From eed84a210ffbcc4c2c522947335c76980e6ee435f44ab8eaa63dbac346177908 Mon Sep 17 00:00:00 2001 From: Robert Schweikert Date: Thu, 16 Nov 2023 13:51:30 +0000 Subject: [PATCH] =?UTF-8?q?-=20Update=20to=20version=2023.3=20(bsc#1216011?= =?UTF-8?q?,=20bsc#1215794)=20=20=20+=20Remove=20patches=20included=20upst?= =?UTF-8?q?ream:=20=20=20=20=20-=20cloud-init-fix-ca-test.patch=20=20=20?= =?UTF-8?q?=20=20-=20cloud-init-cve-2023-1786-redact-instance-data-json-ma?= =?UTF-8?q?in.patch=20=20=20=20=20-=20cloud-init-power-rhel-only.patch=20?= =?UTF-8?q?=20=20=20=20-=20cloud-init-flake8-fixes.patch=20=20=20+=20Add?= =?UTF-8?q?=20=20=20=20=20-=20cloud-init-keep-flake.patch=20=20=20=20=20-?= =?UTF-8?q?=20cloud-init-lint-fixes.patch=20=20=20+=20Update=20=20=20=20?= =?UTF-8?q?=20-=20cloud-init-write-routes.patch=20(bsc#1216007)=20=20=20+?= =?UTF-8?q?=20Bump=20pycloudlib=20to=201!5.1.0=20for=20ec2=20mantic=20dail?= =?UTF-8?q?y=20image=20support=20(#4390)=20=20=20+=20Fix=20cc=5Fkeyboard?= =?UTF-8?q?=20in=20mantic=20(LP:=20#2030788)=20=20=20+=20ec2:=20initialize?= =?UTF-8?q?=20get=5Finstance=5Fuserdata=20return=20value=20to=20bytes=20(#?= =?UTF-8?q?4387)=20=20=20=20=20[Noah=20Meyerhans]=20=20=20+=20cc=5Fusers?= =?UTF-8?q?=5Fgroups:=20Add=20doas/opendoas=20support=20(#4363)=20[dermotb?= =?UTF-8?q?radley]=20=20=20+=20Fix=20pip-managed=20ansible=20=20=20+=20sta?= =?UTF-8?q?tus:=20treat=20SubState=3Drunning=20and=20MainPID=3D0=20as=20se?= =?UTF-8?q?rvice=20exited=20=20=20+=20azure/imds:=20increase=20read-timeou?= =?UTF-8?q?t=20to=2030s=20(#4372)=20[Chris=20Patterson]=20=20=20+=20collec?= =?UTF-8?q?t-logs=20fix=20memory=20usage=20(SC-1590)=20(#4289)=20=20=20=20?= =?UTF-8?q?=20[Alec=20Warren]=20(LP:=20#1980150)=20=20=20+=20cc=5Fmounts:?= =?UTF-8?q?=20Use=20fallocate=20to=20create=20swapfile=20on=20btrfs=20(#43?= =?UTF-8?q?69)=20[=E7=8E=8B=E7=85=8E=E9=A5=BC]=20=20=20+=20Undocument=20no?= =?UTF-8?q?cloud-net=20(#4318)=20=20=20+=20feat(akamai):=20add=20akamai=20?= =?UTF-8?q?to=20settings.py=20and=20apport.py=20(#4370)=20=20=20+=20read-v?= =?UTF-8?q?ersion:=20fallback=20to=20get=5Fversion=20when=20git=20describe?= =?UTF-8?q?=20fails=20(#4366)=20=20=20+=20apt:=20fix=20cloud-init=20status?= =?UTF-8?q?=20--wait=20blocking=20on=20systemd=20v=20253=20(#4364)=20=20?= =?UTF-8?q?=20+=20integration=20tests:=20Pass=20username=20to=20pycloudlib?= =?UTF-8?q?=20(#4324)=20=20=20+=20Bump=20pycloudlib=20to=201!5.1.0=20(#435?= =?UTF-8?q?3)=20=20=20+=20cloud.cfg.tmpl:=20reorganise,=20minimise/reduce?= =?UTF-8?q?=20duplication=20(#4272)=20=20=20=20=20[dermotbradley]?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OBS-URL: https://build.opensuse.org/package/show/Cloud:Tools/cloud-init?expand=0&rev=216 --- cloud-init-23.1.tar.gz | 3 - cloud-init-23.3.tar.gz | 3 + ...-1786-redact-instance-data-json-main.patch | 175 -------- cloud-init-fix-ca-test.patch | 18 - cloud-init-flake8-fixes.patch | 60 --- cloud-init-keep-flake.patch | 11 + cloud-init-lint-fixes.patch | 412 ++++++++++++++++++ cloud-init-power-rhel-only.patch | 19 - cloud-init-write-routes.patch | 22 +- cloud-init.changes | 326 +++++++++++++- cloud-init.spec | 27 +- 11 files changed, 773 insertions(+), 303 deletions(-) delete mode 100644 cloud-init-23.1.tar.gz create mode 100644 cloud-init-23.3.tar.gz delete mode 100644 cloud-init-cve-2023-1786-redact-instance-data-json-main.patch delete mode 100644 cloud-init-fix-ca-test.patch delete mode 100644 cloud-init-flake8-fixes.patch create mode 100644 cloud-init-keep-flake.patch create mode 100644 cloud-init-lint-fixes.patch delete mode 100644 cloud-init-power-rhel-only.patch diff --git a/cloud-init-23.1.tar.gz b/cloud-init-23.1.tar.gz deleted file mode 100644 index 4c729b5..0000000 --- a/cloud-init-23.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7d6a13210c9fc82c82e471c335de9fbb53ccd63ac92c1d1c462a6e5c8e992ebc -size 1540625 diff --git a/cloud-init-23.3.tar.gz b/cloud-init-23.3.tar.gz new file mode 100644 index 0000000..d8a5acc --- /dev/null +++ b/cloud-init-23.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1a5a54369f78891b79f43061c1ff0fb31e2bd74ff9527d7150ddd6517c3e2b07 +size 5720790 diff --git a/cloud-init-cve-2023-1786-redact-instance-data-json-main.patch b/cloud-init-cve-2023-1786-redact-instance-data-json-main.patch deleted file mode 100644 index 67ea4e7..0000000 --- a/cloud-init-cve-2023-1786-redact-instance-data-json-main.patch +++ /dev/null @@ -1,175 +0,0 @@ ---- cloudinit/sources/DataSourceLXD.py.orig -+++ cloudinit/sources/DataSourceLXD.py -@@ -173,6 +173,8 @@ class DataSourceLXD(sources.DataSource): - "user.meta-data", - "user.vendor-data", - "user.user-data", -+ "cloud-init.user-data", -+ "cloud-init.vendor-data", - ) - - skip_hotplug_detect = True ---- cloudinit/sources/DataSourceVultr.py.orig -+++ cloudinit/sources/DataSourceVultr.py -@@ -5,6 +5,8 @@ - # Vultr Metadata API: - # https://www.vultr.com/metadata/ - -+from typing import Tuple -+ - import cloudinit.sources.helpers.vultr as vultr - from cloudinit import log as log - from cloudinit import sources, util, version -@@ -27,6 +29,9 @@ BUILTIN_DS_CONFIG = { - class DataSourceVultr(sources.DataSource): - - dsname = "Vultr" -+ sensitive_metadata_keys: \ -+ Tuple[str, ...] = \ -+ sources.DataSource.sensitive_metadata_keys + ("startup-script",) - - def __init__(self, sys_cfg, distro, paths): - super(DataSourceVultr, self).__init__(sys_cfg, distro, paths) -@@ -54,13 +59,8 @@ class DataSourceVultr(sources.DataSource - self.get_datasource_data(self.metadata) - - # Dump some data so diagnosing failures is manageable -- LOG.debug("Vultr Vendor Config:") -- LOG.debug(util.json_dumps(self.metadata["vendor-data"])) - LOG.debug("SUBID: %s", self.metadata["instance-id"]) - LOG.debug("Hostname: %s", self.metadata["local-hostname"]) -- if self.userdata_raw is not None: -- LOG.debug("User-Data:") -- LOG.debug(self.userdata_raw) - - return True - -@@ -146,7 +146,4 @@ if __name__ == "__main__": - config = md["vendor-data"] - sysinfo = vultr.get_sysinfo() - -- print(util.json_dumps(sysinfo)) -- print(util.json_dumps(config)) -- - # vi: ts=4 expandtab ---- cloudinit/sources/__init__.py.orig -+++ cloudinit/sources/__init__.py -@@ -132,6 +132,12 @@ def redact_sensitive_keys(metadata, reda - - Replace any keys values listed in 'sensitive_keys' with redact_value. - """ -+ # While 'sensitive_keys' should already sanitized to only include what -+ # is in metadata, it is possible keys will overlap. For example, if -+ # "merged_cfg" and "merged_cfg/ds/userdata" both match, it's