- Update to version 23.3 (bsc#1216011, bsc#1215794)

+ Remove patches included upstream:
    - cloud-init-fix-ca-test.patch
    - cloud-init-cve-2023-1786-redact-instance-data-json-main.patch
    - cloud-init-power-rhel-only.patch
    - cloud-init-flake8-fixes.patch
  + Add
    - cloud-init-keep-flake.patch
    - cloud-init-lint-fixes.patch
  + Update
    - cloud-init-write-routes.patch (bsc#1216007)
  + Bump pycloudlib to 1!5.1.0 for ec2 mantic daily image support (#4390)
  + Fix cc_keyboard in mantic (LP: #2030788)
  + ec2: initialize get_instance_userdata return value to bytes (#4387)
    [Noah Meyerhans]
  + cc_users_groups: Add doas/opendoas support (#4363) [dermotbradley]
  + Fix pip-managed ansible
  + status: treat SubState=running and MainPID=0 as service exited
  + azure/imds: increase read-timeout to 30s (#4372) [Chris Patterson]
  + collect-logs fix memory usage (SC-1590) (#4289)
    [Alec Warren] (LP: #1980150)
  + cc_mounts: Use fallocate to create swapfile on btrfs (#4369) [王煎饼]
  + Undocument nocloud-net (#4318)
  + feat(akamai): add akamai to settings.py and apport.py (#4370)
  + read-version: fallback to get_version when git describe fails (#4366)
  + apt: fix cloud-init status --wait blocking on systemd v 253 (#4364)
  + integration tests: Pass username to pycloudlib (#4324)
  + Bump pycloudlib to 1!5.1.0 (#4353)
  + cloud.cfg.tmpl: reorganise, minimise/reduce duplication (#4272)
    [dermotbradley]

OBS-URL: https://build.opensuse.org/package/show/Cloud:Tools/cloud-init?expand=0&rev=216
This commit is contained in:
Robert Schweikert 2023-11-16 13:51:30 +00:00 committed by Git OBS Bridge
parent 60d88ce573
commit eed84a210f
11 changed files with 773 additions and 303 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7d6a13210c9fc82c82e471c335de9fbb53ccd63ac92c1d1c462a6e5c8e992ebc
size 1540625

BIN
cloud-init-23.3.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -1,175 +0,0 @@
--- cloudinit/sources/DataSourceLXD.py.orig
+++ cloudinit/sources/DataSourceLXD.py
@@ -173,6 +173,8 @@ class DataSourceLXD(sources.DataSource):
"user.meta-data",
"user.vendor-data",
"user.user-data",
+ "cloud-init.user-data",
+ "cloud-init.vendor-data",
)
skip_hotplug_detect = True
--- cloudinit/sources/DataSourceVultr.py.orig
+++ cloudinit/sources/DataSourceVultr.py
@@ -5,6 +5,8 @@
# Vultr Metadata API:
# https://www.vultr.com/metadata/
+from typing import Tuple
+
import cloudinit.sources.helpers.vultr as vultr
from cloudinit import log as log
from cloudinit import sources, util, version
@@ -27,6 +29,9 @@ BUILTIN_DS_CONFIG = {
class DataSourceVultr(sources.DataSource):
dsname = "Vultr"
+ sensitive_metadata_keys: \
+ Tuple[str, ...] = \
+ sources.DataSource.sensitive_metadata_keys + ("startup-script",)
def __init__(self, sys_cfg, distro, paths):
super(DataSourceVultr, self).__init__(sys_cfg, distro, paths)
@@ -54,13 +59,8 @@ class DataSourceVultr(sources.DataSource
self.get_datasource_data(self.metadata)
# Dump some data so diagnosing failures is manageable
- LOG.debug("Vultr Vendor Config:")
- LOG.debug(util.json_dumps(self.metadata["vendor-data"]))
LOG.debug("SUBID: %s", self.metadata["instance-id"])
LOG.debug("Hostname: %s", self.metadata["local-hostname"])
- if self.userdata_raw is not None:
- LOG.debug("User-Data:")
- LOG.debug(self.userdata_raw)
return True
@@ -146,7 +146,4 @@ if __name__ == "__main__":
config = md["vendor-data"]
sysinfo = vultr.get_sysinfo()
- print(util.json_dumps(sysinfo))
- print(util.json_dumps(config))
-
# vi: ts=4 expandtab
--- cloudinit/sources/__init__.py.orig
+++ cloudinit/sources/__init__.py
@@ -132,6 +132,12 @@ def redact_sensitive_keys(metadata, reda
Replace any keys values listed in 'sensitive_keys' with redact_value.
"""
+ # While 'sensitive_keys' should already sanitized to only include what
+ # is in metadata, it is possible keys will overlap. For example, if
+ # "merged_cfg" and "merged_cfg/ds/userdata" both match, it's possible that
+ # "merged_cfg" will get replaced first, meaning "merged_cfg/ds/userdata"
+ # no longer represents a valid key.
+ # Thus, we still need to do membership checks in this function.
if not metadata.get("sensitive_keys", []):
return metadata
md_copy = copy.deepcopy(metadata)
@@ -139,9 +145,14 @@ def redact_sensitive_keys(metadata, reda
path_parts = key_path.split("/")
obj = md_copy
for path in path_parts:
- if isinstance(obj[path], dict) and path != path_parts[-1]:
+ if (
+ path in obj
+ and isinstance(obj[path], dict)
+ and path != path_parts[-1]
+ ):
obj = obj[path]
- obj[path] = redact_value
+ if path in obj:
+ obj[path] = redact_value
return md_copy
@@ -249,6 +260,14 @@ class DataSource(CloudInitPickleMixin, m
sensitive_metadata_keys: Tuple[str, ...] = (
"merged_cfg",
"security-credentials",
+ "userdata",
+ "user-data",
+ "user_data",
+ "vendordata",
+ "vendor-data",
+ # Provide ds/vendor_data to avoid redacting top-level
+ # "vendor_data": {enabled: True}
+ "ds/vendor_data",
)
# True on datasources that may not see hotplugged devices reflected
--- cloudinit/stages.py.orig
+++ cloudinit/stages.py
@@ -203,7 +203,9 @@ class Init:
util.ensure_dirs(self._initial_subdirs())
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
if log_file:
- util.ensure_file(log_file, mode=0o640, preserve_mode=True)
+ # At this point the log file should have already been created
+ # in the setupLogging function of log.py
+ util.ensure_file(log_file, mode=0o640, preserve_mode=False)
perms = self.cfg.get("syslog_fix_perms")
if not perms:
perms = {}
--- tests/unittests/sources/test_init.py.orig
+++ tests/unittests/sources/test_init.py
@@ -464,6 +464,12 @@ class TestDataSource(CiTestCase):
(
"merged_cfg",
"security-credentials",
+ "userdata",
+ "user-data",
+ "user_data",
+ "vendordata",
+ "vendor-data",
+ "ds/vendor_data",
),
datasource.sensitive_metadata_keys,
)
@@ -574,6 +580,12 @@ class TestDataSource(CiTestCase):
(
"merged_cfg",
"security-credentials",
+ "userdata",
+ "user-data",
+ "user_data",
+ "vendordata",
+ "vendor-data",
+ "ds/vendor_data",
),
datasource.sensitive_metadata_keys,
)
--- tests/unittests/test_stages.py.orig
+++ tests/unittests/test_stages.py
@@ -606,19 +606,23 @@ class TestInit_InitializeFilesystem:
# Assert we create it 0o640 by default if it doesn't already exist
assert 0o640 == stat.S_IMODE(log_file.stat().mode)
- def test_existing_file_permissions_are_not_modified(self, init, tmpdir):
- """If the log file already exists, we should not modify its permissions
+ def test_existing_file_permissions(self, init, tmpdir):
+ """Test file permissions are set as expected.
+
+ CIS Hardening requires 640 permissions. These permissions are
+ currently hardcoded on every boot, but if there's ever a reason
+ to change this, we need to then ensure that they
+ are *not* set every boot.
See https://bugs.launchpad.net/cloud-init/+bug/1900837.
"""
- # Use a mode that will never be made the default so this test will
- # always be valid
- mode = 0o606
log_file = tmpdir.join("cloud-init.log")
log_file.ensure()
- log_file.chmod(mode)
+ # Use a mode that will never be made the default so this test will
+ # always be valid
+ log_file.chmod(0o606)
init._cfg = {"def_log_file": str(log_file)}
init._initialize_filesystem()
- assert mode == stat.S_IMODE(log_file.stat().mode)
+ assert 0o640 == stat.S_IMODE(log_file.stat().mode)

