-
Notifications
You must be signed in to change notification settings - Fork 858
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ubuntu/focal: 24.3.1 upstream snapshot release #5679
Commits on Aug 6, 2024
-
Configuration menu - View commit details
-
Copy full SHA for d396de1 - Browse repository at this point
Copy the full SHA d396de1View commit details -
azure: check azure-proxy-agent status (canonical#5138)
Azure Guest Proxy Agent is a new feature in Azure that offers a key exchange protocol to secure communication between guest and host using eBPF. Add opt-in feature which enables the Azure Guest Proxy Agent when ovf-env.xml has ProvisionGuestProxyAgent=True. Report provisioning failures if ProvisionGuestProxyAgent is enabled but images do not have azure-proxy-agent installed or functional.
Configuration menu - View commit details
-
Copy full SHA for b71f48f - Browse repository at this point
Copy the full SHA b71f48fView commit details -
Configuration menu - View commit details
-
Copy full SHA for f93a6b5 - Browse repository at this point
Copy the full SHA f93a6b5View commit details
Commits on Aug 7, 2024
-
fix: Fix ftp failures (canonical#5585)
- fix exception handling when retr fails - test: Close connection on failure - test: Ensure server is running before it is queried
Configuration menu - View commit details
-
Copy full SHA for 7532589 - Browse repository at this point
Copy the full SHA 7532589View commit details -
fix: Fix tests which have outdated strings (canonical#5585)
User output and service names recently changed.
Configuration menu - View commit details
-
Copy full SHA for acf04d6 - Browse repository at this point
Copy the full SHA acf04d6View commit details -
feat(snap): avoid refresh on package_upgrade: true and refresh.hold (c…
…anonical#5426) When snap refresh.hold is set to forever, an admin is saying they do not want generic automated refreshes of snaps performed by default. This should be an indicator to cloud-init to avoid calling snap refresh on such systems due to a `package_upgrade: true` present in user-data. For network-limited environments with images which have the snap package manager but don't want to wait and timeout on snap refresh, the following user-data can be provided to still allow for package_upgrade: true, and avoid a 20-30 second wait on snaps being unable to access certain snap URLs. #cloud-config package_upgrade: true snap: commands: 00: snap refresh --hold=forever cloud-init now interrogates the state refresh.hold value by calling snap get system -d If snap refresh --hold was called in that environment to set 'forever', cloud-init will skip calling refresh and log the reason for skipping. We cannot honor short time-based refresh.holds because the snap services place a short hold in early boot anyway as systemd units startup. Fixes: canonicalGH-5290
Configuration menu - View commit details
-
Copy full SHA for 0787d62 - Browse repository at this point
Copy the full SHA 0787d62View commit details -
fix: read_optional_seed to set network-config when present (canonical…
Configuration menu - View commit details
-
Copy full SHA for edd92b7 - Browse repository at this point
Copy the full SHA edd92b7View commit details
Commits on Aug 9, 2024
-
Revert "fix(vmware): Set IPv6 to dhcp when there is no IPv6 addr (can…
…onical#5471)" (canonical#5596) This reverts commit 2b6fe64. When there is no IPv6 set to dhcp explicitly, NetworkManager keyfile defaults to method=auto, may-fail=true. When there is Ipv6 set to dhcp explictily, NetworkManager keyfile will be set to method=auto, may-fail=false. The default settings are what we want, so revert the previous change to keep IPv6 not set explicitly.
Configuration menu - View commit details
-
Copy full SHA for 65014b9 - Browse repository at this point
Copy the full SHA 65014b9View commit details -
chore: add comment explaining the NetworkManager may-fail setting (ca…
…nonical#5598) chore: add comment explaining the NetworkManager may-fail setting The value of may-fail in network manager keyfile is a source of confusion as the default value of it is True for Network Manager and False for network manager renderer implementation. Add a comment to explain why the renderer sets may-fail to False in its implementation.
Configuration menu - View commit details
-
Copy full SHA for e3db1ad - Browse repository at this point
Copy the full SHA e3db1adView commit details
Commits on Aug 12, 2024
-
Configuration menu - View commit details
-
Copy full SHA for bd6cd1f - Browse repository at this point
Copy the full SHA bd6cd1fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6ae8f68 - Browse repository at this point
Copy the full SHA 6ae8f68View commit details -
doc(boot): Make first boot a dedicated page (canonical#5595)
Also shift the format page higher in the explanation page list, since this is a high traffic page.
