packages"), |
1435 | + # action="store_true", |
1436 | + # ) |
1437 | return parser |
1438 | |
1439 | |
1440 | @@ -556,8 +556,8 @@ def action_security_status(args, *, cfg, **kwargs): |
1441 | security_status.list_unavailable_packages() |
1442 | elif args.esm_infra: |
1443 | security_status.list_esm_infra_packages(cfg) |
1444 | - elif args.esm_apps: |
1445 | - security_status.list_esm_apps_packages(cfg) |
1446 | + # elif args.esm_apps: |
1447 | + # security_status.list_esm_apps_packages(cfg) |
1448 | else: |
1449 | security_status.security_status(cfg) |
1450 | elif args.format == "json": |
1451 | diff --git a/uaclient/entitlements/esm.py b/uaclient/entitlements/esm.py |
1452 | index cceb272..eca6b4c 100644 |
1453 | --- a/uaclient/entitlements/esm.py |
1454 | +++ b/uaclient/entitlements/esm.py |
1455 | @@ -64,6 +64,7 @@ class ESMAppsEntitlement(ESMBaseEntitlement): |
1456 | description = "Expanded Security Maintenance for Applications" |
1457 | repo_key_file = "ubuntu-advantage-esm-apps.gpg" |
1458 | apt_repo_name = "apps" |
1459 | + is_beta = True |
1460 | |
1461 | @property |
1462 | def repo_pin_priority(self) -> Optional[str]: |
1463 | @@ -95,10 +96,10 @@ class ESMInfraEntitlement(ESMBaseEntitlement): |
1464 | |
1465 | @property |
1466 | def repo_pin_priority(self) -> Optional[str]: |
1467 | - """Once a release goes into EOL it is entitled to ESM Infra.""" |
1468 | - if system.is_active_esm(system.get_platform_info()["series"]): |
1469 | + """All LTS are entitled to ESM Infra.""" |
1470 | + if system.is_lts(system.get_platform_info()["series"]): |
1471 | return "never" |
1472 | - return None # No pinning on non-ESM releases |
1473 | + return None # No pinning on non-LTS releases |
1474 | |
1475 | @property |
1476 | def disable_apt_auth_only(self) -> bool: |
1477 | diff --git a/uaclient/entitlements/ros.py b/uaclient/entitlements/ros.py |
1478 | index e99ecfa..c63de1c 100644 |
1479 | --- a/uaclient/entitlements/ros.py |
1480 | +++ b/uaclient/entitlements/ros.py |
1481 | @@ -7,6 +7,7 @@ from uaclient.entitlements.base import UAEntitlement |
1482 | class ROSCommonEntitlement(repo.RepoEntitlement): |
1483 | help_doc_url = "https://ubuntu.com/robotics/ros-esm" |
1484 | repo_key_file = "ubuntu-advantage-ros.gpg" |
1485 | + is_beta = True |
1486 | |
1487 | |
1488 | class ROSEntitlement(ROSCommonEntitlement): |
1489 | diff --git a/uaclient/entitlements/tests/test_esm.py b/uaclient/entitlements/tests/test_esm.py |
1490 | index bffaa77..d638aac 100644 |
1491 | --- a/uaclient/entitlements/tests/test_esm.py |
1492 | +++ b/uaclient/entitlements/tests/test_esm.py |
1493 | @@ -19,36 +19,37 @@ def entitlement(request, entitlement_factory): |
1494 | |
1495 | class TestESMRepoPinPriority: |
1496 | @pytest.mark.parametrize( |
1497 | - "series, is_active_esm, repo_pin_priority", |
1498 | + "series, is_lts, repo_pin_priority", |
1499 | ( |
1500 | ("xenial", True, "never"), |
1501 | - ("bionic", False, None), |
1502 | - ("focal", False, None), |
1503 | + ("bionic", True, "never"), |