possible that -+ # "merged_cfg" will get replaced first, meaning "merged_cfg/ds/userdata" -+ # no longer represents a valid key. -+ # Thus, we still need to do membership checks in this function. - if not metadata.get("sensitive_keys", []): - return metadata - md_copy = copy.deepcopy(metadata) -@@ -139,9 +145,14 @@ def redact_sensitive_keys(metadata, reda - path_parts = key_path.split("/") - obj = md_copy - for path in path_parts: -- if isinstance(obj[path], dict) and path != path_parts[-1]: -+ if ( -+ path in obj -+ and isinstance(obj[path], dict) -+ and path != path_parts[-1] -+ ): - obj = obj[path] -- obj[path] = redact_value -+ if path in obj: -+ obj[path] = redact_value - return md_copy - - -@@ -249,6 +260,14 @@ class DataSource(CloudInitPickleMixin, m - sensitive_metadata_keys: Tuple[str, ...] = ( - "merged_cfg", - "security-credentials", -+ "userdata", -+ "user-data", -+ "user_data", -+ "vendordata", -+ "vendor-data", -+ # Provide ds/vendor_data to avoid redacting top-level -+ # "vendor_data": {enabled: True} -+ "ds/vendor_data", - ) - - # True on datasources that may not see hotplugged devices reflected ---- cloudinit/stages.py.orig -+++ cloudinit/stages.py -@@ -203,7 +203,9 @@ class Init: - util.ensure_dirs(self._initial_subdirs()) - log_file = util.get_cfg_option_str(self.cfg, "def_log_file") - if log_file: -- util.ensure_file(log_file, mode=0o640, preserve_mode=True) -+ # At this point the log file should have already been created -+ # in the setupLogging function of log.py -+ util.ensure_file(log_file, mode=0o640, preserve_mode=False) - perms = self.cfg.get("syslog_fix_perms") - if not perms: - perms = {} ---- tests/unittests/sources/test_init.py.orig -+++ tests/unittests/sources/test_init.py -@@ -464,6 +464,12 @@ class TestDataSource(CiTestCase): - ( - "merged_cfg", - "security-credentials", -+ "userdata", -+ "user-data", -+ "user_data", -+ "vendordata", -+ "vendor-data", -+ "ds/vendor_data", - ), - datasource.sensitive_metadata_keys, - ) -@@ -574,6 +580,12 @@ class TestDataSource(CiTestCase): - ( - "merged_cfg", - "security-credentials", -+ "userdata", -+ "user-data", -+ "user_data", -+ "vendordata", -+ "vendor-data", -+ "ds/vendor_data", - ), - datasource.sensitive_metadata_keys, - ) ---- tests/unittests/test_stages.py.orig -+++ tests/unittests/test_stages.py -@@ -606,19 +606,23 @@ class TestInit_InitializeFilesystem: - # Assert we create it 0o640 by default if it doesn't already exist - assert 0o640 == stat.S_IMODE(log_file.stat().mode) - -- def test_existing_file_permissions_are_not_modified(self, init, tmpdir): -- """If the log file already exists, we should not modify its permissions -+ def test_existing_file_permissions(self, init, tmpdir): -+ """Test file permissions are set as expected. -+ -+ CIS Hardening requires 640 permissions. These permissions are -+ currently hardcoded on every boot, but if there's ever a reason -+ to change this, we need to then ensure that they -+ are *not* set every boot. - - See https://bugs.launchpad.net/cloud-init/+bug/1900837. - """ -- # Use a mode that will never be made the default so this test will -- # always be valid -- mode = 0o606 - log_file = tmpdir.join("cloud-init.log") - log_file.ensure() -- log_file.chmod(mode) -+ # Use a mode that will never be made the default so this test will -+ # always be valid -+ log_file.chmod(0o606) - init._cfg = {"def_log_file": str(log_file)} - - init._initialize_filesystem() - -- assert mode == stat.S_IMODE(log_file.stat().mode) -+ assert 0o640 == stat.S_IMODE(log_file.stat().mode) diff --git a/cloud-init-fix-ca-test.patch b/cloud-init-fix-ca-test.patch deleted file mode 100644 index 5b80605..0000000 --- a/cloud-init-fix-ca-test.patch +++ /dev/null @@ -1,18 +0,0 @@ ---- tests/unittests/config/test_cc_ca_certs.py.orig -+++ tests/unittests/config/test_cc_ca_certs.py -@@ -311,6 +311,7 @@ class TestRemoveDefaultCaCerts(TestCase) - "cloud_dir": tmpdir, - } - ) -+ self.add_patch("cloudinit.config.cc_ca_certs.os.stat", "m_stat") - - def test_commands(self): - ca_certs_content = "# line1\nline2\nline3\n" -@@ -318,6 +319,7 @@ class TestRemoveDefaultCaCerts(TestCase) - "# line1\n# Modified by cloud-init to deselect certs due to" - " user-data\n!line2\n!line3\n" - ) -+ self.m_stat.return_value.st_size = 1 - - for distro_name in cc_ca_certs.distros: - conf = cc_ca_certs._distro_ca_certs_configs(distro_name) diff --git a/cloud-init-flake8-fixes.patch b/cloud-init-flake8-fixes.patch deleted file mode 100644 index 052cc0f..0000000 --- a/cloud-init-flake8-fixes.patch +++ /dev/null @@ -1,60 +0,0 @@ ---- cloudinit/net/eni.py.orig -+++ cloudinit/net/eni.py -@@ -81,7 +81,7 @@ def _iface_add_subnet(iface, subnet): - if key == "address": - value = "%s/%s" % (subnet["address"], subnet["prefix"]) - if value and key in valid_map: -- if type(value) == list: -+ if isinstance(value, list): - value = " ".join(value) - if "_" in key: - key = key.replace("_", "-") -@@ -126,7 +126,7 @@ def _iface_add_attrs(iface, index, ipv4_ - - for key, value in iface.items(): - # convert bool to string for eni -- if type(value) == bool: -+ if isinstance(value, bool): - value = "on" if iface[key] else "off" - if not value or key in ignore_map: - continue -@@ -144,7 +144,7 @@ def _iface_add_attrs(iface, index, ipv4_ - for v in value: - content.append(" {0} {1}".format(renames.get(key, key), v)) - continue -- if type(value) == list: -+ if isinstance(value, list): - value = " ".join(value) - content.append(" {0} {1}".format(renames.get(key, key), value)) - ---- cloudinit/net/network_state.py.orig -+++ cloudinit/net/network_state.py -@@ -559,7 +559,7 @@ class NetworkStateInterpreter(metaclass= - - # convert value to boolean - bridge_stp = iface.get("bridge_stp") -- if bridge_stp is not None and type(bridge_stp) != bool: -+ if bridge_stp is not None and not isinstance(bridge_stp, bool): - if bridge_stp in ["on", "1", 1]: - bridge_stp = True - elif bridge_stp in ["off", "0", 0]: -@@ -582,7 +582,7 @@ class NetworkStateInterpreter(metaclass= - search = [] - if "address" in command: - addrs = command["address"] -- if not type(addrs) == list: -+ if not isinstance(addrs, list): - addrs = [addrs] - for addr in addrs: - nameservers.append(addr) ---- cloudinit/sources/helpers/netlink.py.orig -+++ cloudinit/sources/helpers/netlink.py -@@ -137,7 +137,7 @@ def unpack_rta_attr(data, offset): - :raises: AssertionError if data is None or offset is not integer. - """ - assert data is not None, "data is none" -- assert type(offset) == int, "offset