Publishing details

Changelog

ubuntu-advantage-tools (27.0~18.04.2) bionic; urgency=medium

  * Open 27.0 for active development

ubuntu-advantage-tools (26.3~21.04.1) hirsute; urgency=medium

  * d/control: add new debianutils dependency
  * New upstream release 26.3
    - util: improve is_container check for chroot
    - cli: pass assume_yes param to services on detach (GH: #1530)

ubuntu-advantage-tools (26.2~21.04.1) hirsute; urgency=medium

  * status: show beta services in status if enabled (GH: #1410)

ubuntu-advantage-tools (26.1~21.04.1) hirsute; urgency=medium

  *  New upstream release 26.1
     - contract: block detach call to contract if machine-id change
     - docs: add readme docs about mastering clean golden images
     - fips: add reboot notices for fips operations (GH: #1368)
     - livepatch: add retry when running canonical-livepatch status
       (GH: #1360)
     - util: use lru_cache to avoid re-reading os-release and machine-id
       (GH: #1329)
     - tests:
       + add disable_auto_attach config to all test PRO vms
       + add more log artifacts during failed integration test
       + check cloudinit status after launching image
       + mock leaking livepatch.application_status for fips test
       + retry package installs on apt exit 100
     - jenkins: parameterize build stages to avoid parallel job collision

ubuntu-advantage-tools (26.0.1~21.04.1) hirsute; urgency=medium

  * auto-attach: fix comparing numeric iid

ubuntu-advantage-tools (26.0~21.04.1) hirsute; urgency=medium

  * New upstream release 26.0:
    - auto-attach: systemd unit to run before ua-reboot-cmds.service
    - config: remove_notice should remove notices.json when empty
    - fips:
      + add notice if running a deactivated FIPS kernel (GH: #1348)
      + block enabling FIPS on clouds using Xenial
      + block enabling fips on GCP instances
      + check /proc/sys/crypto/fips_enable to see if fips is enabled
      + override fips metapackage when on bionic cloud
      + update metapackage override logic on fips
    - notices: clear lock file and notice when encountering any exception
      (GH: #1326)
    - reboot_cmds: retry on lock held errors due to pro auto-attach
    - services: allow uaclient to disable services during enable
    - status: include beta services in json formatted output with --all
      (GH: #1341)
    - tests:
      + add FIPS tests to AWS and Azure bionic images
      + add GCP pro test for focal machine
      + add after_step collection of artifacts on failure
      + remove proc file check after disabling fips
      + pro: block auto-attach with cloud-config bootcmd
      + add validation of systemd unit ua-reboot-cmds.service
      + test enabling fips-updates when fips is enabled
    - jenkins:
      - add deb build stage to assert package builds
      - use series-specific sbuild --build-dir avoid races
      - use --append-to-version for each sbuild run to avoid races
      - presume success when no integration artifacts created

ubuntu-advantage-tools (26.0~21.04.1~beta) hirsute; urgency=medium

  * d/rules:
    - add --with systemd to allow reboot init script
    - do not remove lib/systemd/system folder
  * d/postinst:
    - create marker file when reboot script need to run:
      - enable livepatch across trusty to xenial upgrade
      - update fips on existing fips pro machines
  * New upstream release 26.0~beta:
    - gcp: add Google Cloud Platform support (GH #1269)
    - fips:
      + remove is_beta from fips sevices
      + fips pro: add upgrade support to require reboot to unmark held fips pkgs
      + update origin UbuntuFIPSUpdates
    - status:
      + add notice to tabular output
      + held locks emit notice about Operation in progress
    - cli: help sort output so trusty ordering matches xenial++
    - cis: rename service from cis-audit
    - config: provide config notices and add_notice and remove_notice methods
    - contract: add resource-machine-access route and datapath
    - init: add init script to run commands on reboot
    - keys: add ubuntu-advantage-cis keyring
    - livepatch: make livepatch react to enableByDefault delta
    - log: log when we install pkgs because of contract delta
    - make: drop six testdeps target
    - pro: do not install pro debs on non-pro instances
    - services: Update beta info for services (GH #1220)
    - tools: add tox-lxd-runner, that execute the test command in a shell
    - tools: refresh-keyrings handles cis keys. drop series-specific keys
    - tests:
      + add GCE support for integration tests
      + add cis integration tests for unattached and pro
      + add pytest constraint for mypy tests
      + add unittests for reboot_cmds script
      + fix esm package messages for new update notifier version
      + pin importlib-metadata for mypy tests
      + repo tests for request_resource_machine_access
      + unit tests for config cache clearing and machine-access data
    - jenkins:
      + add basic Jenkinsfile for CI runs per PR
      + add jenkins parseable test results
      + add lxc cleanup stage on Jenkinsfile