1504 | + ("impish", False, None), |
1505 | ), |
1506 | ) |
1507 | - @mock.patch("uaclient.system.is_active_esm") |
1508 | + @mock.patch("uaclient.system.is_lts") |
1509 | @mock.patch("uaclient.entitlements.esm.system.get_platform_info") |
1510 | - def test_esm_infra_repo_pin_priority_never_on_active_esm( |
1511 | + def test_esm_infra_repo_pin_priority_never_on_lts( |
1512 | self, |
1513 | m_get_platform_info, |
1514 | - m_is_active_esm, |
1515 | + m_is_lts, |
1516 | series, |
1517 | - is_active_esm, |
1518 | + is_lts, |
1519 | repo_pin_priority, |
1520 | ): |
1521 | - """Repository pinning priority for ESMInfra is 'never' when active ESM |
1522 | + """Repository pinning priority for ESMInfra is 'never' when LTS |
1523 | |
1524 | A pin priority of 'never' means we advertize those service packages |
1525 | without allowing them to be installed until someone attaches |
1526 | the machine to Ubuntu Advantage. This is only done for ESM Infra |
1527 | - when the release is EOL and supports ESM. We won't want/need to |
1528 | - advertize ESM Infra packages on releases that are not EOL. |
1529 | + when the release is LTS. We won't want/need to |
1530 | + advertize ESM Infra packages on releases that are not EOL, but |
1531 | + this is dealt with in the enable/disable flows, and in postinst. |
1532 | """ |
1533 | - m_is_active_esm.return_value = is_active_esm |
1534 | + m_is_lts.return_value = is_lts |
1535 | m_get_platform_info.return_value = {"series": series} |
1536 | inst = ESMInfraEntitlement({}) |
1537 | assert repo_pin_priority == inst.repo_pin_priority |
1538 | - assert [mock.call(series)] == m_is_active_esm.call_args_list |
1539 | + assert [mock.call(series)] == m_is_lts.call_args_list |
1540 | |
1541 | @pytest.mark.parametrize( |
1542 | "series, is_beta, repo_pin_priority", |
1543 | @@ -196,6 +197,7 @@ class TestESMInfraEntitlementEnable: |
1544 | } |
1545 | }, |
1546 | suites=["xenial"], |
1547 | + allow_beta=True, |
1548 | ) |
1549 | patched_packages = ["a", "b"] |
1550 | original_exists = os.path.exists |
1551 | @@ -384,12 +386,17 @@ class TestESMInfraEntitlementEnable: |
1552 | assert add_apt_calls == m_add_apt.call_args_list |
1553 | assert 0 == m_add_pinning.call_count |
1554 | assert subp_calls == m_subp.call_args_list |
1555 | - # Enable esm-infra/apps xenial removes apt preferences pin 'never' file |
1556 | - remove_file_calls = [ |
1557 | - mock.call( |
1558 | - "/etc/apt/preferences.d/ubuntu-{}".format(entitlement.name) |
1559 | - ) |
1560 | - ] |
1561 | + if entitlement.name == "esm-infra": |
1562 | + # Enable esm-infra xenial removes apt preferences pin 'never' file |
1563 | + remove_file_calls = [ |
1564 | + mock.call( |
1565 | + "/etc/apt/preferences.d/ubuntu-{}".format(entitlement.name) |
1566 | + ) |
1567 | + ] |
1568 | + else: |
1569 | + remove_file_calls = ( |
1570 | + [] |
1571 | + ) # esm-apps there is no apt pref file to remove |
1572 | assert remove_file_calls == m_remove_file.call_args_list |
1573 | assert [ |
1574 | mock.call(run_apt_update=False) |