is not integer" -+ assert isinstance(offset, int), "offset is not integer" - assert ( - offset >= RTATTR_START_OFFSET - ), "rta offset is less than expected length" diff --git a/cloud-init-keep-flake.patch b/cloud-init-keep-flake.patch new file mode 100644 index 0000000..51ebf06 --- /dev/null +++ b/cloud-init-keep-flake.patch @@ -0,0 +1,11 @@ +--- tools/run-lint.orig ++++ tools/run-lint +@@ -11,7 +11,7 @@ else + files=( "$@" ) + fi + +-cmd=( "python3" -m "ruff" "${files[@]}" ) ++cmd=( "python3" -m "flake8" "${files[@]}" ) + + echo "Running: " "${cmd[@]}" 1>&2 + exec "${cmd[@]}" diff --git a/cloud-init-lint-fixes.patch b/cloud-init-lint-fixes.patch new file mode 100644 index 0000000..3241fcf --- /dev/null +++ b/cloud-init-lint-fixes.patch @@ -0,0 +1,412 @@ +--- cloudinit/cmd/main.py.orig ++++ cloudinit/cmd/main.py +@@ -28,26 +28,27 @@ from cloudinit.config.modules import Mod + + patcher.patch_logging() + +-from cloudinit.config.schema import validate_cloudconfig_schema +-from cloudinit import log as logging +-from cloudinit import netinfo +-from cloudinit import signal_handler +-from cloudinit import sources +-from cloudinit import stages +-from cloudinit import url_helper +-from cloudinit import util +-from cloudinit import version +-from cloudinit import warnings +- +-from cloudinit import reporting +-from cloudinit.reporting import events ++from cloudinit.config.schema import validate_cloudconfig_schema # noqa: E402 ++from cloudinit import log as logging # noqa: E402 ++from cloudinit import netinfo # noqa: E402 ++from cloudinit import signal_handler # noqa: E402 ++from cloudinit import sources # noqa: E402 ++from cloudinit import stages # noqa: E402 ++from cloudinit import url_helper # noqa: E402 ++from cloudinit import util # noqa: E402 ++from cloudinit import version # noqa: E402 ++from cloudinit import warnings # noqa: E402 ++ ++from cloudinit import reporting # noqa: E402 ++from cloudinit.reporting import events # noqa: E402 + +-from cloudinit.settings import PER_INSTANCE, PER_ALWAYS, PER_ONCE, CLOUD_CONFIG ++from cloudinit.settings import ( # noqa: E402 ++ PER_INSTANCE, PER_ALWAYS, PER_ONCE, CLOUD_CONFIG) # noqa: E402 + +-from cloudinit import atomic_helper ++from cloudinit import atomic_helper # noqa: E402 + +-from cloudinit.config import cc_set_hostname +-from cloudinit.cmd.devel import read_cfg_paths ++from cloudinit.config import cc_set_hostname # noqa: E402 ++from cloudinit.cmd.devel import read_cfg_paths # noqa: E402 + + + # Welcome message template +@@ -538,7 +539,7 @@ def di_report_warn(datasource, cfg): + # where Name is the thing that shows up in datasource_list. + modname = datasource.__module__.rpartition(".")[2] + if modname.startswith(sources.DS_PREFIX): +- modname = modname[len(sources.DS_PREFIX) :] ++ modname = modname[len(sources.DS_PREFIX):] + else: + LOG.warning( + "Datasource '%s' came from unexpected module '%s'.", +--- cloudinit/config/cc_apt_configure.py.orig ++++ cloudinit/config/cc_apt_configure.py +@@ -354,7 +354,7 @@ def mirrorurl_to_apt_fileprefix(mirror): + string = string[0:-1] + pos = string.find("://") + if pos >= 0: +- string = string[pos + 3 :] ++ string = string[pos + 3:] + string = string.replace("/", "_") + return string + +--- cloudinit/config/cc_ssh_authkey_fingerprints.py.orig ++++ cloudinit/config/cc_ssh_authkey_fingerprints.py +@@ -44,7 +44,7 @@ LOG = logging.getLogger(__name__) + def _split_hash(bin_hash): + split_up = [] + for i in range(0, len(bin_hash), 2): +- split_up.append(bin_hash[i : i + 2]) ++ split_up.append(bin_hash[i: i + 2]) + return split_up + + +--- cloudinit/config/modules.py.orig ++++ cloudinit/config/modules.py +@@ -39,7 +39,7 @@ class ModuleDetails(NamedTuple): + def form_module_name(name): + canon_name = name.replace("-", "_") + if canon_name.lower().endswith(".py"): +- canon_name = canon_name[0 : (len(canon_name) - 3)] ++ canon_name = canon_name[0: (len(canon_name) - 3)] + canon_name = canon_name.strip() + if not canon_name: + return None +--- cloudinit/distros/parsers/ifconfig.py.orig ++++ cloudinit/distros/parsers/ifconfig.py +@@ -140,7 +140,7 @@ class Ifconfig: + dev.index = int(toks[1]) + + if toks[0] == "description:": +- dev.description = line[line.index(":") + 2 :] ++ dev.description = line[line.index(":") + 2:] + + if ( + toks[0].startswith("options=") +@@ -165,7 +165,7 @@ class Ifconfig: + dev.groups += toks[1:] + + if toks[0] == "media:": +- dev.media = line[line.index(": ") + 2 :] ++ dev.media = line[line.index(": ") + 2:] + + if toks[0] == "nd6": + nd6_opts = re.split(r"<|>", toks[0]) +--- cloudinit/net/dhcp.py.orig ++++ cloudinit/net/dhcp.py +@@ -415,24 +415,24 @@ class IscDhclient(DhcpClient): + if len(tokens[idx:]) < req_toks: + _trunc_error(net_length, req_toks, len(tokens[idx:])) + return static_routes +- net_address = ".".join(tokens[idx + 1 : idx + 5]) +- gateway = ".".join(tokens[idx + 5 : idx + req_toks]) ++ net_address = ".".join(tokens[idx + 1: idx + 5]) ++ gateway = ".".join(tokens[idx + 5: idx + req_toks]) + current_idx = idx + req_toks + elif net_length in range(17, 25): + req_toks = 8 + if len(tokens[idx:]) < req_toks: + _trunc_error(net_length, req_toks, len(tokens[idx:])) + return static_routes +- net_address = ".".join(tokens[idx + 1 : idx + 4] + ["0"]) +- gateway = ".".join(tokens[idx + 4 : idx + req_toks]) ++ net_address = ".".join(tokens[idx + 1: idx + 4] + ["0"]) ++ gateway = ".".join(tokens[idx + 4: idx + req_toks]) + current_idx = idx + req_toks + elif net_length in range(9, 17): + req_toks = 7 + if len(tokens[idx:]) < req_toks: + _trunc_error(net_length, req_toks, len(tokens[idx:])) + return static_routes +- net_address = ".".join(tokens[idx + 1 : idx + 3] + ["0", "0"]) +- gateway = ".".join(tokens[idx + 3 : idx + req_toks]) ++ net_address = ".".join(tokens[idx + 1: idx + 3] + ["0", "0"]) ++ gateway = ".".join(tokens[idx + 3: idx + req_toks]) + current_idx = idx + req_toks + elif net_length in range(1, 9): + req_toks = 6 +@@ -440,9 +440,9 @@ class IscDhclient(DhcpClient): + _trunc_error(net_length, req_toks, len(tokens[idx:])) + return static_routes + net_address = ".".join( +- tokens[idx + 1 : idx + 2] + ["0", "0", "0"] ++ tokens[idx + 1: idx + 2] + ["0", "0", "0"] + ) +- gateway = ".".join(tokens[idx + 2 : idx + req_toks]) ++ gateway = ".".join(tokens[idx + 2: idx + req_toks]) + current_idx = idx + req_toks + elif net_length == 0: + req_toks = 5 +@@ -450,7 +450,7 @@ class IscDhclient(DhcpClient): + _trunc_error(net_length, req_toks, len(tokens[idx:])) + return