Configuration menu - View commit details
-
Copy full SHA for 0014467 - Browse repository at this point
Copy the full SHA 0014467View commit details -
Configuration menu - View commit details
-
Copy full SHA for baeb35c - Browse repository at this point
Copy the full SHA baeb35cView commit details
Commits on Aug 13, 2024
-
chore(actions): add doc label for any doc related subdir file matches (…
…canonical#5602) Recently noticed that doc file changes in nested subdirs were not triggering documentation auto label. Example of subdir match at https://github.com/actions/labeler?tab=readme-ov-file#basic-examples
Configuration menu - View commit details
-
Copy full SHA for 4c96055 - Browse repository at this point
Copy the full SHA 4c96055View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8b11d99 - Browse repository at this point
Copy the full SHA 8b11d99View commit details -
Configuration menu - View commit details
-
Copy full SHA for 14edf67 - Browse repository at this point
Copy the full SHA 14edf67View commit details -
Configuration menu - View commit details
-
Copy full SHA for 07d0384 - Browse repository at this point
Copy the full SHA 07d0384View commit details -
Configuration menu - View commit details
-
Copy full SHA for dfcc2b8 - Browse repository at this point
Copy the full SHA dfcc2b8View commit details -
fix(systemd): Correct location of installed drop-in files(canonical#5615
) As noted in the systemd documentation, /etc is reserved for "System units created by the administrator" while the lib directory should be used by "System units installed by the distribution package manager". Fixes canonicalGH-5613
Configuration menu - View commit details
-
Copy full SHA for ac94539 - Browse repository at this point
Copy the full SHA ac94539View commit details
Commits on Aug 14, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 19a9cca - Browse repository at this point
Copy the full SHA 19a9ccaView commit details -
chore(tox.ini): Simplify configuration, fix minor bugs (canonical#5607)
When referencing a command from another environment, it will cause errors when the other environment already exists. Fix it by avoiding indirection in environment command definitions. Additionally, simplify envoronment dependency management by defining two lists of dependencies: a default one with pinned versions for all environments, and an unpinned on for "tip" environments. Several dependencies have been missed in the mypy envornments, so this should make it easier by standardizing environment dependencies to be consistent across environments.
Configuration menu - View commit details
-
Copy full SHA for 56dc23c - Browse repository at this point
Copy the full SHA 56dc23cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2bb49b4 - Browse repository at this point
Copy the full SHA 2bb49b4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 56658ec - Browse repository at this point
Copy the full SHA 56658ecView commit details -
ci: Drop Python 3.6 and 3.7 (canonical#5607)
Bump Ubuntu version for better pip dependency resolution.
Configuration menu - View commit details
-
Copy full SHA for e1845be - Browse repository at this point
Copy the full SHA e1845beView commit details -
Update behavior of base bond interface with NetworkManager (canonical…
…#5385) When using NetworkManager, if the base bond interface does not have subnet information configured, ensure it is disabled with respect to ipv4 and ipv6. Otherwise, the base bond interface defaults to 'auto' and will try to configure itself via DHCP. This is problematic when using a tagged VLAN interface on top of the bond as the base interface will try to configure itself via DHCP on the untagged VLAN.