ubuntu-advantage-tools (25.0~20.10.1) groovy; urgency=medium

  * Release version 25.0

ubuntu-advantage-tools (25.0~20.10.1beta3) groovy; urgency=medium

  * New upstream release 25.0~beta3:
    - upgrade-lts-conract: noop during do-release-upgrade on unattached
      (GH: #1255)
    - ua-auto-attach: order systemd unit before cloud-config.service
    - Update FIPSUpdates pin origin
    - fips: unmark held fips packages for ubuntu pro fips image support
      (GH: #1109)
    - repo: handle changes to additionalPackages contract deltas
    - repo: move package installation to install_packages method
    - pro: trigger auto-attach as soon as instance-data.json is available
      (GH: #1234)
    - Conditionally install packages when enabling FIPS
    - fips: allow disable (GH: #1168)
    - cli: add trailing newline to argparse errors (GH: #1236)
    - Install fips metapacking when enabling service
    - integration test improvements:
      + upgrade-test: fix upgrade path restart failures on trusty (GH: #1257)
      + Fix integration test setup scripts (GH: #1253)
      + strict checking for command success on behave
      + Update tests to use new pycloudlib LXD abstraction
      + Add upgrade scenario tests when FIPS is enabled
      + Improve FIPS tests for checking packages
      + Update esm-infra xenial lxd test
      + Fix vm tests as esm-apps is beta service
      + Fix azure generic integration testing
      + Update esm-apps check on staging_commands tests
      + Install pycloudlib for azure jobs only
      + Fix shell condition in run_azure_travis_integration_tests.sh
      + Update azure jobs on travis
      + Update travis url in README
      + Update travis scripts to use ppa only on master
      + Fix cron event type check on travis yaml

ubuntu-advantage-tools (25.0~20.10.1~beta2) groovy; urgency=medium

  * New upstream release 25.0~beta2:
    - help: update esm-infra help text (GH: #1212)
    - apt-hook: update apt cli messaging for UA Infra: ESM and UA Apps: ESM
      product names
    - help: update fips help docs (GH: #1213)
    - help: revert CIS help doc URL (GH: #1211)
    - help: add new fips help URLs to CLI help docs (GH: #1210)
    - Show error when enabling service with invalid repo [Lucas Moura]
      (GH: #954)
    - Update beta info for services (#1220) [Lucas Moura] (GH: #1216)
    - Do not enable fips when fips-updates is active [Lucas Moura] (GH: #1209)
    - Add vm test commands in tox.ini (#1204) [Lucas Moura]

ubuntu-advantage-tools (25.0~20.10.1~beta1) groovy; urgency=medium

  * Beta bug fix release
    - status: fix missing description_override key after upgrade from
      trusty (GH: #1201)
    - During contract delta processing use _check_application_status_on_cache
      instead of live service status