1575 | diff --git a/uaclient/jobs/tests/test_update_messaging.py b/uaclient/jobs/tests/test_update_messaging.py |
1576 | index c696478..fdd0c97 100644 |
1577 | --- a/uaclient/jobs/tests/test_update_messaging.py |
1578 | +++ b/uaclient/jobs/tests/test_update_messaging.py |
1579 | @@ -649,7 +649,7 @@ class TestUpdateAPTandMOTDMessages: |
1580 | |
1581 | if is_lts: |
1582 | write_apt_calls = [mock.call(cfg, series)] |
1583 | - esm_announce_calls = [mock.call(cfg, series)] |
1584 | + esm_announce_calls = [] |
1585 | subp_calls = [ |
1586 | mock.call( |
1587 | [ |
1588 | diff --git a/uaclient/jobs/update_messaging.py b/uaclient/jobs/update_messaging.py |
1589 | index a1977ee..4a3893f 100644 |
1590 | --- a/uaclient/jobs/update_messaging.py |
1591 | +++ b/uaclient/jobs/update_messaging.py |
1592 | @@ -28,6 +28,7 @@ from uaclient.messages import ( |
1593 | CONTRACT_EXPIRED_MOTD_SOON_TMPL, |
1594 | DISABLED_APT_NO_PKGS_TMPL, |
1595 | DISABLED_APT_PKGS_TMPL, |
1596 | + TRY_UBUNTU_PRO_BETA, |
1597 | ) |
1598 | |
1599 | XENIAL_ESM_URL = "https://ubuntu.com/16-04" |
1600 | @@ -310,6 +311,32 @@ def write_apt_and_motd_templates(cfg: config.UAConfig, series: str) -> None: |
1601 | ], |
1602 | ) |
1603 | |
1604 | + if ( |
1605 | + system.is_current_series_lts() |
1606 | + and not system.is_active_esm(series) |
1607 | + and not cfg.is_attached |
1608 | + ): |
1609 | + _write_template_or_remove( |
1610 | + TRY_UBUNTU_PRO_BETA, os.path.join(msg_dir, apps_no_pkg_file) |
1611 | + ) |
1612 | + _write_template_or_remove( |
1613 | + TRY_UBUNTU_PRO_BETA, os.path.join(msg_dir, apps_pkg_file) |
1614 | + ) |
1615 | + _write_template_or_remove("", os.path.join(msg_dir, infra_no_pkg_file)) |
1616 | + _write_template_or_remove("", os.path.join(msg_dir, infra_pkg_file)) |
1617 | + _write_template_or_remove( |
1618 | + "", os.path.join(msg_dir, motd_apps_no_pkg_file) |
1619 | + ) |
1620 | + _write_template_or_remove( |
1621 | + "", os.path.join(msg_dir, motd_apps_pkg_file) |
1622 | + ) |
1623 | + _write_template_or_remove( |
1624 | + "", os.path.join(msg_dir, motd_infra_no_pkg_file) |
1625 | + ) |
1626 | + _write_template_or_remove( |
1627 | + "", os.path.join(msg_dir, motd_infra_pkg_file) |
1628 | + ) |
1629 | + |
1630 | |
1631 | def write_esm_announcement_message(cfg: config.UAConfig, series: str) -> None: |
1632 | """Write human-readable messages if ESM is offered on this LTS release. |
1633 | @@ -368,7 +395,7 @@ def update_apt_and_motd_messages(cfg: config.UAConfig) -> bool: |
1634 | return True |
1635 | |
1636 | # Announce ESM availabilty on active ESM LTS releases |
1637 | - write_esm_announcement_message(cfg, series) |
1638 | + # write_esm_announcement_message(cfg, series) |
1639 | write_apt_and_motd_templates(cfg, series) |
1640 | # Now that we've setup/cleanedup templates render them with apt-hook |
1641 | system.subp( |
1642 | diff --git a/uaclient/messages.py b/uaclient/messages.py |
1643 | index 3ad5c8a..95f1605 100644 |
1644 | --- a/uaclient/messages.py |
1645 | +++ b/uaclient/messages.py |