Configuration menu - View commit details
-
Copy full SHA for 90a3190 - Browse repository at this point
Copy the full SHA 90a3190View commit details -
fix(nm): Ensure bond property name formatting matches schema definiti…
…on (canonical#5383) The cloud-init network config version 1 schema defines the bond properties with underscores, prepended with 'bond-'. This change ensures consistency with the schema for the bond property names. canonicalGH-5366
Configuration menu - View commit details
-
Copy full SHA for d79050d - Browse repository at this point
Copy the full SHA d79050dView commit details
Commits on Aug 15, 2024
-
tests: fix test_ca_certs.py for gcp (canonical#5621)
Avoid exclusive expectations that cloud-init is the only agent registering certificates in a system to /etc/ssl/certs/ca-certificates.crt. On Google Cloud Platform, Google Guest Agent does setup root certs which makes performing a checksum of ca-certificates.crt incorrect due to extra certs present in ca-certificates.crt. Adapt test to assert that cloud-init's cert is contained in ca-certificates.crt but not exclusive content of the file. Fixes canonicalGH-5609
Configuration menu - View commit details
-
Copy full SHA for 2e4c39b - Browse repository at this point
Copy the full SHA 2e4c39bView commit details -
feat: collect-logs improvements (canonical#5619)
* Collect sensitive data by default since we ask for it more often than not * Output warning that we're collecting sensitive data * Glob most of /run/cloud-init, /etc/cloud, and /var/lib/cloud * Stop creating empty directories in the tarball * Require running as root given that the logs are root read-only * Update apport accordingly Fixes canonicalGH-5297
Configuration menu - View commit details
-
Copy full SHA for c28092f - Browse repository at this point
Copy the full SHA c28092fView commit details
Commits on Aug 16, 2024
-
fix(wsl): Properly assemble multipart data (canonical#5538)
In the case of Pro, if either agent or user data is not cloud-config user-data, combine the parse in `self.userdata_raw` as a #include file so cloud-init transforms that internally into a multipart data. Avoid passing strings and lists directly, which confused the processor due the lack of a mime type. Being explicit about only loading text/cloud-config parts also allow other composition of cloud-init features to just work, like jinja templates. This error was surfaced when testing with empty Landscape data, but any non-text/cloud-config content type would trigger the same behavior. Add merge_agent_landscape_data to process agent.yaml or Landscape data and ignore any empty files present in .ubuntupro/.cloud-init/
Configuration menu - View commit details
-
Copy full SHA for 56aa706 - Browse repository at this point
Copy the full SHA 56aa706View commit details
Commits on Aug 19, 2024
-
doc(schema): schema descriptions should end with trailing stop (canon…
…ical#5562) Also emphasize ''users''.
Configuration menu - View commit details
-
Copy full SHA for 0a8bf72 - Browse repository at this point
Copy the full SHA 0a8bf72View commit details -
fix(doc): object type check if patternProperties or properties (canon…
…ical#5562) Without this fix, rendered module documentation was not rendering the following text for some objects: Each object in **<key_name>** list supports the following keys: See Rsyslog Config schema tab.
Configuration menu - View commit details
-
Copy full SHA for 24cdaa7 - Browse repository at this point
Copy the full SHA 24cdaa7View commit details -
fix(doc): doc of nested objects under JSON schema items.oneOf (canoni…
…cal#5562) Document any keys of objects in a list which allows for objects as one of the alternative types allowed as a list item. Also, when documenting properties, ensure we skip documentation of either 'properties' or 'patternProperties' if those properties are declared in the hidden key. Fixes canonicalGH-5514
Configuration menu - View commit details
-
Copy full SHA for e14ce3d - Browse repository at this point
Copy the full SHA e14ce3dView commit details -
feat(doc): add env vars to debug config module doc builds (canonical#…
…5562) When running tox -e doc the following environment variables are supported: CLOUD_INIT_DEBUG_MODULE_DOC=cc_<module_id> CLOUD_INIT_DEBUG_MODULE_DOC_FILE=<file_path> The env var CLOUD_INIT_DEBUG_MODULE_DOC can be set to either a specific module id, such as cc_rsyslog, or 'all'. When set the rendered module documentation RST format is printed inline to stdout to allow for quick analysis of rendered content. Optionally, if CLOUD_INIT_DEBUG_MODULE_DOC_FILE is set to a writable file path, the output of the rendered content is written to that file instead. This supports development of docs and quick comparison of docs generated before and after a changeset.
Configuration menu - View commit details
-
Copy full SHA for fdccc61 - Browse repository at this point
Copy the full SHA fdccc61View commit details -
Configuration menu - View commit details
-
Copy full SHA for d85be37 - Browse repository at this point
Copy the full SHA d85be37View commit details -
Configuration menu - View commit details
-
Copy full SHA for a2193da - Browse repository at this point
Copy the full SHA a2193daView commit details
Commits on Aug 20, 2024
-
test: fix ca_certs int test (canonical#5626)
Remove additional \n which is not present if only one ca_cert is in the instance.
Configuration menu - View commit details
-
Copy full SHA for 79e5d31 - Browse repository at this point
Copy the full SHA 79e5d31View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0411057 - Browse repository at this point
Copy the full SHA 0411057View commit details -
Configuration menu - View commit details
-
Copy full SHA for ca9ffac - Browse repository at this point
Copy the full SHA ca9ffacView commit details
Commits on Aug 21, 2024
-
test: fix test_honor_cloud_dir int test (canonical#5627)
Align integration test with c28092f.
