We used to rely on a version key under apt autoinstall section to
specify if we want the old implementation (i.e., a single candidate
primary mirror) or the new implementation (i.e., multiple primary mirror
candidates).
Instead, we now introduce the apt->mirror-selection autoinstall section,
and move the primary section under it.
If the primary section if under apt, we want the old implementation.
If the primary section is under apt->mirror-selection, we want the new
implementation.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Running ssh-import-id as part of the CI has limitations. First it
requires that we have access to the Internet. Second, it is affected by
github and launchpad service disruptions and or rate limiting policies.
Make sure we don't call ssh-import-id as part of the CI. Instead use a
username that is configured to produce fake successful key imports.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
As part of our integrations tests, we import mwhudson's public SSH
key(s) from GitHub. At the moment, however, the GitHub API is rate
limiting the number of queries from our CI.
Upon exceeding the rate limit, our HTTP queries are responded with a 403:
┌────────────────────────────────────────────────────────────────────────┐
│ Importing keys failed: │
│ │
│ 2023-01-08 23:43:40,562 ERROR GitHub REST API rate-limited this IP │
│ address. See https://developer.github.com/v3/#rate-limiting . │
│ status_code=403 user=mwhudson │
└────────────────────────────────────────────────────────────────────────┘
Currently, upon pushing to GitHub, the CI runs the integrations tests
against 4 different Ubuntu images (focal, jammy, kinetic, lunar).
This ends up doing 4 SSH import queries at roughly the same time ; which
often exceeds the rate limit and makes some of the tests fail.
This patch makes integration tests import SSH keys from Launchpad
instead of GitHub. Maybe a better approach would be to mock the calls to
ssh-import-id in the CI instead.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
The list of drivers suggested to the user may vary based on whether we
are installing a server or desktop image / source.
In the current implementation of the drivers controller, the value of
the source variant (e.g., server or desktop) is read early in the
initializer.
This is a problem because it happens before the client gets the
opportunity to tell us if we are installing a server or a desktop image.
If the source variant ever changes, we want to query again the list of
drivers to suggest.
Upon configuring the source, the drivers controller will query (again)
the list of drivers.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
In dry-run mode, the 'magic_attach_run_locally' variable can now be used
to execute uaclient on the host (against the uacontracts environment
specified in /etc/ubuntu-advantage/uaclient.conf) instead of relying on
a mock mechanism.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
The "$source"/var/lib/snapd/seed/systems directory only exists in certain
scenarios related to TPM-backed FDE. When the directory does not exist,
attempting to bind-mount it to /var/lib/snapd/seed/systems crashes the
install with a CalledProcessError.
We now make sure the directory exists before trying to mount it. For
dry-run test cases, we added a configuration item that simulates the
presence (or the non-presence) of the systems directory on the source.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Intended to receive options that affect the setup process.
and won't be written to /etc/wsl.conf
Options relative to that conf file are handled by WslConfBase and
WslConfAdvanced.
Currently only the option for skip installing language packs is
available.
We now invoke curtin install in a step-by-step mode. Before, we would
perform a single invocation of curtin install for the following stages:
* early (but no early_commands configured)
* partitioning
* extract
* curthooks
* hook
* late (but no late_commands configured)
We now run multiple invocations of curtin install, in 5 different steps:
* initial: does not run any stage per se but prepares curtin
for the next invocations (this invocation is not strictly necessary
and could be merged with the next step but having it separate makes
the flow easier to understand, I think)
* partitioning: runs the partitioning stage
* extract: runs the extract stage
* curthooks: runs the curthooks stage
The early and late stages were dropped since they would act as no-ops.
We also dropped the hook stage since it does nothing in Ubuntu.
The configuration files for each step ends up in
/var/log/installer/curtin-install/subiquity-{step_name}.conf
The log files for each step end up in
/var/log/installer/curtin-install/{step_name}.log
If errors occur, a tarball of the necessary logs end up in
/var/log/installer/curtin-install/{step_name}-error.tar
All files (i.e. configuration files, log files, error-files) are bundled
in the apport report in case of crash.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
When executing late commands, we now start by executing run-parts over
the /etc/subiquity/postinst.d directory (by default) if it exists.
A failure in run-parts is not considered critical so any other
late_commands will run no matter what.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
The source autoinstall section now supports the "id" field where the
user can supply the ID of a source, e.g., "ubuntu-server" or
"ubuntu-server-minimal".
If the field is not supplied, the installation will use the source
declared default: true (if any) in the source catalog. Otherwise, it the
first source declared will be used.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Increase size of the disk in the simple machine config to 100 GiB.
This file is used heavily as a basic starting machine config and it
should be large enough for many types of tests.
The response to /ubuntu_pro/check_token now includes information about
the subscription: the name of the contract and the "name" of the account.
Instead of returning the list of services as an optional field, we now
include the list of services in the subscription object. The
subscription object is itself marked optional. This is a backward
incompatible change.
{
"status": "VALID_TOKEN",
"services": [
{
"name": "esm-infra",
"description": "UA Infra: Extended Security Maintenance (ESM)",
"auto_enabled": true
}
]
}
=>
{
"status": "VALID_TOKEN",
"subscription": {
"account_name": "user@domain.com",
"contract_name": "UA Apps - Essential (Virtual)",
"services": [
{
"name": "esm-infra",
"description": "UA Infra: Extended Security Maintenance (ESM)",
"auto_enabled": true
}
]
}
}
If the token is not valid, the subscription object will be null:
{
"status": "EXPIRED_TOKEN",
"subscription": null
}
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Because the storage views lean on the implementation of
setup_password_validation from the identity screen, we were forced to
use a form with fields named "password" and "password_confirm".
This makes the code confusing because we use the "passphrase"
terminology in the storage forms.
We now leave up to the caller to specify which fields he wants to be
part of the validation ; instead of making him provide the full form.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
In addition to verified publishers being indicated by a check-mark, we
now have starred publishers indicated with a circled star.
If unicode support is not available, for instance with serial
connections, we use a different number of stars to represent:
* verified publishers: 2 stars
* starred publishers: 1 star
* others: no star
Because our mechanism to substitute unicode characters with ascii
equivalents expect a 1:1 mapping, we cannot simply replace the circled
start by two stars. To workaround the issue, we added a narrow
non-breakable space.
When support of unicode is available, this character shows up as a
normal space.
When support of unicode is not available, it gets replaced by a star.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Before, we would not run answers for the source controller if only one
source was specified. The controller would automatically get marked
configured.
Since we're adding a new "search drivers" option in this screen, we need
to make it interactive in integration tests now.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
We won't ship systemd officially in 22.04, hence remove it from the UI.
However it's still there and distributed and can be enabled manually.
Co-authored-by: Didier Roche <didrocks@ubuntu.com>
Grow a new API for enabling/disabling systemd experimental support. We
do this by chaining a specific command= in the boot section.
We preserve the user customized command= content when systemd
experimental support is not enabled.
Co-authored-by: Jean-Baptiste Lallement <jean-baptiste@ubuntu.com>