View File

@ -1,18 +0,0 @@
--- tests/unittests/config/test_cc_ca_certs.py.orig
+++ tests/unittests/config/test_cc_ca_certs.py
@@ -311,6 +311,7 @@ class TestRemoveDefaultCaCerts(TestCase)
"cloud_dir": tmpdir,
}
)
+ self.add_patch("cloudinit.config.cc_ca_certs.os.stat", "m_stat")
def test_commands(self):
ca_certs_content = "# line1\nline2\nline3\n"
@@ -318,6 +319,7 @@ class TestRemoveDefaultCaCerts(TestCase)
"# line1\n# Modified by cloud-init to deselect certs due to"
" user-data\n!line2\n!line3\n"
)
+ self.m_stat.return_value.st_size = 1
for distro_name in cc_ca_certs.distros:
conf = cc_ca_certs._distro_ca_certs_configs(distro_name)

View File

@ -1,60 +0,0 @@
--- cloudinit/net/eni.py.orig
+++ cloudinit/net/eni.py
@@ -81,7 +81,7 @@ def _iface_add_subnet(iface, subnet):
if key == "address":
value = "%s/%s" % (subnet["address"], subnet["prefix"])
if value and key in valid_map:
- if type(value) == list:
+ if isinstance(value, list):
value = " ".join(value)
if "_" in key:
key = key.replace("_", "-")
@@ -126,7 +126,7 @@ def _iface_add_attrs(iface, index, ipv4_
for key, value in iface.items():
# convert bool to string for eni
- if type(value) == bool:
+ if isinstance(value, bool):
value = "on" if iface[key] else "off"
if not value or key in ignore_map:
continue
@@ -144,7 +144,7 @@ def _iface_add_attrs(iface, index, ipv4_
for v in value:
content.append(" {0} {1}".format(renames.get(key, key), v))
continue
- if type(value) == list:
+ if isinstance(value, list):
value = " ".join(value)
content.append(" {0} {1}".format(renames.get(key, key), value))
--- cloudinit/net/network_state.py.orig
+++ cloudinit/net/network_state.py
@@ -559,7 +559,7 @@ class NetworkStateInterpreter(metaclass=
# convert value to boolean
bridge_stp = iface.get("bridge_stp")
- if bridge_stp is not None and type(bridge_stp) != bool:
+ if bridge_stp is not None and not isinstance(bridge_stp, bool):
if bridge_stp in ["on", "1", 1]:
bridge_stp = True
elif bridge_stp in ["off", "0", 0]:
@@ -582,7 +582,7 @@ class NetworkStateInterpreter(metaclass=
search = []
if "address" in command:
addrs = command["address"]
- if not type(addrs) == list:
+ if not isinstance(addrs, list):
addrs = [addrs]
for addr in addrs:
nameservers.append(addr)
--- cloudinit/sources/helpers/netlink.py.orig
+++ cloudinit/sources/helpers/netlink.py
@@ -137,7 +137,7 @@ def unpack_rta_attr(data, offset):
:raises: AssertionError if data is None or offset is not integer.
"""
assert data is not None, "data is none"
- assert type(offset) == int, "offset is not integer"
+ assert isinstance(offset, int), "offset is not integer"
assert (
offset >= RTATTR_START_OFFSET
), "rta offset is less than expected length"

View File

@ -0,0 +1,11 @@
--- tools/run-lint.orig
+++ tools/run-lint
@@ -11,7 +11,7 @@ else
files=( "$@" )
fi
-cmd=( "python3" -m "ruff" "${files[@]}" )
+cmd=( "python3" -m "flake8" "${files[@]}" )
echo "Running: " "${cmd[@]}" 1>&2
exec "${cmd[@]}"