ubuntu-advantage-tools (25.0~20.10.1~beta) groovy; urgency=medium

  * d/control:
    - add po-debconf dependency and fix lintian not-using-po-debconf and
      untranslatable-debconf-templates
    - add ${misc:Depends} dep to ubuntu-advantage-pro to fix lintian
      debhelper-but-no-misc-depends (GH: #1024)
  * d/rules:
    - drop --with systemd fix build-depends-on-obsolete-package
    - set fix lintian warning extra:Depends even if empty
  * d/postrm
    - Add more gpg keys to be deleted in postrm for Xenial+ support
  * d/postinst:
    - do not unconfigure non-trusty esm. no series in apt filenames (GH: #1170)
    - check if esm is already enabled (GH: #1095)
  * New upstream release 25.0:
    - Do not uninstall additionalPackages or livepatch when disabling services
    - check for issubclass on clean_apt_files
    - Add do-release-upgrade support for esm-infra and apps suites (GH: #1169)
    - Apply contract deltas during do-release-upgrade operations
    - cli: add ua help command
    - cli: status add blocking --wait param and lock files for config change
    - Fix livepatch behaviour on aws pro focal machine
    - travis: drop inapplicable workspaces from specific awsgeneric release
      jobs
    - Add possible reboot text after enabling/disabling services
    - apt-hook: package apt-hook and apt configuration files on all releases
      (GH: #1150)
    - Fix enable fail bug
    - Add uaclient.conf override mechanism for auto-attach, beta services and
      machine-token
    - Support ESM Apps [Brian Murray] (GH: #930)
    - Do not enable services if blocking services is active (GH: #1029)
    - contract: handle 401 on invalid token, 403 on expired (GH: #1335)
    - Hide beta services from default status output and enable/disable
      operations (GH: #1079) (GH: #1091)
    - fips: force apt noninteractive prompts during package installs
      (GH: #1084)
    - tests: add unit tests for aws-gov/aws-china cloud detection
    - Add AWS China and GovCloud partitions [Robert Jennings]
    - Disable beta services to be show/enabled without flag
    - Add missing build_pr command to environment
    - Use additionalPackages from service payload
    - Add integration testing for Travis runs [patriciadomin] (GH: #856)
      (GH: #857)  (GH: #853)

ubuntu-advantage-tools (24.4) groovy; urgency=medium

  * New bug-fix-only release 24.4:
     - uaclient.version bump to 24.4
     - fips: honor additionalPackage directive from contract for bionic
       (GH #1173)

ubuntu-advantage-tools (24.3) groovy; urgency=medium

  * New bug-fix-only release 24.3:
    - uaclient.version bump to 24.3
    - fips: add conditional reboot message only if /var/run/reboot-required is
      present
    - fips: add apt repo key for FIPS and FIPS updates (GH #1026)

ubuntu-advantage-tools (24.2) groovy; urgency=medium

  * New bug-fix-only release 24.2:
    - uaclient.version bump to 24.2
    - pro: Add AWS China and GovCloud partitions support (GH #1077)

ubuntu-advantage-tools (24.1) groovy; urgency=medium

  * New bug-fix-only release 24.1:
    - livepatch: run snap wait system snap.seeded before trying to install
      (GH: #1049)
    - version: return debian/changelog version when git describe fails to
      match upstream <major>.<minor> tags for git-ubuntu workflow
      (GH: #1058)

ubuntu-advantage-tools (24.0) groovy; urgency=medium

  * bump version to 24.0 for new versioninig scheme

ubuntu-advantage-tools (20.3) focal; urgency=medium

  * New upstream release 20.3:
    - ubuntu-pro: automatically reattach across instance id delta
      (LP: #1867573)
    - integration testing:
      + add behave tests ua subcommands for attached vm
      + add invalid token tests
      + add reuse_container test docs
      + refactor token parameter

