Age | Commit message (Collapse) | Author |
|
Cloud-init caches any cloud metadata crawled during boot in the file
/run/cloud-init/instance-data.json. Cloud-init also standardizes some of
that metadata across all clouds. The command 'cloud-init query' surfaces a
simple CLI to query or format any cached instance metadata so that scripts
or end-users do not have to write tools to crawl metadata themselves.
Since 'cloud-init query' is runnable by non-root users, redact any
sensitive data from instance-data.json and provide a root-readable
unredacted instance-data-sensitive.json. Datasources can now define a
sensitive_metadata_keys tuple which will redact any matching keys
which could contain passwords or credentials from instance-data.json.
Also add the following standardized 'v1' instance-data.json keys:
- user_data: The base64encoded user-data provided at instance launch
- vendor_data: Any vendor_data provided to the instance at launch
- underscore_delimited versions of existing hyphenated keys:
instance_id, local_hostname, availability_zone, cloud_name
|
|
Paramiko version 2.4.0 had a CVE (CVE-2018-7750) against it.
It is not likely particularly worrisome for our integration tests,
but we might as well bump it.
|
|
Simplestreams is moving to git. Use the git repo rather than bzr.
|
|
pylxd upstream provided a fix for the issue we were seeing, so we
can take that fix now rather than having our workarounds to order pip
installs.
The test is that this continues to work:
rm -Rf .tox/citest
tox -c tox.ini --recreate --notest -e citest
|
|
The pylxd project has a setup.py which defines install dependencies.
Those sub-dependendencies include pbr and requests which in turn have
package version conflicts. Since tox doesn't order dependencies installed,
serially install pinned urllib3 at 1.22 which supports both pbr deps and
requests deps of pylxd.
|
|
Integration tests previously had a logic path that was unexercised on
jenkins because we were on an older version of lxc. With an upgrade to lxd
version 3.0 we need to bump pylxd dependency pin and fix a typo in
integration tests which checked the lxd version.
|
|
We want this git hash from master as it pylxd pip packages are not
as frequently published by this project. Master for pylxd is under
active development, so we do want to 'pin' which hash we pull.
|
|
This adds the specific requirements for integration testing to
a single file that can be referenced in other areas. It also enables
the read-dependencies script to install those packages.
|