Configuration menu - View commit details
-
Copy full SHA for c6ba0df - Browse repository at this point
Copy the full SHA c6ba0dfView commit details -
test: fix cmd/test_schema int test (canonical#5629)
Adapt to new annotation formating from a2193da.
Configuration menu - View commit details
-
Copy full SHA for 8f741da - Browse repository at this point
Copy the full SHA 8f741daView commit details
Commits on Aug 26, 2024
-
fix(tests): use instance.clean/restart instead of clean --reboot (can…
…onical#5636) Directly calling execute("cloud-init clean --logs --reboot") on an integration instances also involves awaiting a new boot id upon next interaction with with instance to ensure a reboot has actually taken place already on this target machine. Slow responding test instances/platforms may not completed the shutdown restart sequence yet when trying to iteract with an immediate blocking call to execut("cloud-init status --wait") which may exit early if accessing the prior instance boot before the reboot occurred. It is preferable to use inspect /proc/sys/kernel/random/boot_id before issuing a reboot request and block until a delta is seen in boot_id. This blocking wait on reboot and new boot_id is encapsulated inside pycloudlib.BaseInstance.restart which will inspect /proc/sys/kernel/random/boot_id before restart and block until a delta in boot_id across the requested restart. Fix test_status_block_through_all_boot_status to call instance.clean() and restart() to ensure we do not beat the instance reboot race with our post-boot assertions.
Configuration menu - View commit details
-
Copy full SHA for 6e4343e - Browse repository at this point
Copy the full SHA 6e4343eView commit details
Commits on Aug 27, 2024
-
feat(azure): add PPS support for azure-proxy-agent (canonical#5601)
Add PPS support for azure-proxy agent and improve error logging.
Configuration menu - View commit details
-
Copy full SHA for a38d6da - Browse repository at this point
Copy the full SHA a38d6daView commit details -
fix(sources/wsl): no error with empty .cloud-init dir (SC-1862) (cano…
…nical#5633) Do not treat the emptiness of .cloud-init/ as an error in the logs if agent.yaml is present. Fixes canonicalGH-5632
Configuration menu - View commit details
-
Copy full SHA for bbdfe36 - Browse repository at this point
Copy the full SHA bbdfe36View commit details -
feat: add automation for ubuntu/* branches asserting quilt patches ap…
…ply (canonical#5622) Perform the same steps that cloud-init daily recipe builds performs to assert any packaging branch updates will not break daily builds due to quilt patch apply issues. Steps of daily build recipe reflected in this workflow: - checkout main - merge packaging branch topmost commit - quilt push -a - run unittests (via tox -e py3) - quilt pop -a
Configuration menu - View commit details
-
Copy full SHA for 8bc3e42 - Browse repository at this point
Copy the full SHA 8bc3e42View commit details
Commits on Aug 29, 2024
-
tests: assert cloud-init user-data cert is the only root cert (canoni…
…cal#5641) Reintroduce strict assert that cloud-init's cert in userdata is the only root cert defined on the platform. Google guest agent was installed a secondary root cert in ca_certifications.crt for a period of time and this was determined to be less than ideal practice. Allow cloud-init's integration tests to remain strict validation of cert checksum to provide a signal if other platforms or agents attempt to extend or alter the system-wide CA.