412
cloud-init-lint-fixes.patch Normal file
View File

@ -0,0 +1,412 @@
--- cloudinit/cmd/main.py.orig
+++ cloudinit/cmd/main.py
@@ -28,26 +28,27 @@ from cloudinit.config.modules import Mod
patcher.patch_logging()
-from cloudinit.config.schema import validate_cloudconfig_schema
-from cloudinit import log as logging
-from cloudinit import netinfo
-from cloudinit import signal_handler
-from cloudinit import sources
-from cloudinit import stages
-from cloudinit import url_helper
-from cloudinit import util
-from cloudinit import version
-from cloudinit import warnings
-
-from cloudinit import reporting
-from cloudinit.reporting import events
+from cloudinit.config.schema import validate_cloudconfig_schema # noqa: E402
+from cloudinit import log as logging # noqa: E402
+from cloudinit import netinfo # noqa: E402
+from cloudinit import signal_handler # noqa: E402
+from cloudinit import sources # noqa: E402
+from cloudinit import stages # noqa: E402
+from cloudinit import url_helper # noqa: E402
+from cloudinit import util # noqa: E402
+from cloudinit import version # noqa: E402
+from cloudinit import warnings # noqa: E402
+
+from cloudinit import reporting # noqa: E402
+from cloudinit.reporting import events # noqa: E402
-from cloudinit.settings import PER_INSTANCE, PER_ALWAYS, PER_ONCE, CLOUD_CONFIG
+from cloudinit.settings import ( # noqa: E402
+ PER_INSTANCE, PER_ALWAYS, PER_ONCE, CLOUD_CONFIG) # noqa: E402
-from cloudinit import atomic_helper
+from cloudinit import atomic_helper # noqa: E402
-from cloudinit.config import cc_set_hostname
-from cloudinit.cmd.devel import read_cfg_paths
+from cloudinit.config import cc_set_hostname # noqa: E402
+from cloudinit.cmd.devel import read_cfg_paths # noqa: E402
# Welcome message template
@@ -538,7 +539,7 @@ def di_report_warn(datasource, cfg):
# where Name is the thing that shows up in datasource_list.
modname = datasource.__module__.rpartition(".")[2]
if modname.startswith(sources.DS_PREFIX):
- modname = modname[len(sources.DS_PREFIX) :]
+ modname = modname[len(sources.DS_PREFIX):]
else:
LOG.warning(
"Datasource '%s' came from unexpected module '%s'.",
--- cloudinit/config/cc_apt_configure.py.orig
+++ cloudinit/config/cc_apt_configure.py
@@ -354,7 +354,7 @@ def mirrorurl_to_apt_fileprefix(mirror):
string = string[0:-1]
pos = string.find("://")
if pos >= 0:
- string = string[pos + 3 :]
+ string = string[pos + 3:]
string = string.replace("/", "_")
return string
--- cloudinit/config/cc_ssh_authkey_fingerprints.py.orig
+++ cloudinit/config/cc_ssh_authkey_fingerprints.py
@@ -44,7 +44,7 @@ LOG = logging.getLogger(__name__)
def _split_hash(bin_hash):
split_up = []
for i in range(0, len(bin_hash), 2):
- split_up.append(bin_hash[i : i + 2])
+ split_up.append(bin_hash[i: i + 2])
return split_up
--- cloudinit/config/modules.py.orig
+++ cloudinit/config/modules.py
@@ -39,7 +39,7 @@ class ModuleDetails(NamedTuple):
def form_module_name(name):
canon_name = name.replace("-", "_")
if canon_name.lower().endswith(".py"):
- canon_name = canon_name[0 : (len(canon_name) - 3)]
+ canon_name = canon_name[0: (len(canon_name) - 3)]
canon_name = canon_name.strip()
if not canon_name:
return None
--- cloudinit/distros/parsers/ifconfig.py.orig
+++ cloudinit/distros/parsers/ifconfig.py
@@ -140,7 +140,7 @@ class Ifconfig:
dev.index = int(toks[1])
if toks[0] == "description:":
- dev.description = line[line.index(":") + 2 :]
+ dev.description = line[line.index(":") + 2:]
if (
toks[0].startswith("options=")
@@ -165,7 +165,7 @@ class Ifconfig:
dev.groups += toks[1:]
if toks[0] == "media:":
- dev.media = line[line.index(": ") + 2 :]
+ dev.media = line[line.index(": ") + 2:]
if toks[0] == "nd6":
nd6_opts = re.split(r"<|>", toks[0])
--- cloudinit/net/dhcp.py.orig
+++ cloudinit/net/dhcp.py
@@ -415,24 +415,24 @@ class IscDhclient(DhcpClient):
if len(tokens[idx:]) < req_toks:
_trunc_error(net_length, req_toks, len(tokens[idx:]))
return static_routes
- net_address = ".".join(tokens[idx + 1 : idx + 5])
- gateway = ".".join(tokens[idx + 5 : idx + req_toks])
+ net_address = ".".join(tokens[idx + 1: idx + 5])
+ gateway = ".".join(tokens[idx + 5: idx + req_toks])
current_idx = idx + req_toks
elif net_length in range(17, 25):
req_toks = 8
if len(tokens[idx:]) < req_toks:
_trunc_error(net_length, req_toks, len(tokens[idx:]))
return static_routes
- net_address = ".".join(tokens[idx + 1 : idx + 4] + ["0"])
- gateway = ".".join(tokens[idx + 4 : idx + req_toks])
+ net_address = ".".join(tokens[idx + 1: idx + 4] + ["0"])
+ gateway = ".".join(tokens[idx + 4: idx + req_toks])
current_idx = idx + req_toks
elif net_length in range(9, 17):
req_toks = 7
if len(tokens[idx:]) < req_toks:
_trunc_error(net_length, req_toks, len(tokens[idx:]))
return static_routes
- net_address = ".".join(tokens[idx + 1 : idx + 3] + ["0", "0"])
- gateway = ".".join(tokens[idx + 3 : idx + req_toks])
+ net_address = ".".join(tokens[idx + 1: idx + 3] + ["0", "0"])
+ gateway = ".".join(tokens[idx + 3: idx + req_toks])
current_idx = idx + req_toks
elif net_length in range(1, 9):
req_toks = 6
@@ -440,9 +440,9 @@ class IscDhclient(DhcpClient):
_trunc_error(net_length, req_toks, len(tokens[idx:]))
return static_routes
net_address = ".".join(
- tokens[idx + 1 : idx + 2] + ["0", "0", "0"]
+ tokens[idx + 1: idx + 2] + ["0", "0", "0"]
)
- gateway = ".".join(tokens[idx + 2 : idx + req_toks])
+ gateway = ".".join(tokens[idx + 2: idx + req_toks])
current_idx = idx + req_toks
elif net_length == 0:
req_toks = 5
@@ -450,7 +450,7 @@ class IscDhclient(DhcpClient):
_trunc_error(net_length, req_toks, len(tokens[idx:]))
return static_routes
net_address = "0.0.0.0"
- gateway = ".".join(tokens[idx + 1 : idx + req_toks])
+ gateway = ".".join(tokens[idx + 1: idx + req_toks])
current_idx = idx + req_toks
else:
LOG.error(
--- cloudinit/net/network_state.py.orig
+++ cloudinit/net/network_state.py
@@ -135,7 +135,7 @@ class CommandHandlerMeta(type):
command_handlers = {}
for attr_name, attr in dct.items():
if callable(attr) and attr_name.startswith("handle_"):
- handles_what = attr_name[len("handle_") :]
+ handles_what = attr_name[len("handle_"):]
if handles_what:
command_handlers[handles_what] = attr
dct["command_handlers"] = command_handlers
--- cloudinit/reporting/handlers.py.orig
+++ cloudinit/reporting/handlers.py
@@ -295,13 +295,13 @@ class HyperVKvpReportingHandler(Reportin
)
)
k = (
- record_data[0 : self.HV_KVP_EXCHANGE_MAX_KEY_SIZE]
+ record_data[0: self.HV_KVP_EXCHANGE_MAX_KEY_SIZE]
.decode("utf-8")
.strip("\x00")
)
v = (
record_data[
- self.HV_KVP_EXCHANGE_MAX_KEY_SIZE : self.HV_KVP_RECORD_SIZE
+ self.HV_KVP_EXCHANGE_MAX_KEY_SIZE: self.HV_KVP_RECORD_SIZE
]
.decode("utf-8")
.strip("\x00")
@@ -320,7 +320,7 @@ class HyperVKvpReportingHandler(Reportin
def _break_down(self, key, meta_data, description):
del meta_data[self.MSG_KEY]
des_in_json = json.dumps(description)
- des_in_json = des_in_json[1 : (len(des_in_json) - 1)]
+ des_in_json = des_in_json[1: (len(des_in_json) - 1)]
i = 0
result_array = []