1646 | @@ -1010,7 +1010,12 @@ Ubuntu Pro with '{service}' enabled until {year}. You have received {updates} se |
1647 | update{plural}.""" # noqa: E501 |
1648 | |
1649 | SS_SERVICE_COMMAND = "Enable {service} with: pro enable {service}" |
1650 | -SS_LEARN_MORE = "Learn more about Ubuntu Pro at " + BASE_UA_URL |
1651 | +SS_LEARN_MORE = """\ |
1652 | +Try Ubuntu Pro beta with a free personal subscription on up to 5 machines. |
1653 | +Learn more at {url} |
1654 | +""".format( |
1655 | + url=BASE_UA_URL |
1656 | +) |
1657 | |
1658 | SS_POLICY_HINT = """\ |
1659 | For example, run: |
1660 | @@ -1029,3 +1034,7 @@ Package names in {bold}bold{end_bold} currently have an available update |
1661 | with '{{service}}' enabled""".format( |
1662 | bold=TxtColor.BOLD, end_bold=TxtColor.ENDC |
1663 | ) |
1664 | + |
1665 | +TRY_UBUNTU_PRO_BETA = """\ |
1666 | +Try Ubuntu Pro beta with a free personal subscription on up to 5 machines. |
1667 | +Learn more at https://ubuntu.com/pro""" |
1668 | diff --git a/uaclient/security_status.py b/uaclient/security_status.py |
1669 | index da1621c..134ba12 100644 |
1670 | --- a/uaclient/security_status.py |
1671 | +++ b/uaclient/security_status.py |
1672 | @@ -421,6 +421,7 @@ def security_status(cfg: UAConfig): |
1673 | series = get_platform_info()["series"] |
1674 | is_lts = is_current_series_lts() |
1675 | is_attached = get_ua_info(cfg)["attached"] |
1676 | + esm_apps_enabled = "esm-apps" in get_ua_info(cfg)["enabled_services"] |
1677 | |
1678 | packages_by_origin = get_installed_packages_by_origin() |
1679 | security_upgradable_versions_infra = filter_security_updates( |
1680 | @@ -457,10 +458,14 @@ def security_status(cfg: UAConfig): |
1681 | is_attached=is_attached, |
1682 | ) |
1683 | |
1684 | - if is_lts and ( |
1685 | - packages_by_origin["universe"] |
1686 | - or packages_by_origin["multiverse"] |
1687 | - or packages_by_origin["esm-apps"] |
1688 | + if ( |
1689 | + esm_apps_enabled |
1690 | + and is_lts |
1691 | + and ( |
1692 | + packages_by_origin["universe"] |
1693 | + or packages_by_origin["multiverse"] |
1694 | + or packages_by_origin["esm-apps"] |
1695 | + ) |
1696 | ): |
1697 | _print_service_support( |
1698 | service="esm-apps", |
1699 | diff --git a/uaclient/tests/test_apt.py b/uaclient/tests/test_apt.py |
1700 | index 067d8e9..3c0d775 100644 |
1701 | --- a/uaclient/tests/test_apt.py |
1702 | +++ b/uaclient/tests/test_apt.py |
1703 | @@ -69,7 +69,7 @@ class TestAddPPAPinning: |
1704 | expected_pref = dedent( |
1705 | """\ |
1706 | Package: * |
1707 | - Pin: release o=MYORIG, n=xenial |
1708 | + Pin: release o=MYORIG |
1709 | Pin-Priority: 1003\n""" |
1710 | ) |
1711 | assert expected_pref == system.load_file(pref_file) |
1712 | diff --git a/uaclient/tests/test_cli.py b/uaclient/tests/test_cli.py |
1713 | index a67dfd4..ac5ef8e 100644 |
1714 | --- a/uaclient/tests/test_cli.py |
1715 | +++ b/uaclient/tests/test_cli.py |
1716 | @@ -78,8 +78,6 @@ Client to manage Ubuntu Pro services on a machine. |
1717 | (https://ubuntu.com/cc-eal) |