Configuration menu - View commit details
-
Copy full SHA for fa042b8 - Browse repository at this point
Copy the full SHA fa042b8View commit details -
fix: cc_user_groups incorrectly assumes "useradd" never locks passwor…
…d field (canonical#5355) Currently cc_user_groups assumes that "useradd" never locks the password field of newly created users. This is an incorrect assumption. Change add_user (in both __init__.py and alpine.py) to explicitly call either lock_passwd or unlock_passwd at all times to achieve the desired final result. For existing users with empty or empty locked passwords, no password unlock will be performed and warnings will be issued. To support empty password validation, provide functionality to parse /etc/shadow and /var/lib/extrausers/shadow to assert existing users do not have empty passwords before unlocking. Additionally in this commit: - add NetworkBSD.ifs property to avoid subp side-effect in ___init__ which calls ifconfig -a at every instance initialization Useradd background: From the useradd manpage: '-p, --password PASSWORD The encrypted password, as returned by crypt(3). The default is to disable the password.' That is, if cloud-init runs 'useradd' but does not pass it the "-p" option (with an encrypted password) then the new user's password field will be locked by "useradd". cloud-init only passes the "-p" option when calling "useradd" when user-data specifies the "passwd" option for a new user. For user-data that specifies either the "hashed_passwd" or "plain_text_passwd" options instead then cloud-init calls "useradd" without the "-p" option and so the password field of such a user will be locked by "useradd". For user-data that specifies "hashed_passwd" for a new user then "useradd" is called with no "-p" option, so causing "useradd" to lock the password field, however then cloud-init calls "chpasswd -e" to set the encrypted password which also results in the password field being unlocked. For user-data that specifies either "plain_text_passwd" for a new user then "useradd" is called with no "-p" option, so causing "useradd" to lock the password. cloud-init then calls "chpasswd" to set the password which also results in the password field being unlocked. For user-data that specifies no password at all for a new user then "useradd" is called with no "-p" option, so causing "useradd" to lock the password. The password field is left locked. In all the above scenarios "passwd -l" may be called later by cloud-init to enforce "lock_passwd: true"). Conversely where "lock_passwd: false" applies the above "usermod" situation (for "hash_passwd", "plain_text_passwd" or no password) means that newly created users may have password fields locked when they should be unlocked. For Alpine, "adduser" does not support any form of password being passed and it always locks the password field (the same point applies about password field being unlocked when/if "chpasswd" is called). Therefore in some situations (i.e. no password specified in user-data) the password needs to be unlocked if "lock_passwd: false".
Configuration menu - View commit details
-
Copy full SHA for 6d644e6 - Browse repository at this point
Copy the full SHA 6d644e6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 93f30bb - Browse repository at this point
Copy the full SHA 93f30bbView commit details
Commits on Aug 30, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 5ff1a4a - Browse repository at this point
Copy the full SHA 5ff1a4aView commit details -
Bump the version in cloudinit/version.py to 24.3 and update ChangeLog.
Configuration menu - View commit details
-
Copy full SHA for 10449cb - Browse repository at this point
Copy the full SHA 10449cbView commit details
Commits on Sep 4, 2024
-
fix(netops): fix ip addr flush command (canonical#5651)
Drop unnecessary environment variable. Fixes canonicalGH-5648
Configuration menu - View commit details
-
Copy full SHA for 6963dcc - Browse repository at this point
Copy the full SHA 6963dccView commit details -
Configuration menu - View commit details
-
Copy full SHA for 92e380e - Browse repository at this point
Copy the full SHA 92e380eView commit details -
Release 24.3.1 (canonical#5375)
Bump the version in cloudinit/version.py to 24.3.1 and update ChangeLog.
Configuration menu - View commit details
-
Copy full SHA for 337c651 - Browse repository at this point
Copy the full SHA 337c651View commit details
Commits on Sep 6, 2024
-
Configuration menu - View commit details
-
Copy full SHA for b000125 - Browse repository at this point
Copy the full SHA b000125View commit details -
Configuration menu - View commit details
-
Copy full SHA for 52f8bee - Browse repository at this point
Copy the full SHA 52f8beeView commit details -
refresh patches against 24.3.1
patches: debian/patches/cli-retain-file-argument-as-main-cmd-arg.patch debian/patches/drop-unsupported-systemd-condition-environment.patch debian/patches/netplan99-cannot-use-default.patch debian/patches/no-nocloud-network.patch debian/patches/no-single-process.patch debian/patches/revert-551f560d-cloud-config-after-snap-seeding.patch
Configuration menu - View commit details
-
Copy full SHA for 6915279 - Browse repository at this point
Copy the full SHA 6915279View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8fccf14 - Browse repository at this point
Copy the full SHA 8fccf14View commit details -
fix(no-single-process.patch): revert references to cloud-init-network
Revert remaning functional references to cloud-init-network service which will not exist on stable releases.
Configuration menu - View commit details
-
Copy full SHA for 18a645e - Browse repository at this point
Copy the full SHA 18a645eView commit details
Commits on Sep 9, 2024
-
Configuration menu - View commit details
-
Copy full SHA for bd7f0ee - Browse repository at this point
Copy the full SHA bd7f0eeView commit details -
Configuration menu - View commit details
-
Copy full SHA for 29ed383 - Browse repository at this point
Copy the full SHA 29ed383View commit details