message_place_holder = '"' + self.MSG_KEY + '":""'
@@ -353,7 +353,7 @@ class HyperVKvpReportingHandler(Reportin
Values will be truncated as needed.
"""
if len(value) >= self.HV_KVP_AZURE_MAX_VALUE_SIZE:
- value = value[0 : self.HV_KVP_AZURE_MAX_VALUE_SIZE - 1]
+ value = value[0: self.HV_KVP_AZURE_MAX_VALUE_SIZE - 1]
data = [self._encode_kvp_item(key, value)]
--- cloudinit/sources/__init__.py.orig
+++ cloudinit/sources/__init__.py
@@ -747,7 +747,7 @@ class DataSource(CloudInitPickleMixin, m
if not short_name.startswith(nfrom):
continue
for nto in tlist:
- cand = "/dev/%s%s" % (nto, short_name[len(nfrom) :])
+ cand = "/dev/%s%s" % (nto, short_name[len(nfrom):])
if os.path.exists(cand):
return cand
return None
--- cloudinit/sources/helpers/azure.py.orig
+++ cloudinit/sources/helpers/azure.py
@@ -566,7 +566,7 @@ class OpenSSLManager:
"""
raw_fp = self._run_x509_action("-fingerprint", certificate)
eq = raw_fp.find("=")
- octets = raw_fp[eq + 1 : -1].split(":")
+ octets = raw_fp[eq + 1: -1].split(":")
return "".join(octets)
@azure_ds_telemetry_reporter
--- cloudinit/sources/helpers/netlink.py.orig
+++ cloudinit/sources/helpers/netlink.py
@@ -150,7 +150,7 @@ def unpack_rta_attr(data, offset):
return None # Should mean our offset is >= remaining data
# Unpack just the attribute's data. Offset by 4 to skip length/type header
- attr_data = data[offset + RTA_DATA_START_OFFSET : offset + length]
+ attr_data = data[offset + RTA_DATA_START_OFFSET: offset + length]
return RTAAttr(length, rta_type, attr_data)
--- cloudinit/ssh_util.py.orig
+++ cloudinit/ssh_util.py
@@ -659,7 +659,7 @@ def get_opensshd_version():
prefix = "OpenSSH_"
for line in err.split("\n"):
if line.startswith(prefix):
- return line[len(prefix) : line.find(",")]
+ return line[len(prefix): line.find(",")]
return None
--- cloudinit/url_helper.py.orig
+++ cloudinit/url_helper.py
@@ -73,7 +73,7 @@ def read_file_or_url(url, **kwargs) -> U
if url.lower().startswith("file://"):
if kwargs.get("data"):
LOG.warning("Unable to post data to file resource %s", url)
- file_path = url[len("file://") :]
+ file_path = url[len("file://"):]
try:
with open(file_path, "rb") as fp:
contents = fp.read()
--- cloudinit/user_data.py.orig
+++ cloudinit/user_data.py
@@ -211,13 +211,13 @@ class UserDataProcessor:
for line in content.splitlines():
lc_line = line.lower()
if lc_line.startswith("#include-once"):
- line = line[len("#include-once") :].lstrip()
+ line = line[len("#include-once"):].lstrip()
# Every following include will now
# not be refetched.... but will be
# re-read from a local urlcache (if it worked)
include_once_on = True
elif lc_line.startswith("#include"):
- line = line[len("#include") :].lstrip()
+ line = line[len("#include"):].lstrip()
# Disable the include once if it was on
# if it wasn't, then this has no effect.
include_once_on = False
--- cloudinit/util.py.orig
+++ cloudinit/util.py
@@ -1177,7 +1177,7 @@ def read_cc_from_cmdline(cmdline=None):
if end < 0:
end = clen
tokens.append(
- parse.unquote(cmdline[begin + begin_l : end].lstrip()).replace(
+ parse.unquote(cmdline[begin + begin_l: end].lstrip()).replace(
"\\n", "\n"
)
)
@@ -1724,7 +1724,7 @@ def get_output_cfg(cfg, mode):
found = False
for s in swlist:
if val.startswith(s):
- val = "%s %s" % (s, val[len(s) :].strip())
+ val = "%s %s" % (s, val[len(s):].strip())
found = True
break
if not found:
@@ -2362,7 +2362,7 @@ def shellify(cmdlist, add_header=True):
def strip_prefix_suffix(line, prefix=None, suffix=None):
if prefix and line.startswith(prefix):
- line = line[len(prefix) :]
+ line = line[len(prefix):]
if suffix and line.endswith(suffix):
line = line[: -len(suffix)]
return line
@@ -2942,7 +2942,7 @@ def human2bytes(size):
for m in mpliers:
if size.endswith(m):
mplier = m
- num = size[0 : -len(m)]
+ num = size[0: -len(m)]
try:
num = float(num)
@@ -3022,12 +3022,12 @@ def rootdev_from_cmdline(cmdline):
if found.startswith("/dev/"):
return found
if found.startswith("LABEL="):
- return "/dev/disk/by-label/" + found[len("LABEL=") :]
+ return "/dev/disk/by-label/" + found[len("LABEL="):]
if found.startswith("UUID="):
- return "/dev/disk/by-uuid/" + found[len("UUID=") :].lower()
+ return "/dev/disk/by-uuid/" + found[len("UUID="):].lower()
if found.startswith("PARTUUID="):
disks_path = (
- "/dev/disk/by-partuuid/" + found[len("PARTUUID=") :].lower()
+ "/dev/disk/by-partuuid/" + found[len("PARTUUID="):].lower()
)
if os.path.exists(disks_path):
return disks_path
--- setup.py.orig
+++ setup.py
@@ -187,7 +187,7 @@ elif os.path.isfile("/etc/system-release
else:
# String formatted CPE
inc = 1
- (cpe_vendor, cpe_product, cpe_version) = cpe_data[2 + inc : 5 + inc]
+ (cpe_vendor, cpe_product, cpe_version) = cpe_data[2 + inc: 5 + inc]
if cpe_vendor == "amazon":
USR_LIB_EXEC = "usr/libexec"
--- tests/unittests/helpers.py.orig
+++ tests/unittests/helpers.py
@@ -265,7 +265,7 @@ class FilesystemMockingTestCase(Resource
real_root = os.path.join(real_root, "roots", example_root)
for (dir_path, _dirnames, filenames) in os.walk(real_root):
real_path = dir_path
- make_path = rebase_path(real_path[len(real_root) :], target_root)
+ make_path = rebase_path(real_path[len(real_root):], target_root)
util.ensure_dir(make_path)
for f in filenames:
real_path = util.abs_join(real_path, f)
@@ -469,7 +469,7 @@ def dir2dict(startdir, prefix=None):
for root, _dirs, files in os.walk(startdir):
for fname in files:
fpath = os.path.join(root, fname)
- key = fpath[len(prefix) :]
+ key = fpath[len(prefix):]
flist[key] = util.load_file(fpath)
return flist
--- tests/unittests/reporting/test_reporting_hyperv.py.orig
+++ tests/unittests/reporting/test_reporting_hyperv.py
@@ -293,7 +293,7 @@ class TextKvpReporter(CiTestCase):
reporter,
2,
[
- log_content[-azure.MAX_LOG_TO_KVP_LENGTH :].encode(),
+ log_content[-azure.MAX_LOG_TO_KVP_LENGTH:].encode(),
extra_content.encode(),
],
)
--- tests/unittests/sources/test_configdrive.py.orig
+++ tests/unittests/sources/test_configdrive.py
@@ -412,7 +412,7 @@ class TestConfigDriveDataSource(CiTestCa
}
for name, dev_name in name_tests.items():
with ExitStack() as mocks:
- provided_name = dev_name[len("/dev/") :]
+ provided_name = dev_name[len("/dev/"):]
provided_name = "s" + provided_name[1:]
find_mock = mocks.enter_context(
mock.patch.object(
--- tests/unittests/sources/test_maas.py.orig
+++ tests/unittests/sources/test_maas.py
@@ -131,7 +131,7 @@ class TestMAASDataSource(CiTestCase):
if not url.startswith(prefix):
raise ValueError("unexpected call %s" % url)
- short = url[len(prefix) :]
+ short = url[len(prefix):]
if short not in data:
raise url_helper.UrlError("not found", code=404, url=url)
return url_helper.StringResponse(data[short])
--- tests/unittests/sources/test_smartos.py.orig
+++ tests/unittests/sources/test_smartos.py
@@ -766,7 +766,7 @@ class ShortReader:
rsize = next_null - self.index + 1
i = self.index
self.index += rsize
- ret = self.data[i : i + rsize]
+ ret = self.data[i: i + rsize]
if len(ret) and ret[-1:] == self.endbyte:
ret = ret[:-1]
return ret