1718 | - cis: Security compliance and audit tools |
1719 | (https://ubuntu.com/security/certifications/docs/usg) |
1720 | - - esm-apps: Expanded Security Maintenance for Applications |
1721 | - (https://ubuntu.com/security/esm) |
1722 | - esm-infra: Expanded Security Maintenance for Infrastructure |
1723 | (https://ubuntu.com/security/esm) |
1724 | - fips-updates: NIST-certified core packages with priority security updates |
1725 | diff --git a/uaclient/tests/test_cli_disable.py b/uaclient/tests/test_cli_disable.py |
1726 | index dd3090e..faa4dd9 100644 |
1727 | --- a/uaclient/tests/test_cli_disable.py |
1728 | +++ b/uaclient/tests/test_cli_disable.py |
1729 | @@ -39,8 +39,8 @@ Disable an Ubuntu Pro service. |
1730 | |
1731 | Arguments: |
1732 | service the name(s) of the Ubuntu Pro services to disable. One |
1733 | - of: cc-eal, cis, esm-apps, esm-infra, fips, fips- |
1734 | - updates, livepatch, ros, ros-updates |
1735 | + of: cc-eal, cis, esm-infra, fips, fips-updates, |
1736 | + livepatch |
1737 | |
1738 | Flags: |
1739 | -h, --help show this help message and exit |
1740 | diff --git a/uaclient/tests/test_cli_enable.py b/uaclient/tests/test_cli_enable.py |
1741 | index f21cf36..8030fb2 100644 |
1742 | --- a/uaclient/tests/test_cli_enable.py |
1743 | +++ b/uaclient/tests/test_cli_enable.py |
1744 | @@ -20,8 +20,8 @@ Enable an Ubuntu Pro service. |
1745 | |
1746 | Arguments: |
1747 | service the name(s) of the Ubuntu Pro services to enable. One |
1748 | - of: cc-eal, cis, esm-apps, esm-infra, fips, fips- |
1749 | - updates, livepatch, ros, ros-updates |
1750 | + of: cc-eal, cis, esm-infra, fips, fips-updates, |
1751 | + livepatch |
1752 | |
1753 | Flags: |
1754 | -h, --help show this help message and exit |
1755 | diff --git a/uaclient/tests/test_cli_security_status.py b/uaclient/tests/test_cli_security_status.py |
1756 | index 3a46233..141db5f 100644 |
1757 | --- a/uaclient/tests/test_cli_security_status.py |
1758 | +++ b/uaclient/tests/test_cli_security_status.py |
1759 | @@ -17,7 +17,7 @@ M_PATH = "uaclient.cli." |
1760 | HELP_OUTPUT = textwrap.dedent( |
1761 | """\ |
1762 | usage: security-status \[-h\] \[--format {json,yaml,text}\] |
1763 | - \[--thirdparty \| --unavailable \| --esm-infra \| --esm-apps\] |
1764 | + \[--thirdparty \| --unavailable \| --esm-infra\] |
1765 | |
1766 | Show security updates for packages in the system, including all |
1767 | available Expanded Security Maintenance \(ESM\) related content. |
1768 | @@ -45,7 +45,6 @@ complete status on Ubuntu Pro services, run 'pro status'. |
1769 | --unavailable List and present information about unavailable |
1770 | packages |
1771 | --esm-infra List and present information about esm-infra packages |
1772 | - --esm-apps List and present information about esm-apps packages |
1773 | """ # noqa |
1774 | ) |
1775 | |
1776 | diff --git a/uaclient/tests/test_cli_status.py b/uaclient/tests/test_cli_status.py |
1777 | index 3180b16..7ad8071 100644 |
1778 | --- a/uaclient/tests/test_cli_status.py |