static_routes + net_address = "0.0.0.0" +- gateway = ".".join(tokens[idx + 1 : idx + req_toks]) ++ gateway = ".".join(tokens[idx + 1: idx + req_toks]) + current_idx = idx + req_toks + else: + LOG.error( +--- cloudinit/net/network_state.py.orig ++++ cloudinit/net/network_state.py +@@ -135,7 +135,7 @@ class CommandHandlerMeta(type): + command_handlers = {} + for attr_name, attr in dct.items(): + if callable(attr) and attr_name.startswith("handle_"): +- handles_what = attr_name[len("handle_") :] ++ handles_what = attr_name[len("handle_"):] + if handles_what: + command_handlers[handles_what] = attr + dct["command_handlers"] = command_handlers +--- cloudinit/reporting/handlers.py.orig ++++ cloudinit/reporting/handlers.py +@@ -295,13 +295,13 @@ class HyperVKvpReportingHandler(Reportin + ) + ) + k = ( +- record_data[0 : self.HV_KVP_EXCHANGE_MAX_KEY_SIZE] ++ record_data[0: self.HV_KVP_EXCHANGE_MAX_KEY_SIZE] + .decode("utf-8") + .strip("\x00") + ) + v = ( + record_data[ +- self.HV_KVP_EXCHANGE_MAX_KEY_SIZE : self.HV_KVP_RECORD_SIZE ++ self.HV_KVP_EXCHANGE_MAX_KEY_SIZE: self.HV_KVP_RECORD_SIZE + ] + .decode("utf-8") + .strip("\x00") +@@ -320,7 +320,7 @@ class HyperVKvpReportingHandler(Reportin + def _break_down(self, key, meta_data, description): + del meta_data[self.MSG_KEY] + des_in_json = json.dumps(description) +- des_in_json = des_in_json[1 : (len(des_in_json) - 1)] ++ des_in_json = des_in_json[1: (len(des_in_json) - 1)] + i = 0 + result_array = [] + message_place_holder = '"' + self.MSG_KEY + '":""' +@@ -353,7 +353,7 @@ class HyperVKvpReportingHandler(Reportin + Values will be truncated as needed. + """ + if len(value) >= self.HV_KVP_AZURE_MAX_VALUE_SIZE: +- value = value[0 : self.HV_KVP_AZURE_MAX_VALUE_SIZE - 1] ++ value = value[0: self.HV_KVP_AZURE_MAX_VALUE_SIZE - 1] + + data = [self._encode_kvp_item(key, value)] + +--- cloudinit/sources/__init__.py.orig ++++ cloudinit/sources/__init__.py +@@ -747,7 +747,7 @@ class DataSource(CloudInitPickleMixin, m + if not short_name.startswith(nfrom): + continue + for nto in tlist: +- cand = "/dev/%s%s" % (nto, short_name[len(nfrom) :]) ++ cand = "/dev/%s%s" % (nto, short_name[len(nfrom):]) + if os.path.exists(cand): + return cand + return None +--- cloudinit/sources/helpers/azure.py.orig ++++ cloudinit/sources/helpers/azure.py +@@ -566,7 +566,7 @@ class OpenSSLManager: + """ + raw_fp = self._run_x509_action("-fingerprint", certificate) + eq = raw_fp.find("=") +- octets = raw_fp[eq + 1 : -1].split(":") ++ octets = raw_fp[eq + 1: -1].split(":") + return "".join(octets) + + @azure_ds_telemetry_reporter +--- cloudinit/sources/helpers/netlink.py.orig ++++ cloudinit/sources/helpers/netlink.py +@@ -150,7 +150,7 @@ def unpack_rta_attr(data, offset): + return None # Should mean our offset is >= remaining data + + # Unpack just the attribute's data. Offset by 4 to skip length/type header +- attr_data = data[offset + RTA_DATA_START_OFFSET : offset + length] ++ attr_data = data[offset + RTA_DATA_START_OFFSET: offset + length] + return RTAAttr(length, rta_type, attr_data) + + +--- cloudinit/ssh_util.py.orig ++++ cloudinit/ssh_util.py +@@ -659,7 +659,7 @@ def get_opensshd_version(): + prefix = "OpenSSH_" + for line in err.split("\n"): + if line.startswith(prefix): +- return line[len(prefix) : line.find(",")] ++ return line[len(prefix): line.find(",")] + return None + + +--- cloudinit/url_helper.py.orig ++++ cloudinit/url_helper.py +@@ -73,7 +73,7 @@ def read_file_or_url(url, **kwargs) -> U + if url.lower().startswith("file://"): + if kwargs.get("data"): + LOG.warning("Unable to post data to file resource %s", url) +- file_path = url[len("file://") :] ++ file_path = url[len("file://"):] + try: + with open(file_path, "rb") as fp: + contents = fp.read() +--- cloudinit/user_data.py.orig ++++ cloudinit/user_data.py +@@ -211,13 +211,13 @@ class UserDataProcessor: + for line in content.splitlines(): + lc_line = line.lower() + if lc_line.startswith("#include-once"): +- line = line[len("#include-once") :].lstrip() ++ line = line[len("#include-once"):].lstrip() + # Every following include will now + # not be refetched.... but will be + # re-read from a local urlcache (if it worked) + include_once_on = True + elif lc_line.startswith("#include"): +- line = line[len("#include") :].lstrip() ++ line = line[len("#include"):].lstrip() + # Disable the include once if it was on + # if it wasn't, then this has no effect. + include_once_on = False +--- cloudinit/util.py.orig ++++ cloudinit/util.py +@@ -1177,7 +1177,7 @@ def read_cc_from_cmdline(cmdline=None): + if end < 0: + end = clen + tokens.append( +- parse.unquote(cmdline[begin + begin_l : end].lstrip()).replace( ++ parse.unquote(cmdline[begin + begin_l: end].lstrip()).replace( + "\\n", "\n" + ) + ) +@@ -1724,7 +1724,7 @@ def get_output_cfg(cfg, mode): + found = False + for s in swlist: + if val.startswith(s): +- val = "%s %s" % (s, val[len(s) :].strip()) ++ val = "%s %s" % (s, val[len(s):].strip()) + found = True + break + if not found: +@@ -2362,7 +2362,7 @@ def shellify(cmdlist, add_header=True): + + def strip_prefix_suffix(line, prefix=None, suffix=None): + if prefix and line.startswith(prefix): +- line = line[len(prefix) :] ++ line = line[len(prefix):] + if suffix and line.endswith(suffix): + line = line[: -len(suffix)] + return line +@@ -2942,7 +2942,7 @@ def human2bytes(size): + for m in mpliers: + if size.endswith(m): + mplier = m +- num = size[0 : -len(m)] ++ num = size[0: -len(m)] + + try: + num = float(num) +@@ -3022,12 +3022,12 @@ def rootdev_from_cmdline(cmdline): + if found.startswith("/dev/"): + return found + if found.startswith("LABEL="): +- return "/dev/disk/by-label/" + found[len("LABEL=") :] ++ return "/dev/disk/by-label/" + found[len("LABEL="):] + if found.startswith("UUID="): +- return "/dev/disk/by-uuid/" + found[len("UUID=") :].lower() ++ return "/dev/disk/by-uuid/" + found[len("UUID="):].lower() + if found.startswith("PARTUUID="): + disks_path = ( +- "/dev/disk/by-partuuid/" + found[len("PARTUUID=") :].lower() ++ "/dev/disk/by-partuuid/" + found[len("PARTUUID="):].lower() + ) + if os.path.exists(disks_path): + return disks_path +--- setup.py.orig ++++ setup.py +@@ -187,7 +187,7 @@ elif os.path.isfile("/etc/system-release + else: + # String formatted CPE + inc = 1 +- (cpe_vendor, cpe_product, cpe_version) = cpe_data[2 + inc : 5 + inc] ++ (cpe_vendor, cpe_product, cpe_version) = cpe_data[2 + inc: 5 + inc] + if cpe_vendor == "amazon": + USR_LIB_EXEC = "usr/libexec" + +--- tests/unittests/helpers.py.orig ++++ tests/unittests/helpers.py +@@ -265,7 +265,7 @@ class FilesystemMockingTestCase(Resource + real_root = os.path.join(real_root, "roots", example_root) + for (dir_path, _dirnames, filenames) in os.walk(real_root): + real_path = dir_path +- make_path = rebase_path(real_path[len(real_root) :], target_root) ++ make_path = rebase_path(real_path[len(real_root):], target_root) + util.ensure_dir(make_path) + for f in filenames: + real_path = util.abs_join(real_path, f) +@@ -469,7 +469,7 @@ def dir2dict(startdir, prefix=None): + for root, _dirs, files in os.walk(startdir): + for fname in files: + fpath = os.path.join(root, fname) +- key = fpath[len(prefix) :] ++ key = fpath[len(prefix):] + flist[key] = util.load_file(fpath) + return flist + +--- tests/unittests/reporting/test_reporting_hyperv.py.orig ++++ tests/unittests/reporting/test_reporting_hyperv.py +@@ -293,7 +293,7 @@ class TextKvpReporter(CiTestCase): + reporter, + 2, + [ +- log_content[-azure.MAX_LOG_TO_KVP_LENGTH :].encode(), ++ log_content[-azure.MAX_LOG_TO_KVP_LENGTH:].encode(), + extra_content.encode(), + ], + ) +--- tests/unittests/sources/test_configdrive.py.orig ++++ tests/unittests/sources/test_configdrive.py +@@ -412,7 +412,7 @@ class TestConfigDriveDataSource(CiTestCa + } + for name, dev_name in name_tests.items(): + with ExitStack() as mocks: +- provided_name = dev_name[len("/dev/") :] ++ provided_name = dev_name[len("/dev/"):] + provided_name = "s" + provided_name[1:] + find_mock = mocks.enter_context( + mock.patch.object( +--- tests/unittests/sources/test_maas.py.orig ++++ tests/unittests/sources/test_maas.py +@@ -131,7 +131,7 @@ class TestMAASDataSource(CiTestCase): + if not url.startswith(prefix): + raise ValueError("unexpected call %s" % url) + +- short = url[len(prefix) :] ++ short = url[len(prefix):] + if short not in data: + raise url_helper.UrlError("not found", code=404, url=url) + return url_helper.StringResponse(data[short]) +--- tests/unittests/sources/test_smartos.py.orig ++++ tests/unittests/sources/test_smartos.py +@@ -766,7 +766,7 @@ class ShortReader: + rsize = next_null - self.index + 1 + i = self.index + self.index += rsize +- ret = self.data[i : i + rsize] ++ ret = self.data[i: i + rsize] + if len(ret) and ret[-1:] == self.endbyte: + ret = ret[:-1] + return ret diff --git a/cloud-init-power-rhel-only.patch b/cloud-init-power-rhel-only.patch deleted file mode 100644 index 12e99b0..0000000 --- a/cloud-init-power-rhel-only.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- cloudinit/config/cc_refresh_rmc_and_interface.py.orig -+++ cloudinit/config/cc_refresh_rmc_and_interface.py -@@ -15,7 +15,6 @@ from cloudinit import netinfo, subp, uti - from cloudinit.cloud import Cloud - from cloudinit.config import Config - from cloudinit.config.schema import MetaSchema --from cloudinit.distros import ALL_DISTROS - from cloudinit.settings import PER_ALWAYS - - MODULE_DESCRIPTION = """\ -@@ -42,7 +41,7 @@ meta: MetaSchema = { - "name": "Refresh IPv6 Interface and RMC", - "title": "Ensure Network Manager is not managing IPv6 interface", - "description": MODULE_DESCRIPTION, -- "distros": [ALL_DISTROS], -+ "distros": ["fedora", "rhel"], - "frequency": PER_ALWAYS, - "examples": [], - "activate_by_schema_keys": [], diff --git a/cloud-init-write-routes.patch b/cloud-init-write-routes.patch index baf0a7a..4c07d1c 100644 --- a/cloud-init-write-routes.patch +++ b/cloud-init-write-routes.patch @@ -1,6 +1,6 @@ --- cloudinit/distros/__init__.py.orig +++ cloudinit/distros/__init__.py -@@ -276,6 +276,15 @@ class Distro(persistence.CloudInitPickle +@@ -287,6 +287,15 @@ class Distro(persistence.CloudInitPickle network_state = parse_net_config_data(netconfig, renderer=renderer) self._write_network_state(network_state, renderer) @@ -18,15 +18,16 @@ if bring_up: --- cloudinit/distros/opensuse.py.orig +++ cloudinit/distros/opensuse.py -@@ -15,6 +15,7 @@ from cloudinit import log as logging +@@ -10,7 +10,7 @@ + + import os + +-from cloudinit import distros, helpers ++from cloudinit import distros, helpers, net + from cloudinit import log as logging from cloudinit import subp, util from cloudinit.distros import rhel_util as rhutil - from cloudinit.distros.parsers.hostname import HostnameConf -+from cloudinit.net import ipv4_mask_to_net_prefix - from cloudinit.settings import PER_INSTANCE - - LOG = logging.getLogger(__name__) -@@ -238,6 +239,144 @@ class Distro(distros.Distro): +@@ -238,6 +238,147 @@ class Distro(distros.Distro): conf.set_hostname(hostname) util.write_file(filename, str(conf), 0o644) @@ -66,7 +67,10 @@ + if dest != 'default': + netmask = route.get('netmask') + if netmask: -+ prefix = ipv4_mask_to_net_prefix(netmask) ++ if net.is_ipv4_network(netmask): ++ prefix = net.ipv4_mask_to_net_prefix(netmask) ++ if net.is_ipv6_network(netmask): ++ prefix = net.ipv6_mask_to_net_prefix(netmask) + dest += '/' + str(prefix) + if '/' not in dest: + LOG.warning( diff --git a/cloud-init.changes b/cloud-init.changes index be8d8c1..c7170cf 100644 --- a/cloud-init.changes +++ b/cloud-init.changes @@ -1,3 +1,326 @@ +------------------------------------------------------------------- +Mon Oct 9 14:26:40 UTC 2023 - Robert Schweikert + +- Update to version 23.3 (bsc#1216011, bsc#1215794) + + Remove patches included upstream: + - cloud-init-fix-ca-test.patch + - cloud-init-cve-2023-1786-redact-instance-data-json-main.patch + - cloud-init-power-rhel-only.patch + - cloud-init-flake8-fixes.patch + + Add + - cloud-init-keep-flake.patch + - cloud-init-lint-fixes.patch + + Update + - cloud-init-write-routes.patch (bsc#1216007) + + Bump pycloudlib to 1!5.1.0 for ec2 mantic daily image support (#4390) + + Fix cc_keyboard in mantic (LP: #2030788) + + ec2: initialize get_instance_userdata return value to bytes (#4387) + [Noah Meyerhans] + + cc_users_groups: Add doas/opendoas support (#4363) [dermotbradley] + + Fix pip-managed ansible + + status: treat SubState=running and MainPID=0 as service exited + + azure/imds: increase read-timeout to 30s (#4372) [Chris Patterson] + + collect-logs fix memory usage (SC-1590) (#4289) + [Alec Warren] (LP: #1980150) + + cc_mounts: Use fallocate to create swapfile on btrfs (#4369) [王煎饼] + + Undocument nocloud-net (#4318) + + feat(akamai): add akamai to settings.py and apport.py (#4370) + + read-version: fallback to get_version when git describe fails (#4366) + + apt: fix cloud-init status --wait blocking on systemd v 253 (#4364) + + integration tests: Pass username to pycloudlib (#4324) + + Bump pycloudlib to 