View File

@ -1,19 +0,0 @@
--- cloudinit/config/cc_refresh_rmc_and_interface.py.orig
+++ cloudinit/config/cc_refresh_rmc_and_interface.py
@@ -15,7 +15,6 @@ from cloudinit import netinfo, subp, uti
from cloudinit.cloud import Cloud
from cloudinit.config import Config
from cloudinit.config.schema import MetaSchema
-from cloudinit.distros import ALL_DISTROS
from cloudinit.settings import PER_ALWAYS
MODULE_DESCRIPTION = """\
@@ -42,7 +41,7 @@ meta: MetaSchema = {
"name": "Refresh IPv6 Interface and RMC",
"title": "Ensure Network Manager is not managing IPv6 interface",
"description": MODULE_DESCRIPTION,
- "distros": [ALL_DISTROS],
+ "distros": ["fedora", "rhel"],
"frequency": PER_ALWAYS,
"examples": [],
"activate_by_schema_keys": [],

View File

@ -1,6 +1,6 @@
--- cloudinit/distros/__init__.py.orig --- cloudinit/distros/__init__.py.orig
+++ cloudinit/distros/__init__.py +++ cloudinit/distros/__init__.py
@@ -276,6 +276,15 @@ class Distro(persistence.CloudInitPickle @@ -287,6 +287,15 @@ class Distro(persistence.CloudInitPickle
network_state = parse_net_config_data(netconfig, renderer=renderer) network_state = parse_net_config_data(netconfig, renderer=renderer)
self._write_network_state(network_state, renderer) self._write_network_state(network_state, renderer)
@ -18,15 +18,16 @@
if bring_up: if bring_up:
--- cloudinit/distros/opensuse.py.orig --- cloudinit/distros/opensuse.py.orig
+++ cloudinit/distros/opensuse.py +++ cloudinit/distros/opensuse.py
@@ -15,6 +15,7 @@ from cloudinit import log as logging @@ -10,7 +10,7 @@
import os
-from cloudinit import distros, helpers
+from cloudinit import distros, helpers, net
from cloudinit import log as logging
from cloudinit import subp, util from cloudinit import subp, util
from cloudinit.distros import rhel_util as rhutil from cloudinit.distros import rhel_util as rhutil
from cloudinit.distros.parsers.hostname import HostnameConf @@ -238,6 +238,147 @@ class Distro(distros.Distro):
+from cloudinit.net import ipv4_mask_to_net_prefix
from cloudinit.settings import PER_INSTANCE
LOG = logging.getLogger(__name__)
@@ -238,6 +239,144 @@ class Distro(distros.Distro):
conf.set_hostname(hostname) conf.set_hostname(hostname)
util.write_file(filename, str(conf), 0o644) util.write_file(filename, str(conf), 0o644)
@ -66,7 +67,10 @@
+ if dest != 'default': + if dest != 'default':
+ netmask = route.get('netmask') + netmask = route.get('netmask')
+ if netmask: + if netmask:
+ prefix = ipv4_mask_to_net_prefix(netmask) + if net.is_ipv4_network(netmask):
+ prefix = net.ipv4_mask_to_net_prefix(netmask)
+ if net.is_ipv6_network(netmask):
+ prefix = net.ipv6_mask_to_net_prefix(netmask)
+ dest += '/' + str(prefix) + dest += '/' + str(prefix)
+ if '/' not in dest: + if '/' not in dest:
+ LOG.warning( + LOG.warning(