ubuntu-advantage-tools (20.2) focal; urgency=medium

  * d/templates: add a debconf note on upgrade from pre-ubuntu pro package
  * d/control: create a separate ubuntu-advantage-pro package which
      delivers the tooling and scripts necessary to auto-attach pro machines
      This change breaks/replaces ubuntu-advantage-tools <= 20.1
  * d/maintscript: rm_conffile /etc/init/ua-auto-attach.conf from ua-tools pkg
  * d/postint: remove stale systemd symlinks which have migrated to ubuntu-pro
  * d/rules: only install the apt hook on trusty
  * d/rules: provide --no-start to debhelper to avoid auto-attach on pkg install
  * Release 20.2:
    - ubuntu-pro:
      + azure: fix detection of DatasourceAzureNet as azure on trusty
      + generalize identity_doc to return dict instead of string
      + auto-attach: any 4XX errors during auto-attach are the result of non-Pro
      + auto-attach: handle 403 errors raised by contract server for invalid vms
    - attach: persist any status config changes after attach failures
    - output: add messaging using a different subscription if attached

ubuntu-advantage-tools (20.1) xenial; urgency=medium

  * Release 20.1:
    - azure-pro, support for azure ubuntu pro auto-attach:
      + add azure auto-attach instance as valid cloud_instance_factory
      + add azure cloud instance module and tests
      + generalize request_aws_contract_token for multiple cloud_types
      + contract: request_auto_attach_contract_token takes an instance param
    - constraints: add constraint on pyyaml version in trusty
    - auto-attach: move duplicate invalid cloud_type check out of cli

ubuntu-advantage-tools (19.7) xenial; urgency=medium

  * d/postinst: only configure ESM on supported architectures (LP: #1851858)
      [Andreas Hasenack]
  * d/postinst: rename existing ubuntu-esm-precise.list file to trusty.
    This fixes the upgrade path from precise to trusty and to this client
    while esm is enabled (LP: #1850672)
  * Release 19.7:
    - aws: handle missing SYS_HYPERVISOR_PRODUCT_UUID
    - aws-pro: support for aws ubuntu pro auto-attach
    - pro: add cloud identity module and fix unit tests
    - pro: update systemd service and upstart boot scripts to auto-attach
    - pro: esm do not do apt pin never on disable on xenial or bionic
    - pro: esm-apps has origin UbuntuESMApps and esm-infra is UbuntuESM
    - status: dynamic status available now from refreshed machine-token
    - uaclient: update customer visible messages after UX review
    - esm-apps: allow unattended security upgrades for esm-apps
    - systemd: needs WantedBy=multi-user.target to get pulled into boot
    - cli: update docstring to describe errors raised from auto-attach
    - keyrings: update ubuntu-advantage-esm-apps.gpg with correct key
    - repo: match strict repo url in apt-policy to avoid esm substring matches
    - esm: don't disable_apt_auth_only for ESM entitlements
    - initial implementation of esm-apps
    - repo: don't raise exception in application_status if aptURL missing
    - entitlements: rely solely on contract server for repo_url
    - cli: exit 0 if already attached
    - cli: use decorators for action_attach and action_attach_premium
    - cli: add assert_not_attached decorator
    - status: custom descriptions for n/a service status

ubuntu-advantage-tools (19.6) focal; urgency=medium

  * New upstream release. Main changes:
    - drop SSO interactive login support
    - d/control: no longer depend on pymacaroons, which was only needed for
      the SSO interactive login support
    - drop keyrings for services not supported in trusty: cc-eal, fips,
      fips-updates, cis audit
    - make sure /var/lib/ubuntu-advantage/private has 0700 perms
    - rename esm to esm-infra. Also handle upgrades
    - don't unecessarily remove config files that are already handled by dpkg
    - expand the apt related runtime dependencies
    - handle sources.list.d esm snippet when release upgrading from precise
    - ua status now reports availability of services even in unattached state
    - the "ua status" output was changed, including the json format option
    - drop "ua status" call in postinst as it now requires internet access and
      that is restricted in LP builders and test runners.
    - fix the d/t/usage DEP8 test that was also using status

