(mirror of https://github.com/vyos/vyos-cloud-init.git) https://git.amelek.net/vyos/vyos-cloud-init.git/atom?h=crux 2018-12-03T22:07:59+00:00 2018-12-03T22:07:59+00:00 Scott Moser smoser@ubuntu.com 2018-12-03T22:07:59+00:00 urn:sha1:230e67ebd489c0d895243a2fc66ca95af2cea13b I noticed a bug in dhclient_hook on the 'down' event, using 'is' operator rather than '==' (if self.net_action is 'down'). This refactors/simplifies the code a bit for easier testing and adds tests. The reason for the rename of 'action' to 'event' is to just be internally consistent. The word and Namespace 'action' is used by cloud-init main, so it was not really usable here. Also adds a main which can easily be debugged with: CI_DHCP_HOOK_DATA_D=./my.d python -m cloudinit.dhclient_hook up eth0 2018-12-03T18:43:21+00:00 Ryan Harper ryan.harper@canonical.com 2018-12-03T18:43:21+00:00 urn:sha1:cb44ad6f42ac015d7d8eaf2ab0bb5ab125ed04b6 Move routes under the nic's subnet rather than use top-level ("global") route config ensuring all net renderers will provide the configured route. Also updated cloudinit/cmd/devel/net_convert.py:  - Add input type 'vmware-imc' for OVF customization config files  - Fix bug when output-type was netplan which invoked netplan   generate/apply and attempted to write to   /etc/netplan/50-cloud-init.yaml instead of joining with the   output directory. LP: #1806103 2018-11-27T02:09:29+00:00 Chad Smith chad.smith@canonical.com 2018-11-27T02:09:29+00:00 urn:sha1:e9d57b80c51a9952d7efa27da3ce469cbdf414b1 Since /run/cloud-init/instance-data-sensitive.json is root read-only, ignore this file if non-root user runs collect-logs. If --include-userdata is provided on the command line, exit in error if non-root user attempts this operation. Lastly, update the __main__ to exit based on return value of main. LP: #1805201 2018-10-30T20:02:38+00:00 Chad Smith chad.smith@canonical.com 2018-10-30T20:02:38+00:00 urn:sha1:d74d3f0ff5c8d453f626b113f4e6065322f822fa Emit a permissions error instead of "Missing instance-data.json" when non-root user doesn't have read-permission on /run/cloud-init/instance-data.json 2018-10-26T03:49:57+00:00 Chad Smith chad.smith@canonical.com 2018-10-26T03:49:57+00:00 urn:sha1:dc0be9c56f78537f1808934d26f5aa0868ae7842 On cloud-init upgrade path from 18.3 to 18.4 cloud-init changed how instance-data is written. Cloud-init changes instance-data.json from root read-only to redacted world-readable content, and provided a separate unredacted instance-data-sensitive.json which is read-only root. Since instance-data is only rewritten from cache on reboot, the query and render tools needed fallback to use the 'old' instance-data.json if the new sensitive file isn't yet present. This avoids error messages from tools about an absebt /run/instance-data-sensitive.json file. LP: #1798189 2018-10-09T22:19:20+00:00 Chad Smith chad.smith@canonical.com 2018-10-09T22:19:20+00:00 urn:sha1:6ee8a2c557ccdc8be54bcf8a8762800c10f3ef49 Add a quick cloud lookup utility in order to more easily determine the cloud on which an instance is running. The utility parses standardized attributes from /run/cloud-init/instance-data.json to print the canonical cloud-id for the instance. It uses known region maps if necessary to determine on which specific cloud the instance is running. Examples: aws, aws-gov, aws-china, rackspace, azure-china, lxd, openstack, unknown 2018-09-25T21:59:16+00:00 Chad Smith chad.smith@canonical.com 2018-09-25T21:59:16+00:00 urn:sha1:fc4b966ba928b30b1c586407e752e0b51b1031e8 Cloud-init caches any cloud metadata crawled during boot in the file /run/cloud-init/instance-data.json. Cloud-init also standardizes some of that metadata across all clouds. The command 'cloud-init query' surfaces a simple CLI to query or format any cached instance metadata so that scripts or end-users do not have to write tools to crawl metadata themselves. Since 'cloud-init query' is runnable by non-root users, redact any sensitive data from instance-data.json and provide a root-readable unredacted instance-data-sensitive.json. Datasources can now define a sensitive_metadata_keys tuple which will redact any matching keys which could contain passwords or credentials from instance-data.json. Also add the following standardized 'v1' instance-data.json keys:   - user_data: The base64encoded user-data provided at instance launch   - vendor_data: Any vendor_data provided to the instance at launch   - underscore_delimited versions of existing hyphenated keys:     instance_id, local_hostname, availability_zone, cloud_name 2018-09-17T13:07:39+00:00 Robert Schweikert rjschwei@suse.com 2018-09-17T13:07:39+00:00 urn:sha1:c714651c1988a17f457426de63cdb8514d5a81b4 If the user has removed the default configuration file or does not set the syslog_fix_perms config option the user still ends up with a warning on SUSE distributions. Add root:root to the default builtin config. 2018-09-11T17:31:46+00:00 Chad Smith chad.smith@canonical.com 2018-09-11T17:31:46+00:00 urn:sha1:c7555762f3a30190ce7726b4d013bc3e83c7e4b6 Allow users to provide '## template: jinja' as the first line or their #cloud-config or custom script user-data parts. When this header exists, the cloud-config or script will be rendered as a jinja template. All instance metadata keys and values present in /run/cloud-init/instance-data.json will be available as jinja variables for the template. This means any cloud-config module or script can reference any standardized instance data in templates and scripts. Additionally, any standardized instance-data.json keys scoped below a '<v#>' key will be promoted as a top-level key for ease of reference in templates. This means that '{{ local_hostname }}' is the same as using the latest '{{ v#.local_hostname }}'. Since instance-data is written to /run/cloud-init/instance-data.json, make sure it is persisted across reboots when the cached datasource opject is reloaded. LP: #1791781 2018-09-05T16:02:25+00:00 Scott Moser smoser@ubuntu.com 2018-09-05T16:02:25+00:00 urn:sha1:a8dcad9ac62bb1d2a4f7489960395bad6cac9382 In many cases, cloud-init uses 'util.subp' to run a subprocess. This is not really desirable in our unit tests as it makes the tests dependent upon existance of those utilities. The change here is to modify the base test case class (CiTestCase) to raise exception any time subp is called. Then, fix all callers. For cases where subp is necessary or actually desired, we can use it via   a.) context hander CiTestCase.allow_subp(value)   b.) class level self.allowed_subp = value Both cases the value is a list of acceptable executable names that will be called (essentially argv[0]). Some cleanups in AltCloud were done as the code was being updated.