View File

@ -1,3 +1,326 @@
-------------------------------------------------------------------
Mon Oct 9 14:26:40 UTC 2023 - Robert Schweikert <rjschwei@suse.com>
- Update to version 23.3 (bsc#1216011, bsc#1215794)
+ Remove patches included upstream:
- cloud-init-fix-ca-test.patch
- cloud-init-cve-2023-1786-redact-instance-data-json-main.patch
- cloud-init-power-rhel-only.patch
- cloud-init-flake8-fixes.patch
+ Add
- cloud-init-keep-flake.patch
- cloud-init-lint-fixes.patch
+ Update
- cloud-init-write-routes.patch (bsc#1216007)
+ Bump pycloudlib to 1!5.1.0 for ec2 mantic daily image support (#4390)
+ Fix cc_keyboard in mantic (LP: #2030788)
+ ec2: initialize get_instance_userdata return value to bytes (#4387)
[Noah Meyerhans]
+ cc_users_groups: Add doas/opendoas support (#4363) [dermotbradley]
+ Fix pip-managed ansible
+ status: treat SubState=running and MainPID=0 as service exited
+ azure/imds: increase read-timeout to 30s (#4372) [Chris Patterson]
+ collect-logs fix memory usage (SC-1590) (#4289)
[Alec Warren] (LP: #1980150)
+ cc_mounts: Use fallocate to create swapfile on btrfs (#4369) [王煎饼]
+ Undocument nocloud-net (#4318)
+ feat(akamai): add akamai to settings.py and apport.py (#4370)
+ read-version: fallback to get_version when git describe fails (#4366)
+ apt: fix cloud-init status --wait blocking on systemd v 253 (#4364)
+ integration tests: Pass username to pycloudlib (#4324)
+ Bump pycloudlib to 1!5.1.0 (#4353)
+ cloud.cfg.tmpl: reorganise, minimise/reduce duplication (#4272)
[dermotbradley]
+ analyze: fix (unexpected) timestamp parsing (#4347) [Mina Galić]
+ cc_growpart: fix tests to run on FreeBSD (#4351) [Mina Galić]
+ subp: Fix spurious test failure on FreeBSD (#4355) [Mina Galić]
+ cmd/clean: fix tests on non-Linux platforms (#4352) [Mina Galić]
+ util: Fix get_proc_ppid() on non-Linux systems (#4348) [Mina Galić]
+ cc_wireguard: make tests pass on FreeBSD (#4346) [Mina Galić]
+ unittests: fix breakage in test_read_cfg_paths_fetches_cached_datasource
(#4328) [Ani Sinha]
+ Fix test_tools.py collection (#4315)
+ cc_keyboard: add Alpine support (#4278) [dermotbradley]
+ Flake8 fixes (#4340) [Robert Schweikert]
+ cc_mounts: Fix swapfile not working on btrfs (#4319) [王煎饼] (LP: #1884127)
+ ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen (#4281)
[Wei Zhou]
+ ec2: Support double encoded userdata (#4276) [Noah Meyerhans]
+ cc_mounts: xfs is a Linux only FS (#4334) [Mina Galić]
+ tests/net: fix TestGetInterfaces' mock coverage for get_master (#4336)
[Chris Patterson]
+ change openEuler to openeuler and fix some bugs in openEuler (#4317)
[sxt1001]
+ Replace flake8 with ruff (#4314)
+ NM renderer: set default IPv6 addr-gen-mode for all interfaces to eui64
(#4291) [Ani Sinha]
+ cc_ssh_import_id: add Alpine support and add doas support (#4277)
[dermotbradley]
+ sudoers not idempotent (SC-1589) (#4296) [Alec Warren] (LP: #1998539)
+ Added support for Akamai Connected Cloud (formerly Linode) (#4167)
[Will Smith]
+ Fix reference before assignment (#4292)
+ Overhaul module reference page (#4237) [Sally]
+ replaced spaces with commas for setting passenv (#4269) [Alec Warren]
+ DS VMware: modify a few log level (#4284) [PengpengSun]
+ tools/read-version refactors and unit tests (#4268)
+ Ensure get_features() grabs all features (#4285)
+ Don't always require passlib dependency (#4274)
+ tests: avoid leaks into host system checking of ovs-vsctl cmd (#4275)
+ Fix NoCloud kernel commandline key parsing (#4273)
+ testing: Clear all LRU caches after each test (#4249)
+ Remove the crypt dependency (#2139) [Gonéri Le Bouder]
+ logging: keep current file mode of log file if its stricter than the
new mode (#4250) [Ani Sinha]
+ Remove default membership in redundant groups (#4258)
[Dave Jones] (LP: #1923363)
+ doc: improve datasource_creation.rst (#4262)
+ Remove duplicate Integration testing button (#4261) [Rishita Shaw]
+ tools/read-version: fix the tool so that it can handle version parsing
errors (#4234) [Ani Sinha]
+ net/dhcp: add udhcpc support (#4190) [Jean-François Roche]
+ DS VMware: add i386 arch dir to deployPkg plugin search path
[PengpengSun]
+ LXD moved from linuxcontainers.org to Canonical [Simon Deziel]
+ cc_mounts.py: Add note about issue with creating mounts inside mounts
(#4232) [dermotbradley]
+ lxd: install lxd from snap, not deb if absent in image
+ landscape: use landscape-config to write configuration
+ Add deprecation log during init of DataSourceDigitalOcean (#4194)
[tyb-truth]
+ doc: fix typo on apt.primary.arches (#4238) [Dan Bungert]
+ Inspect systemd state for cloud-init status (#4230)
+ instance-data: add system-info and features to combined-cloud-config
(#4224)
+ systemd: Block login until config stage completes (#2111) (LP: #2013403)
+ tests: proposed should invoke apt-get install -t=<release>-proposed
(#4235)
+ cloud.cfg.tmpl: reinstate ca_certs entry (#4236) [dermotbradley]
+ Remove feature flag override ability (#4228)
+ tests: drop stray unrelated file presence test (#4227)
+ Update LXD URL (#4223) [Sally]
+ schema: add network v1 schema definition and validation functions
+ tests: daily PPA for devel series is version 99.daily update tests to
match (#4225)
+ instance-data: write /run/cloud-init/combined-cloud-config.json
+ mount parse: Fix matching non-existent directories (#4222) [Mina Galić]
+ Specify build-system for pep517 (#4218)
+ Fix network v2 metric rendering (#4220)
+ Migrate content out of FAQ page (SD-1187) (#4205) [Sally]
+ setup: fix generation of init templates (#4209) [Mina Galić]
+ docs: Correct some bootcmd example wording
+ fix changelog
+ tests: reboot client to assert x-shellscript-per-boot is triggered
+ nocloud: parse_cmdline no longer detects nocloud-net datasource (#4204)
(LP: 4203, #2025180)
+ Add docstring and typing to mergemanydict (#4200)
+ BSD: add dsidentify to early startup scripts (#4182) [Mina Galić]
+ handler: report errors on skipped merged cloud-config.txt parts
(LP: #1999952)
+ Add cloud-init summit writeups (#4179) [Sally]
+ tests: Update test_clean_log for oci (#4187)
+ gce: improve ephemeral fallback NIC selection (CPC-2578) (#4163)
+ tests: pin pytest 7.3.1 to avoid adverse testpaths behavior (#4184)
+ Ephemeral Networking for FreeBSD (#2165) [Mina Galić]
+ Clarify directory syntax for nocloud local filesystem. (#4178)
+ Set default renderer as sysconfig for centos/rhel (#4165) [Ani Sinha]
+ Test static routes and netplan 0.106
+ FreeBSD fix parsing of mount and mount options (#2146) [Mina Galić]
+ test: add tracking bug id (#4164)
+ tests: can't match MAC for LXD container veth due to netplan 0.106
(#4162)
+ Add kaiwalyakoparkar as a contributor (#4156) [Kaiwalya Koparkar]
+ BSD: remove datasource_list from cloud.cfg template (#4159) [Mina Galić]
+ launching salt-minion in masterless mode (#4110) [Denis Halturin]
+ tools: fix run-container builds for rockylinux/8 git hash mismatch
(#4161)
+ fix doc lint: spellchecker tripped up (#4160) [Mina Galić]
+ Support Ephemeral Networking for BSD (#2127)
+ Added / fixed support for static routes on OpenBSD and FreeBSD (#2157)
[Kadir Mueller]
+ cc_rsyslog: Refactor for better multi-platform support (#4119)
[Mina Galić] (LP: #1798055)
+ tests: fix test_lp1835584 (#4154)
+ cloud.cfg mod names: docs and rename salt_minion and set_password (#4153)
+ tests: apt support for deb822 format .sources files on mantic
+ vultr: remove check_route check (#2151) [Jonas Chevalier]
+ Update SECURITY.md (#4150) [Indrranil Pawar]
+ Update CONTRIBUTING.rst (#4149) [Indrranil Pawar]
+ Update .github-cla-signers (#4151) [Indrranil Pawar]
+ Standardise module names in cloud.cfg.tmpl to only use underscore
(#4128) [dermotbradley]
+ tests: update test_webhook_reporting
+ Modify PR template so autoclose works
+ doc: add missing semi-colon to nocloud cmdline docs (#4120)
+ .gitignore: extend coverage pattern (#4143) [Mina Galić]
From 23.2.2
+ Fix NoCloud kernel commandline key parsing (#4273) (Fixes: #4271)
(LP: #2028562)
+ Fix reference before assignment (#4292) (Fixes: #4288) (LP: #2028784)
From 23.2.1
+ nocloud: Fix parse_cmdline detection of nocloud-net datasource (#4204)
(Fixes: 4203) (LP: #2025180)
From 23.2
+ BSD: simplify finding MBR partitions by removing duplicate code
[Mina Galić]
+ tests: bump pycloudlib version for mantic builds
+ network-manager: Set higher autoconnect priority for nm keyfiles (#3671)
[Ani Sinha]
+ alpine.py: change the locale file used (#4139) [dermotbradley]
+ cc_ntp: Sync up with current FreeBSD ntp.conf (#4122) [Mina Galić]