1779 | +++ b/uaclient/tests/test_cli_status.py |
1780 | @@ -82,7 +82,6 @@ ros-updates no no no All Updates for the Robot O |
1781 | |
1782 | SIMULATED_STATUS = """\ |
1783 | SERVICE AVAILABLE ENTITLED AUTO_ENABLED DESCRIPTION |
1784 | -esm-apps yes no yes Expanded Security Maintenance for Applications |
1785 | esm-infra yes yes yes Expanded Security Maintenance for Infrastructure |
1786 | livepatch yes yes no Canonical Livepatch service |
1787 | """ # noqa: E501 |
1788 | @@ -104,7 +103,6 @@ See https://ubuntu.com/pro |
1789 | |
1790 | UNATTACHED_STATUS = """\ |
1791 | SERVICE AVAILABLE DESCRIPTION |
1792 | -esm-apps yes Expanded Security Maintenance for Applications |
1793 | esm-infra yes Expanded Security Maintenance for Infrastructure |
1794 | livepatch yes Canonical Livepatch service |
1795 | |
1796 | @@ -134,7 +132,6 @@ Technical support level: n/a |
1797 | # Omit beta services from status |
1798 | ATTACHED_STATUS = """\ |
1799 | SERVICE ENTITLED STATUS DESCRIPTION |
1800 | -esm-apps no {dash} Expanded Security Maintenance for Applications |
1801 | esm-infra no {dash} Expanded Security Maintenance for Infrastructure |
1802 | livepatch no {dash} Canonical Livepatch service |
1803 | {notices}{features} |
1804 | @@ -146,7 +143,7 @@ Enable services with: pro enable <service> |
1805 | Technical support level: n/a |
1806 | """ # noqa: E501 |
1807 | |
1808 | -BETA_SVC_NAMES = ["realtime-kernel"] |
1809 | +BETA_SVC_NAMES = ["esm-apps", "realtime-kernel", "ros", "ros-updates"] |
1810 | |
1811 | SERVICES_JSON_ALL = [ |
1812 | { |
1813 | @@ -235,16 +232,6 @@ SERVICES_JSON_ALL = [ |
1814 | |
1815 | SERVICES_JSON = [ |
1816 | { |
1817 | - "description": "Expanded Security Maintenance for Applications", |
1818 | - "description_override": None, |
1819 | - "entitled": "no", |
1820 | - "name": "esm-apps", |
1821 | - "status": "—", |
1822 | - "status_details": "", |
1823 | - "available": "yes", |
1824 | - "blocked_by": [], |
1825 | - }, |
1826 | - { |
1827 | "description": "Expanded Security Maintenance for Infrastructure", |
1828 | "description_override": None, |
1829 | "entitled": "no", |
1830 | @@ -809,9 +796,6 @@ class TestActionStatus: |
1831 | "entitled": "no", |
1832 | "name": "realtime-kernel", |
1833 | }, |
1834 | - ] |
1835 | - |
1836 | - services = [ |
1837 | { |
1838 | "auto_enabled": "yes", |
1839 | "available": "yes", |
1840 | @@ -820,6 +804,24 @@ class TestActionStatus: |
1841 | "name": "esm-apps", |
1842 | }, |
1843 | { |
1844 | + "auto_enabled": "no", |
1845 | + "available": "no", |
1846 | + "description": "Security Updates for the Robot Operating" |
1847 | + " System", |
1848 | + "entitled": "no", |
1849 | + "name": "ros", |
1850 | + }, |
1851 | + { |
1852 | + "auto_enabled": "no", |
1853 | + "available": "no", |
1854 | + "description": "All Updates for the Robot Operating System", |
1855 | + "entitled": "no", |
1856 | + "name": "ros-updates", |
1857 | + }, |
1858 | + ] |
1859 | + |
1860 | + services = [ |
1861 | + { |
1862 | "auto_enabled": "yes", |
1863 | "available": "yes", |