ubuntu-advantage-tools (19.5.1) eoan; urgency=medium

  * d/t/usage: fix dep8 test ("entitlements" was renamed to "services")

ubuntu-advantage-tools (19.5) eoan; urgency=medium

  * New upstream release (LP: #1832757):
    - packaging:
      + d/control: depend on libapt-pkg<ABI_VERSION> to use pin-priority never
      + d/postinst: adjust logfile permissions
      + d/postinst: remove public files and generate status cache on upgrade
      + d/postinst: Remove the old CACHE_DIR in postinst
      + d/postrm: remove log files on package purge
      + d/postrm: remove the ESM pinning file on purge
      + trusty should remove v1 esm key if present after upgrade
      + keyrings: regenerate keyrings on a trusty host
      + refresh keyrings to match current production for fips and cc-eal
    - apt:
      + all repo entitlements now call apt-get update on enable
      + enable -updates if -updates from the Ubuntu archive is enabled
      + Add basic i18n (good enough for lang packs)
      + retry apt install and update commands 3 times simple backoff
      + write commented -updates lines instead of omitting them
    - attach/detach:
      + added --no-auto-enable option
      + suppress messages from inapplicable default entitlements
      + two-factor auth reprompt only two-factor auth on failed 2fa
      + honour enableByDefault obligations from contract server
      + livepatch: no auto-enable on attach for trusty
      + don't attempt to disable inapplicable entitlements during detach
      + check for root before checking for attach in assert_attached_root
    - status:
      + add --json cli formatting option
      + emit a SERVICE header in status output
      + redact technical support and expiry for free contracts
      + unentitled services will report n/a
    - cc-eal:
      + add a warning about download size before install
      + change cc to cc-eal in docs, parameters and commandline help
    - esm:
      + add esm-v2 gpg keyring, drop old keyring, ignore aptKey directive
      + and livepatch auto enabled on attach where supported
      + on upgrade do not install preferences to pin never if esm enabled
      + remove only the apt auth entry on disable, leaving sources.list
      + use Pin-Priority never apt preference file to disable esm initially
    - fips:
      + display as pending when linux-fips is not the running kernel
      + only install/upgrade optional packages that are already on the system
    - logs:
      + no longer redact secrets as logfile is root read-only
      + separate console log devel from logfile level
      + remove level from messages to the console
    - add subcommand to refresh all contract details
    - config: allow contract_url and sso_auth_url to have a trailing slash
    - docker: fix persisting generated uuid on images without machine-id files
    - environ: allow lowercase ua_<config_option> overrides
    - repo: un-comment ESM sources.list lines on repo disable
    - updated manpage and help docs

ubuntu-advantage-tools (19.4.1) eoan; urgency=medium

  * apt-hook: Add missing headers for APT 1.9

ubuntu-advantage-tools (19.4) disco; urgency=medium

  * Drop the self-test assert in the apt-hook, it's making the subiquity
    server install fail (LP: #1824523)

ubuntu-advantage-tools (19.3) disco; urgency=medium

  * apt-hook: Do not crash/fail if we can't read /proc/self/status
    (LP: #1824523)

ubuntu-advantage-tools (19.2) disco; urgency=medium

  * Ubuntu Advantage Tools rewrite in Python (LP: #1814157):
    - Allow attaching a system to a contract or account
    - More complete status output, dropping MOTD updates
    - Easily enable and disable services offered

ubuntu-advantage-tools (18) bionic; urgency=medium

  * Have ua status cope with the additional livepatch of running a kernel
    that is not supported for livepatches.
  * Have an option for enable-livepatch to install a compatible kernel if
    needed.

  [ Vineetha Kamath ]
  * Add support to common criteria EAL2 artifacts installation #144

 -- Lucas Moura <email address hidden>  Fri, 15 Jan 2021 10:44:55 -0300

Available diffs

Builds

Built packages

Package files