+ config: drop refresh_rmc_and_interface as RHEL 7 no longer supported
[Robert Schweikert]
+ docs: Add feedback button to docs
+ net/sysconfig: enable sysconfig renderer if network manager has ifcfg-rh
plugin (#4132) [Ani Sinha]
+ For Alpine use os-release PRETTY_NAME (#4138) [dermotbradley]
+ network_manager: add a method for ipv6 static IP configuration (#4127)
[Ani Sinha]
+ correct misnamed template file host.mariner.tmpl (#4124) [dermotbradley]
+ nm: generate ipv6 stateful dhcp config at par with sysconfig (#4115)
[Ani Sinha]
+ Add templates for GitHub Issues
+ Add 'peers' and 'allow' directives in cc_ntp (#3124) [Jacob Salmela]
+ FreeBSD: Fix user account locking (#4114) [Mina Galić] (GH: #1854594)
+ FreeBSD: add ResizeGrowFS class to cc_growpart (#2334) [Mina Galić]
+ Update tests in Azure TestCanDevBeReformatted class (#2771)
[Ksenija Stanojevic]
+ Replace Launchpad references with GitHub Issues
+ Fix KeyError in iproute pformat (#3287) [Dmitry Zykov]
+ schema: read_cfg_paths call init.fetch to lookup /v/l/c/instance
+ azure/errors: introduce reportable errors for imds (#3647)
[Chris Patterson]
+ FreeBSD (and friends): better identify MBR slices (#2168)
[Mina Galić] (LP: #2016350)
+ azure/errors: add host reporting for dhcp errors (#2167)
[Chris Patterson]
+ net: purge blacklist_drivers across net and azure (#2160)
[Chris Patterson]
+ net: refactor hyper-v VF filtering and apply to get_interfaces() (#2153)
[Chris Patterson]
+ tests: avoid leaks to underlying filesystem for /etc/cloud/clean.d
(#2251)
+ net: refactor find_candidate_nics_on_linux() to use get_interfaces()
(#2159) [Chris Patterson]
+ resolv_conf: Allow > 3 nameservers (#2152) [Major Hayden]
+ Remove mount NTFS error message (#2134) [Ksenija Stanojevic]
+ integration tests: fix image specification parsing (#2166)
+ ci: add hypothesis scheduled GH check (#2149)
+ Move supported distros list to docs (#2162)
+ Fix logger, use instance rather than module function (#2163)
+ README: Point to Github Actions build status (#2158)
+ Revert "fix linux-specific code on bsd (#2143)" (#2161)
+ Do not generate dsa and ed25519 key types when crypto FIPS mode is
enabled (#2142) [Ani Sinha] (LP: 2017761)
+ Add documentation label automatically (#2156)
+ sources/azure: report success to host and introduce kvp module (#2141)
[Chris Patterson]
+ setup.py: use pkg-config for udev/rules path (#2137) [dankm]
+ openstack/static: honor the DNS servers associated with a network
(#2138) [Gonéri Le Bouder]
+ fix linux-specific code on bsd (#2143)
+ cli: schema validation of jinja template user-data (SC-1385) (#2132)
(LP: #1881925)
+ gce: activate network discovery on every boot (#2128)
+ tests: update integration test to assert 640 across reboots (#2145)
+ Make user/vendor data sensitive and remove log permissions (#2144)
(LP: #2013967)
+ Update kernel command line docs (SC-1457) (#2133)
+ docs: update network configuration path links (#2140) [d1r3ct0r]
+ sources/azure: report failures to host via kvp (#2136) [Chris Patterson]
+ net: Document use of `ip route append` to add routes (#2130)
+ dhcp: Add missing mocks (#2135)
+ azure/imds: retry fetching metadata up to 300 seconds (#2121)
[Chris Patterson]
+ [1/2] DHCP: Refactor dhcp client code (#2122)
+ azure/errors: treat traceback_base64 as string (#2131) [Chris Patterson]
+ azure/errors: introduce reportable errors (#2129) [Chris Patterson]
+ users: schema permit empty list to indicate create no users
+ azure: introduce identity module (#2116) [Chris Patterson]
+ Standardize disabling cloud-init on non-systemd (#2112)
+ Update .github-cla-signers (#2126) [Rob Tongue]
+ NoCloud: Use seedfrom protocol to determine mode (#2107)
+ rhel: Remove sysvinit files. (#2114)
+ tox.ini: set -vvvv --showlocals for pytest (#2104) [Chris Patterson]
+ Fix NoCloud kernel commandline semi-colon args
+ run-container: make the container/VM timeout configurable (#2118)
[Paride Legovini]
+ suse: Remove sysvinit files. (#2115)
+ test: Backport assert_call_count for old requests (#2119)
+ Add "licebmi" as contributor (#2113) [Mark Martinez]
+ Adapt DataSourceScaleway to upcoming IPv6 support (#2033)
[Louis Bouchard]
+ rhel: make sure previous-hostname file ends with a new line (#2108)
[Ani Sinha]
+ Adding contributors for DataSourceAkamai (#2110) [acourdavAkamai]
+ Cleanup ephemeral IP routes on exception (#2100) [sxt1001]
+ commit 09a64badfb3f51b1b391fa29be19962381a4bbeb [sxt1001] (LP: #2011291)
+ Standardize kernel commandline user interface (#2093)
+ config/cc_resizefs: fix do_resize arguments (#2106) [Chris Patterson]
+ Fix test_dhclient_exits_with_error (#2105)
+ net/dhcp: catch dhclient failures and raise NoDHCPLeaseError (#2083)
[Chris Patterson]
+ sources/azure: move pps handling out of _poll_imds() (#2075)
[Chris Patterson]
+ tests: bump pycloudlib version (#2102)
+ schema: do not manipulate draft4 metaschema for jsonschema 2.6.0 (#2098)
+ sources/azure/imds: don't count timeout errors as connection errors
(#2074) [Chris Patterson]
+ Fix Python 3.12 unit test failures (#2099)
+ integration tests: Refactor instance checking (#1989)
+ ci: migrate remaining jobs from travis to gh (#2085)
+ missing ending quote in instancedata docs(#2094) [Hong L]
+ refactor: stop passing log instances to cc_* handlers (#2016) [d1r3ct0r]
+ tests/vmware: fix test_no_data_access_method failure (#2092)
[Chris Patterson]
+ Don't change permissions of netrules target (#2076) (LP: #2011783)
+ tests/sources: patch util.get_cmdline() for datasource tests (#2091)
[Chris Patterson]
+ macs: ignore duplicate MAC for devs with driver driver qmi_wwan (#2090)
(LP: #2008888)
+ Fedora: Enable CA handling (#2086) [František Zatloukal]
+ Send dhcp-client-identifier for InfiniBand ports (#2043) [Waleed Mousa]
+ cc_ansible: complete the examples and doc (#2082) [Yves]
+ bddeb: for dev package, derive debhelper-compat from host system
+ apport: only prompt for cloud_name when instance-data.json is absent
+ datasource: Optimize datasource detection, fix bugs (#2060)
+ Handle non existent ca-cert-config situation (#2073) [Shreenidhi Shedi]
+ sources/azure: add networking check for all source PPS (#2061)
[Chris Patterson]
+ do not attempt dns resolution on ip addresses (#2040)
+ chore: fix style tip (#2071)
+ Fix metadata IP in instancedata.rst (#2063) [Brian Haley]
+ util: Pass deprecation schedule in deprecate_call() (#2064)
+ config: Update grub-dpkg docs (#2058)
+ docs: Cosmetic improvements and styling (#2057) [s-makin]
+ cc_grub_dpkg: Added UEFI support (#2029) [Alexander Birkner]
+ tests: Write to /var/spool/rsyslog to adhere to apparmor profile (#2059)
+ oracle-ds: prefer system_cfg over ds network config source (#1998)
(LP: #1956788)
+ Remove dead code (#2038)
+ source: Force OpenStack when it is only option (#2045) (LP: #2008727)
+ cc_ubuntu_advantage: improve UA logs discovery
+ sources/azure: fix regressions in IMDS behavior (#2041) [Chris Patterson]
+ tests: fix test_schema (#2042)
+ dhcp: Cleanup unused kwarg (#2037)
+ sources/vmware/imc: fix-missing-catch-few-negtive-scenarios (#2027)
[PengpengSun]
+ dhclient_hook: remove vestigal dhclient_hook command (#2015)
+ log: Add standardized deprecation tooling (SC-1312) (#2026)
+ Enable SUSE based distros for ca handling (#2036) [Robert Schweikert]
From 23.1.2
+ Make user/vendor data sensitive and remove log permissions
(LP: #2013967) (CVE-2023-1786)
From 23.1.1
+ source: Force OpenStack when it is only option (#2045)
+ sources/azure: fix regressions in IMDS behavior (#2041)
[Chris Patterson]
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Aug 14 12:05:01 UTC 2023 - Robert Schweikert <rjschwei@suse.com> Mon Aug 14 12:05:01 UTC 2023 - Robert Schweikert <rjschwei@suse.com>
@ -224,11 +547,12 @@ Tue Jan 31 19:47:23 UTC 2023 - Robert Schweikert <rjschwei@suse.com>
- Add cloud-init-prefer-nm.patch - Add cloud-init-prefer-nm.patch
+ Prefer NetworkManager of sysconfig when available + Prefer NetworkManager of sysconfig when available
- Remove six dependency (bsc#1198269)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Dec 22 18:10:45 UTC 2022 - Robert Schweikert <rjschwei@suse.com> Thu Dec 22 18:10:45 UTC 2022 - Robert Schweikert <rjschwei@suse.com>
- Update to version 22.4 - Update to version 22.4 (bsc#1201010)
+ Remove patches included upstream: + Remove patches included upstream:
- cloud-init-vmware-test.patch - cloud-init-vmware-test.patch
- cloud-init-sysctl-not-in-bin.patch - cloud-init-sysctl-not-in-bin.patch