1!5.1.0 (#4353) + + cloud.cfg.tmpl: reorganise, minimise/reduce duplication (#4272) + [dermotbradley] + + analyze: fix (unexpected) timestamp parsing (#4347) [Mina Galić] + + cc_growpart: fix tests to run on FreeBSD (#4351) [Mina Galić] + + subp: Fix spurious test failure on FreeBSD (#4355) [Mina Galić] + + cmd/clean: fix tests on non-Linux platforms (#4352) [Mina Galić] + + util: Fix get_proc_ppid() on non-Linux systems (#4348) [Mina Galić] + + cc_wireguard: make tests pass on FreeBSD (#4346) [Mina Galić] + + unittests: fix breakage in test_read_cfg_paths_fetches_cached_datasource + (#4328) [Ani Sinha] + + Fix test_tools.py collection (#4315) + + cc_keyboard: add Alpine support (#4278) [dermotbradley] + + Flake8 fixes (#4340) [Robert Schweikert] + + cc_mounts: Fix swapfile not working on btrfs (#4319) [王煎饼] (LP: #1884127) + + ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen (#4281) + [Wei Zhou] + + ec2: Support double encoded userdata (#4276) [Noah Meyerhans] + + cc_mounts: xfs is a Linux only FS (#4334) [Mina Galić] + + tests/net: fix TestGetInterfaces' mock coverage for get_master (#4336) + [Chris Patterson] + + change openEuler to openeuler and fix some bugs in openEuler (#4317) + [sxt1001] + + Replace flake8 with ruff (#4314) + + NM renderer: set default IPv6 addr-gen-mode for all interfaces to eui64 + (#4291) [Ani Sinha] + + cc_ssh_import_id: add Alpine support and add doas support (#4277) + [dermotbradley] + + sudoers not idempotent (SC-1589) (#4296) [Alec Warren] (LP: #1998539) + + Added support for Akamai Connected Cloud (formerly Linode) (#4167) + [Will Smith] + + Fix reference before assignment (#4292) + + Overhaul module reference page (#4237) [Sally] + + replaced spaces with commas for setting passenv (#4269) [Alec Warren] + + DS VMware: modify a few log level (#4284) [PengpengSun] + + tools/read-version refactors and unit tests (#4268) + + Ensure get_features() grabs all features (#4285) + + Don't always require passlib dependency (#4274) + + tests: avoid leaks into host system checking of ovs-vsctl cmd (#4275) + + Fix NoCloud kernel commandline key parsing (#4273) + + testing: Clear all LRU caches after each test (#4249) + + Remove the crypt dependency (#2139) [Gonéri Le Bouder] + + logging: keep current file mode of log file if its stricter than the + new mode (#4250) [Ani Sinha] + + Remove default membership in redundant groups (#4258) + [Dave Jones] (LP: #1923363) + + doc: improve datasource_creation.rst (#4262) + + Remove duplicate Integration testing button (#4261) [Rishita Shaw] + + tools/read-version: fix the tool so that it can handle version parsing + errors (#4234) [Ani Sinha] + + net/dhcp: add udhcpc support (#4190) [Jean-François Roche] + + DS VMware: add i386 arch dir to deployPkg plugin search path + [PengpengSun] + + LXD moved from linuxcontainers.org to Canonical [Simon Deziel] + + cc_mounts.py: Add note about issue with creating mounts inside mounts + (#4232) [dermotbradley] + + lxd: install lxd from snap, not deb if absent in image + + landscape: use landscape-config to write configuration + + Add deprecation log during init of DataSourceDigitalOcean (#4194) + [tyb-truth] + + doc: fix typo on apt.primary.arches (#4238) [Dan Bungert] + + Inspect systemd state for cloud-init status (#4230) + + instance-data: add system-info and features to combined-cloud-config + (#4224) + + systemd: Block login until config stage completes (#2111) (LP: #2013403) + + tests: proposed should invoke apt-get install -t=-proposed + (#4235) + + cloud.cfg.tmpl: reinstate ca_certs entry (#4236) [dermotbradley] + + Remove feature flag override ability (#4228) + + tests: drop stray unrelated file presence test (#4227) + + Update LXD URL (#4223) [Sally] + + schema: add network v1 schema definition and validation functions + + tests: daily PPA for devel series is version 99.daily update tests to + match (#4225) + + instance-data: write /run/cloud-init/combined-cloud-config.json + + mount parse: Fix matching non-existent directories (#4222) [Mina Galić] + + Specify build-system for pep517 (#4218) + + Fix network v2 metric rendering (#4220) + + Migrate content out of FAQ page (SD-1187) (#4205) [Sally] + + setup: fix generation of init templates (#4209) [Mina Galić] + + docs: Correct some bootcmd example wording + + fix changelog + + tests: reboot client to assert x-shellscript-per-boot is triggered + + nocloud: parse_cmdline no longer detects nocloud-net datasource (#4204) + (LP: 4203, #2025180) + + Add docstring and typing to mergemanydict (#4200) + + BSD: add dsidentify to early startup scripts (#4182) [Mina Galić] + + handler: report errors on skipped merged cloud-config.txt parts + (LP: #1999952) + + Add cloud-init summit writeups (#4179) [Sally] + + tests: Update test_clean_log for oci (#4187) + + gce: improve ephemeral fallback NIC selection (CPC-2578) (#4163) + + tests: pin pytest 7.3.1 to avoid adverse testpaths behavior (#4184) + + Ephemeral Networking for FreeBSD (#2165) [Mina Galić] + + Clarify directory syntax for nocloud local filesystem. (#4178) + + Set default renderer as sysconfig for centos/rhel (#4165) [Ani Sinha] + + Test static routes and netplan 0.106 + + FreeBSD fix parsing of mount and mount options (#2146) [Mina Galić] + + test: add tracking bug id (#4164) + + tests: can't match MAC for LXD container veth due to netplan 0.106 + (#4162) + + Add kaiwalyakoparkar as a contributor (#4156) [Kaiwalya Koparkar] + + BSD: remove datasource_list from cloud.cfg template (#4159) [Mina Galić] + + launching salt-minion in masterless mode (#4110) [Denis Halturin] + + tools: fix run-container builds for rockylinux/8 git hash mismatch + (#4161) + + fix doc lint: spellchecker tripped up (#4160) [Mina Galić] + + Support Ephemeral Networking for BSD (#2127) + + Added / fixed support for static routes on OpenBSD and FreeBSD (#2157) + [Kadir Mueller] + + cc_rsyslog: Refactor for better multi-platform support (#4119) + [Mina Galić] (LP: #1798055) + + tests: fix test_lp1835584 (#4154) + + cloud.cfg mod names: docs and rename salt_minion and set_password (#4153) + + tests: apt support for deb822 format .sources files on mantic + + vultr: remove check_route check (#2151) [Jonas Chevalier] + + Update SECURITY.md (#4150) [Indrranil Pawar] + + Update CONTRIBUTING.rst (#4149) [Indrranil Pawar] + + Update .github-cla-signers (#4151) [Indrranil Pawar] + + Standardise module names in cloud.cfg.tmpl to only use underscore + (#4128) [dermotbradley] + + tests: update test_webhook_reporting + + Modify PR template so autoclose works + + doc: add missing semi-colon to nocloud cmdline docs (#4120) + + .gitignore: extend coverage pattern (#4143) [Mina Galić] + +From 23.2.2 + + Fix NoCloud kernel commandline key parsing (#4273) (Fixes: #4271) + (LP: #2028562) + + Fix reference before assignment (#4292) (Fixes: #4288) (LP: #2028784) + +From 23.2.1 + + nocloud: Fix parse_cmdline detection of nocloud-net datasource (#4204) + (Fixes: 4203) (LP: #2025180) + +From 23.2 + + BSD: simplify finding MBR partitions by removing duplicate code + [Mina Galić] + + tests: bump pycloudlib version for mantic builds + + network-manager: Set higher autoconnect priority for nm keyfiles (#3671) + [Ani Sinha] + + alpine.py: change the locale file used (#4139) [dermotbradley] + + cc_ntp: Sync up with current FreeBSD ntp.conf (#4122) [Mina Galić] + + config: drop refresh_rmc_and_interface as RHEL 7 no longer supported + [Robert Schweikert] + + docs: Add feedback button to docs + + net/sysconfig: enable sysconfig renderer if network manager has ifcfg-rh + plugin (#4132) [Ani Sinha] + + For Alpine use os-release PRETTY_NAME (#4138) [dermotbradley] + + network_manager: add a method for ipv6 static IP configuration (#4127) + [Ani Sinha] + + correct misnamed template file host.mariner.tmpl (#4124) [dermotbradley] + + nm: generate ipv6 stateful dhcp config at par with sysconfig (#4115) + [Ani Sinha] + + Add templates for GitHub Issues + + Add 'peers' and 'allow' directives in cc_ntp (#3124) [Jacob Salmela] + + FreeBSD: Fix user account locking (#4114) [Mina Galić] (GH: #1854594) + + FreeBSD: add ResizeGrowFS class to cc_growpart (#2334) [Mina Galić] + + Update tests in Azure TestCanDevBeReformatted class (#2771) + [Ksenija Stanojevic] + + Replace Launchpad references with GitHub Issues + + Fix KeyError in iproute pformat (#3287) [Dmitry Zykov] + + schema: read_cfg_paths call init.fetch to lookup /v/l/c/instance + + azure/errors: introduce reportable errors for imds (#3647) + [Chris Patterson] + + FreeBSD (and friends): better identify MBR slices (#2168) + [Mina Galić] (LP: #2016350) + + azure/errors: add host reporting for dhcp errors (#2167) + [Chris Patterson] + + net: purge blacklist_drivers across net and azure (#2160) + [Chris Patterson] + + net: refactor hyper-v VF filtering and apply to get_interfaces() (#2153) + [Chris Patterson] + + tests: avoid leaks to underlying filesystem for /etc/cloud/clean.d + (#2251) + + net: refactor find_candidate_nics_on_linux() to use get_interfaces() + (#2159) [Chris Patterson] + + resolv_conf: Allow > 3 nameservers (#2152) [Major Hayden] + + Remove mount NTFS error message (#2134) [Ksenija Stanojevic] + + integration tests: fix image specification parsing (#2166) + + ci: add hypothesis scheduled GH check (#2149) + + Move supported distros list to docs (#2162) + + Fix logger, use instance rather than module function (#2163) + + README: Point to Github Actions build status (#2158) + + Revert "fix linux-specific code on bsd (#2143)" (#2161) + + Do not generate dsa and ed25519 key types when crypto FIPS mode is + enabled (#2142) [Ani Sinha] (LP: 2017761) + + Add documentation label automatically (#2156) + + sources/azure: report success to host and introduce kvp module (#2141) + [Chris Patterson] + + setup.py: use pkg-config for udev/rules path (#2137) [dankm] + + openstack/static: honor the DNS servers associated with a network + (#2138) [Gonéri Le Bouder] + + fix linux-specific code on bsd (#2143) + + cli: schema validation of jinja template user-data (SC-1385) (#2132) + (LP: #1881925) + + gce: activate network discovery on every boot (#2128) + + tests: update integration test to assert 640 across reboots (#2145) + + Make user/vendor data sensitive and remove log permissions (#2144) + (LP: #2013967) + + Update kernel command line docs (SC-1457) (#2133) + + docs: update network configuration path links (#2140) [d1r3ct0r] + + sources/azure: report failures to host via kvp (#2136) [Chris Patterson] + + net: Document use of `ip route append` to add routes (#2130) + + dhcp: Add missing mocks (#2135) + + azure/imds: retry fetching metadata up to 300 seconds (#2121) + [Chris Patterson] + + [1/2] DHCP: Refactor dhcp client code (#2122) + + azure/errors: treat traceback_base64 as string (#2131) [Chris Patterson] + + azure/errors: introduce reportable errors (#2129) [Chris Patterson] + + users: schema permit empty list to indicate create no users + + azure: introduce identity module (#2116) [Chris Patterson] + + Standardize disabling cloud-init on non-systemd (#2112) + + Update .github-cla-signers (#2126) [Rob Tongue] + + NoCloud: Use seedfrom protocol to determine mode (#2107) + + rhel: Remove sysvinit files. (#2114) + + tox.ini: set -vvvv --showlocals for pytest (#2104) [Chris Patterson] + + Fix NoCloud kernel commandline semi-colon args + + run-container: make the container/VM timeout configurable (#2118) + [Paride Legovini] + + suse: Remove sysvinit files. (#2115) + + test: Backport assert_call_count for old requests (#2119) + + Add "licebmi" as contributor (#2113) [Mark Martinez] + + Adapt DataSourceScaleway to upcoming IPv6 support (#2033) + [Louis Bouchard] + + rhel: make sure previous-hostname file ends with a new line (#2108) + [Ani Sinha] + + Adding contributors for DataSourceAkamai (#2110) [acourdavAkamai] + + Cleanup ephemeral IP routes on exception (#2100) [sxt1001] + + commit 09a64badfb3f51b1b391fa29be19962381a4bbeb [sxt1001] (LP: #2011291) + + Standardize kernel commandline user interface (#2093) + + config/cc_resizefs: fix do_resize arguments (#2106) [Chris Patterson] + + Fix test_dhclient_exits_with_error (#2105) + + net/dhcp: catch dhclient failures and raise NoDHCPLeaseError (#2083) + [Chris Patterson] + + sources/azure: move pps handling out of _poll_imds() (#2075) + [Chris Patterson] + + tests: bump pycloudlib version (#2102) + + schema: do not manipulate draft4 metaschema for jsonschema 2.6.0 (#2098) + + sources/azure/imds: don't count timeout errors as connection errors + (#2074) [Chris Patterson] + + Fix Python 3.12 unit test failures (#2099) + + integration tests: Refactor instance checking (#1989) + + ci: migrate remaining jobs from travis to gh (#2085) + + missing ending quote in instancedata docs(#2094) [Hong L] + + refactor: stop passing log instances to cc_* handlers (#2016) [d1r3ct0r] + + tests/vmware: fix test_no_data_access_method failure (#2092) + [Chris Patterson] + + Don't change permissions of netrules target (#2076) (LP: #2011783) + + tests/sources: patch util.get_cmdline() for datasource tests (#2091) + [Chris Patterson] + + macs: ignore duplicate MAC for devs with driver driver qmi_wwan (#2090) + (LP: #2008888) + + Fedora: Enable CA handling (#2086) [František Zatloukal] + + Send dhcp-client-identifier for InfiniBand ports (#2043) [Waleed Mousa] + + cc_ansible: complete the examples and doc (#2082) [Yves] + + bddeb: for dev package, derive debhelper-compat from host system + + apport: only prompt for cloud_name when instance-data.json is absent + + datasource: Optimize datasource detection, fix bugs (#2060) + + Handle non existent ca-cert-config situation (#2073) [Shreenidhi Shedi] + + sources/azure: add networking check for all source PPS (#2061) + [Chris Patterson] + + do not attempt dns resolution on ip addresses (#2040) + + chore: fix style tip (#2071) + + Fix metadata IP in instancedata.rst (#2063) [Brian Haley] + + util: Pass deprecation schedule in deprecate_call() (#2064) + + config: Update grub-dpkg docs (#2058) + + docs: Cosmetic improvements and styling (#2057) [s-makin] + + cc_grub_dpkg: Added UEFI support (#2029) [Alexander Birkner] + + tests: Write to /var/spool/rsyslog to adhere to apparmor profile (#2059) + + oracle-ds: prefer system_cfg over ds network config source (#1998) + (LP: #1956788) + + Remove dead code (#2038) + + source: Force OpenStack when it is only option (#2045) (LP: #2008727) + + cc_ubuntu_advantage: improve UA logs discovery + + sources/azure: fix regressions in IMDS behavior (#2041) [Chris Patterson] + + tests: fix test_schema (#2042) + + dhcp: Cleanup unused kwarg (#2037) + + sources/vmware/imc: fix-missing-catch-few-negtive-scenarios (#2027) + [PengpengSun] + + dhclient_hook: remove vestigal dhclient_hook command (#2015) + + log: Add standardized deprecation tooling (SC-1312) (#2026) + + Enable SUSE based distros for ca handling (#2036) [Robert Schweikert] + +From 23.1.2 + + Make user/vendor data sensitive and remove log permissions + (LP: #2013967) (CVE-2023-1786) + +From 23.1.1 + + source: Force OpenStack when it is only option (#2045) + + sources/azure: fix regressions in IMDS behavior (#2041) + [Chris Patterson] + ------------------------------------------------------------------- Mon Aug 14 12:05:01 UTC 2023 - Robert Schweikert @@ -224,11 +547,12 @@ Tue Jan 31 19:47:23 UTC 2023 - Robert Schweikert - Add cloud-init-prefer-nm.patch + Prefer NetworkManager of sysconfig when available +- Remove six dependency (bsc#1198269) ------------------------------------------------------------------- Thu Dec 22 18:10:45 UTC 2022 - Robert Schweikert -- Update to version 22.4 +- Update to version 22.4 (bsc#1201010) + Remove patches included upstream: - cloud-init-vmware-test.patch - cloud-init-sysctl-not-in-bin.patch diff --git a/cloud-init.spec b/cloud-init.spec index 78b5450..70652b0 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -18,7 +18,7 @@ %global configver 0.7 Name: cloud-init -Version: 23.1 +Version: 23.3 Release: 0 License: GPL-3.0 Summary: Cloud node initialization tool @@ -34,21 +34,18 @@ Patch2: cloud-init-break-resolv-symlink.patch Patch3: cloud-init-sysconf-path.patch # FIXME (lp#1860164) Patch4: cloud-init-no-tempnet-oci.patch -# FIXME https://github.com/canonical/cloud-init/pull/2036 -Patch5: cloud-init-fix-ca-test.patch # FIXME (lp#1812117) Patch6: cloud-init-write-routes.patch -Patch7: cloud-init-cve-2023-1786-redact-instance-data-json-main.patch -# FIXME https://github.com/canonical/cloud-init/pull/2148 -Patch8: cloud-init-power-rhel-only.patch -# FIXME https://github.com/canonical/cloud-init/pull/4340 -Patch9: cloud-init-flake8-fixes.patch +# FIXME (https://github.com/canonical/cloud-init/issues/4339) +Patch7: cloud-init-keep-flake.patch +Patch8: cloud-init-lint-fixes.patch BuildRequires: fdupes BuildRequires: filesystem # pkg-config is needed to find correct systemd unit dir BuildRequires: pkg-config # needed for /lib/udev BuildRequires: pkgconfig(udev) +BuildRequires: procps BuildRequires: python-rpm-macros BuildRequires: python3-devel BuildRequires: python3-setuptools @@ -62,6 +59,7 @@ BuildRequires: python3-jsonpatch BuildRequires: python3-jsonschema BuildRequires: python3-netifaces BuildRequires: python3-oauthlib +BuildRequires: python3-passlib BuildRequires: python3-pytest BuildRequires: python3-pytest-cov BuildRequires: python3-pytest-mock @@ -82,12 +80,14 @@ Requires: growpart Requires: e2fsprogs Requires: net-tools Requires: openssh +Requires: procps Requires: python3-configobj >= 5.0.2 Requires: python3-Jinja2 Requires: python3-jsonpatch Requires: python3-jsonschema Requires: python3-netifaces Requires: python3-oauthlib +Requires: python3-passlib Requires: python3-pyserial Requires: python3-PyYAML Requires: python3-requests @@ -146,11 +146,9 @@ Documentation and examples for cloud-init tools %patch2 %patch3 %patch4 -%patch5 %patch6 %patch7 %patch8 -%patch9 # patch in the full version to version.py version_pys=$(find . -name version.py -type f) @@ -163,7 +161,7 @@ python3 setup.py build %check make unittest -make flake8 +make lint %install python3 setup.py install --root=%{buildroot} --prefix=%{_prefix} --install-lib=%{python3_sitelib} --init-system=%{initsys} @@ -194,7 +192,6 @@ sed -i s/suse/sles/ %{buildroot}/%{_sysconfdir}/cloud/cloud.cfg mkdir -p %{buildroot}/%{_sysconfdir}/rsyslog.d mkdir -p %{buildroot}/usr/lib/udev/rules.d/ cp -a %{SOURCE1} %{buildroot}/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf -mv %{buildroot}/lib/udev/rules.d/66-azure-ephemeral.rules %{buildroot}/usr/lib/udev/rules.d/ mkdir -p %{buildroot}%{_sbindir} install -m 755 %{SOURCE2} %{buildroot}%{_sbindir} @@ -226,8 +223,6 @@ rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.ubuntu.* %{_sysconfdir}/cloud/clean.d/README %config(noreplace) %{_sysconfdir}/cloud/cloud.cfg.d %config(noreplace) %{_sysconfdir}/cloud/templates -%{_sysconfdir}/dhcp/dhclient-exit-hooks.d/hook-dhclient -%{_sysconfdir}/NetworkManager/dispatcher.d/hook-network-manager %{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf %{_mandir}/man*/* %if 0%{?suse_version} && 0%{?suse_version} < 1500 @@ -253,10 +248,6 @@ rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.ubuntu.* %exclude %{systemd_prefix}/systemd/system/cloud-init-hotplugd.socket %dir %attr(0755, root, root) %{_localstatedir}/lib/cloud %dir %{docdir} -%dir /etc/NetworkManager -%dir /etc/NetworkManager/dispatcher.d -%dir /etc/dhcp -%dir /etc/dhcp/dhclient-exit-hooks.d %dir /etc/systemd/system/sshd-keygen@.service.d