1864 | "description": "Expanded Security Maintenance for Infrastructure", # noqa |
1865 | @@ -848,21 +850,6 @@ class TestActionStatus: |
1866 | "entitled": "yes", |
1867 | "name": "livepatch", |
1868 | }, |
1869 | - { |
1870 | - "auto_enabled": "no", |
1871 | - "available": "no", |
1872 | - "description": "Security Updates for the Robot Operating" |
1873 | - " System", |
1874 | - "entitled": "no", |
1875 | - "name": "ros", |
1876 | - }, |
1877 | - { |
1878 | - "auto_enabled": "no", |
1879 | - "available": "no", |
1880 | - "description": "All Updates for the Robot Operating System", |
1881 | - "entitled": "no", |
1882 | - "name": "ros-updates", |
1883 | - }, |
1884 | ] |
1885 | |
1886 | expected_services = sorted( |
1887 | diff --git a/uaclient/tests/test_status.py b/uaclient/tests/test_status.py |
1888 | index 86b59fb..3e64924 100644 |
1889 | --- a/uaclient/tests/test_status.py |
1890 | +++ b/uaclient/tests/test_status.py |
1891 | @@ -268,10 +268,8 @@ def esm_desc(FakeConfig): |
1892 | |
1893 | |
1894 | @pytest.fixture |
1895 | -def realtime_desc(FakeConfig): |
1896 | - return entitlement_factory( |
1897 | - cfg=FakeConfig(), name="realtime-kernel" |
1898 | - ).description |
1899 | +def ros_desc(FakeConfig): |
1900 | + return entitlement_factory(cfg=FakeConfig(), name="ros").description |
1901 | |
1902 | |
1903 | @mock.patch("uaclient.files.NoticeFile.remove") |
1904 | @@ -301,7 +299,7 @@ class TestStatus: |
1905 | m_get_available_resources, |
1906 | _m_should_reboot, |
1907 | m_remove_notice, |
1908 | - realtime_desc, |
1909 | + ros_desc, |
1910 | esm_desc, |
1911 | show_all, |
1912 | FakeConfig, |
1913 | @@ -316,8 +314,8 @@ class TestStatus: |
1914 | }, |
1915 | { |
1916 | "available": "no", |
1917 | - "name": "realtime-kernel", |
1918 | - "description": realtime_desc, |
1919 | + "name": "ros", |
1920 | + "description": ros_desc, |
1921 | }, |
1922 | ] |
1923 | else: |
1924 | @@ -331,7 +329,7 @@ class TestStatus: |
1925 | cfg = FakeConfig() |
1926 | m_get_available_resources.return_value = [ |
1927 | {"name": "esm-infra", "available": True}, |
1928 | - {"name": "realtime-kernel", "available": False}, |
1929 | + {"name": "ros", "available": False}, |
1930 | ] |
1931 | expected = copy.deepcopy(DEFAULT_STATUS) |
1932 | expected["version"] = mock.ANY |
1933 | diff --git a/uaclient/version.py b/uaclient/version.py |
1934 | index 89eedf2..54776f6 100644 |
1935 | --- a/uaclient/version.py |
1936 | +++ b/uaclient/version.py |
1937 | @@ -18,7 +18,7 @@ from uaclient.defaults import CANDIDATE_CACHE_PATH, UAC_TMP_PATH |
1938 | from uaclient.exceptions import ProcessExecutionError |
1939 | from uaclient.system import subp |
1940 | |
1941 | -__VERSION__ = "27.11" |
1942 | +__VERSION__ = "27.11.2" |
1943 | PACKAGED_VERSION = "@@PACKAGED_VERSION@@" |
1944 | |
1945 | CANDIDATE_REGEX = r"Candidate: (?P<candidate>.*?)\n" |
+1, no packaging changes on top of 27.11.1 (which was already reviewed and accepted), and no obvious mistakes I can see, being unfamiliar with the code as I am.