View File

@ -18,7 +18,7 @@
%global configver 0.7 %global configver 0.7
Name: cloud-init Name: cloud-init
Version: 23.1 Version: 23.3
Release: 0 Release: 0
License: GPL-3.0 License: GPL-3.0
Summary: Cloud node initialization tool Summary: Cloud node initialization tool
@ -34,21 +34,18 @@ Patch2: cloud-init-break-resolv-symlink.patch
Patch3: cloud-init-sysconf-path.patch Patch3: cloud-init-sysconf-path.patch
# FIXME (lp#1860164) # FIXME (lp#1860164)
Patch4: cloud-init-no-tempnet-oci.patch Patch4: cloud-init-no-tempnet-oci.patch
# FIXME https://github.com/canonical/cloud-init/pull/2036
Patch5: cloud-init-fix-ca-test.patch
# FIXME (lp#1812117) # FIXME (lp#1812117)
Patch6: cloud-init-write-routes.patch Patch6: cloud-init-write-routes.patch
Patch7: cloud-init-cve-2023-1786-redact-instance-data-json-main.patch # FIXME (https://github.com/canonical/cloud-init/issues/4339)
# FIXME https://github.com/canonical/cloud-init/pull/2148 Patch7: cloud-init-keep-flake.patch
Patch8: cloud-init-power-rhel-only.patch Patch8: cloud-init-lint-fixes.patch
# FIXME https://github.com/canonical/cloud-init/pull/4340
Patch9: cloud-init-flake8-fixes.patch
BuildRequires: fdupes BuildRequires: fdupes
BuildRequires: filesystem BuildRequires: filesystem
# pkg-config is needed to find correct systemd unit dir # pkg-config is needed to find correct systemd unit dir
BuildRequires: pkg-config BuildRequires: pkg-config
# needed for /lib/udev # needed for /lib/udev
BuildRequires: pkgconfig(udev) BuildRequires: pkgconfig(udev)
BuildRequires: procps
BuildRequires: python-rpm-macros BuildRequires: python-rpm-macros
BuildRequires: python3-devel BuildRequires: python3-devel
BuildRequires: python3-setuptools BuildRequires: python3-setuptools
@ -62,6 +59,7 @@ BuildRequires: python3-jsonpatch
BuildRequires: python3-jsonschema BuildRequires: python3-jsonschema
BuildRequires: python3-netifaces BuildRequires: python3-netifaces
BuildRequires: python3-oauthlib BuildRequires: python3-oauthlib
BuildRequires: python3-passlib
BuildRequires: python3-pytest BuildRequires: python3-pytest
BuildRequires: python3-pytest-cov BuildRequires: python3-pytest-cov
BuildRequires: python3-pytest-mock BuildRequires: python3-pytest-mock
@ -82,12 +80,14 @@ Requires: growpart
Requires: e2fsprogs Requires: e2fsprogs
Requires: net-tools Requires: net-tools
Requires: openssh Requires: openssh
Requires: procps
Requires: python3-configobj >= 5.0.2 Requires: python3-configobj >= 5.0.2
Requires: python3-Jinja2 Requires: python3-Jinja2
Requires: python3-jsonpatch Requires: python3-jsonpatch
Requires: python3-jsonschema Requires: python3-jsonschema
Requires: python3-netifaces Requires: python3-netifaces
Requires: python3-oauthlib Requires: python3-oauthlib
Requires: python3-passlib
Requires: python3-pyserial Requires: python3-pyserial
Requires: python3-PyYAML Requires: python3-PyYAML
Requires: python3-requests Requires: python3-requests
@ -146,11 +146,9 @@ Documentation and examples for cloud-init tools
%patch2 %patch2
%patch3 %patch3
%patch4 %patch4
%patch5
%patch6 %patch6
%patch7 %patch7
%patch8 %patch8
%patch9
# patch in the full version to version.py # patch in the full version to version.py
version_pys=$(find . -name version.py -type f) version_pys=$(find . -name version.py -type f)
@ -163,7 +161,7 @@ python3 setup.py build
%check %check
make unittest make unittest
make flake8 make lint
%install %install
python3 setup.py install --root=%{buildroot} --prefix=%{_prefix} --install-lib=%{python3_sitelib} --init-system=%{initsys} python3 setup.py install --root=%{buildroot} --prefix=%{_prefix} --install-lib=%{python3_sitelib} --init-system=%{initsys}
@ -194,7 +192,6 @@ sed -i s/suse/sles/ %{buildroot}/%{_sysconfdir}/cloud/cloud.cfg
mkdir -p %{buildroot}/%{_sysconfdir}/rsyslog.d mkdir -p %{buildroot}/%{_sysconfdir}/rsyslog.d
mkdir -p %{buildroot}/usr/lib/udev/rules.d/ mkdir -p %{buildroot}/usr/lib/udev/rules.d/
cp -a %{SOURCE1} %{buildroot}/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf cp -a %{SOURCE1} %{buildroot}/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf
mv %{buildroot}/lib/udev/rules.d/66-azure-ephemeral.rules %{buildroot}/usr/lib/udev/rules.d/
mkdir -p %{buildroot}%{_sbindir} mkdir -p %{buildroot}%{_sbindir}
install -m 755 %{SOURCE2} %{buildroot}%{_sbindir} install -m 755 %{SOURCE2} %{buildroot}%{_sbindir}
@ -226,8 +223,6 @@ rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.ubuntu.*
%{_sysconfdir}/cloud/clean.d/README %{_sysconfdir}/cloud/clean.d/README
%config(noreplace) %{_sysconfdir}/cloud/cloud.cfg.d %config(noreplace) %{_sysconfdir}/cloud/cloud.cfg.d
%config(noreplace) %{_sysconfdir}/cloud/templates %config(noreplace) %{_sysconfdir}/cloud/templates
%{_sysconfdir}/dhcp/dhclient-exit-hooks.d/hook-dhclient
%{_sysconfdir}/NetworkManager/dispatcher.d/hook-network-manager
%{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf %{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf
%{_mandir}/man*/* %{_mandir}/man*/*
%if 0%{?suse_version} && 0%{?suse_version} < 1500 %if 0%{?suse_version} && 0%{?suse_version} < 1500
@ -253,10 +248,6 @@ rm %{buildroot}/%{_sysconfdir}/cloud/templates/*.ubuntu.*
%exclude %{systemd_prefix}/systemd/system/cloud-init-hotplugd.socket %exclude %{systemd_prefix}/systemd/system/cloud-init-hotplugd.socket
%dir %attr(0755, root, root) %{_localstatedir}/lib/cloud %dir %attr(0755, root, root) %{_localstatedir}/lib/cloud
%dir %{docdir} %dir %{docdir}
%dir /etc/NetworkManager
%dir /etc/NetworkManager/dispatcher.d
%dir /etc/dhcp
%dir /etc/dhcp/dhclient-exit-hooks.d
%dir /etc/systemd/system/sshd-keygen@.service.d %dir /etc/systemd/system/sshd-keygen@.service.d