underscores should be stripped from hostnames generated for apt config

[ubuntu-server-builder]

This bug was originally filed in Launchpad as LP: #1868232

Launchpad details

affected_projects = ['cloud-init (Ubuntu)', 'cloud-init (Ubuntu Focal)']
assignee = oddbloke
assignee_name = Dan Watkins
date_closed = 2020-05-09T03:02:07.675034+00:00
date_created = 2020-03-20T09:04:54.664199+00:00
date_fix_committed = 2020-04-15T21:55:49.862139+00:00
date_fix_released = 2020-05-09T03:02:07.675034+00:00
id = 1868232
importance = high
is_complete = True
lp_url = https://bugs.launchpad.net/cloud-init/+bug/1868232
milestone = None
owner = mthaddon
owner_name = Tom Haddon
private = False
status = fix_released
submitter = mthaddon
submitter_name = Tom Haddon
tags = []
duplicates = []

Launchpad user Tom Haddon(mthaddon) wrote on 2020-03-20T09:04:54.664199+00:00

In a ticket filed in the Ubuntu RT instance we were made aware of an issue where if a cloud is configured with an “” in the region name, cloud-init will generate an apt configuration that also includes that “” in the name.

So for example if the region name is zone_01, apt will be configured to use zone_01.clouds.archive.ubuntu.com.

On Friday March 13th we deployed some new archive servers on 18.04 using Apache 2.4.29-1ubuntu4.13. This version of apache has more strict protocol options than previous versions, per https://httpd.apache.org/docs/2.4/mod/core.html#httpprotocoloptions and the result is that a request to zone_01.clouds.archive.ubuntu.com returns a 400 Bad Request.

Could cloud-init be updated to remove non-permitted characters including “_” per https://tools.ietf.org/html/rfc3986#section-3.2.2 ?

[ubuntu-server-builder]

Launchpad user Dan Watkins(oddbloke) wrote on 2020-03-20T14:33:28.768520+00:00

The current behaviour is that cloud-init will use the patterns defined in /etc/cloud/cloud.cfg:

primary:

• http://%(ec2_region)s.ec2.archive.ubuntu.com/ubuntu/
• http://%(availability_zone)s.clouds.archive.ubuntu.com/ubuntu/
• http://%(region)s.clouds.archive.ubuntu.com/ubuntu/

to determine the mirror to use. In this case, it will be one of the two latter patterns, depending on exactly how the data source in question presents "zone_01". Either way, the problem is the same.

Once this mirror URL is generated, cloud-init tests that it resolves before using it. This is where the problem lies: *.clouds.archive.ubuntu.com will always resolve, but the newly-deployed Apache servers will no longer serve every domain that resolves. Arguably this is a misconfiguration of the archive servers (why resolve something that you can't serve?), but cloud-init should handle this case gracefully regardless.

There are (at least) a couple of ways in which we could address this issue in cloud-init:

(a) rewrite the generated URL (or the variables which we are substituting into the pattern) to only include valid URI characters
(b) modify cloud-init to check that mirrors are accessible via HTTP (rather than simply resolvable)

While both of these would address the immediate issue, only implementing (b) would mean that all instances in such zones would fallback to using archive.ubuntu.com, so I think we should do some form of (a) regardless.

One obvious downside to (b) is that it will introduce an additional HTTP request to each boot on a Debian/Ubuntu host; this could be a concern both from a client boot speed perspective, but perhaps more importantly from a server load perspective. (My gut feel is that the cost in both cases wouldn't be significantly noticeable: most Debian/Ubuntu instances that come up will perform many HTTP requests to the archive hosts, so one additional one isn't likely to be noticed. We should consider this more deeply before we implement this, however.)

(As an aside, we should do some research to confirm that the non-ASCII encoding described in the linked RFC 3986 section won't be affected by our filtering. For example, if we currently rely on the libraries we use to convert non-ASCII hostnames to the defined percent-encoding, then we would regress non-ASCII hostnames by applying a naive filter before we pass the name to those libraries.)

[ubuntu-server-builder]

Launchpad user Dan Watkins(oddbloke) wrote on 2020-03-20T15:51:32.599784+00:00

I've just done some research (by stepping through with a debugger), and socket.getaddrinfo does perform the encoding of non-ASCII characters:

In [7]: socket.getaddrinfo('www.\u2603.com', None)[0][4][0]
Out[7]: '185.53.178.7'

It does so using the 'idna' encoding:

In [2]: "www.☃.com".encode('idna')
Out[2]: b'www.xn--n3h.com'

which (unsurprisingly, given this bug) doesn't do anything to underscores:

In [4]: "www_foo.☃.com".encode('idna')
Out[4]: b'www_foo.xn--n3h.com'

So I believe the correct implementation of (a) would be to encode the URL ourselves, and then drop any invalid characters out. (We should check if there is any stdlib/requests functionality that already does this.)

[ubuntu-server-builder]

Launchpad user Dan Watkins(oddbloke) wrote on 2020-03-23T16:15:04.922236+00:00

The cloud-init team chatted just now and we plan to implement (a), and reach out to the security and archive teams to confirm that they are comfortable with this path forward. I'll reiterate that proposal here for ease of review by those teams:

The Background:

To enable the provisioning of cloud-specific mirrors via only DNS changes, cloud-init configures apt with a .clouds.archive.ubuntu.com archive URL by default when launching Ubuntu instances. The specific "" name comes from the cloud (in slightly different ways depending on the cloud in question, but they all boil down to region/availability zone names). There is a *.clouds.archive.ubuntu.com DNS rule which resolves all of these archive URLs to the archive.ubuntu.com servers (in the absence of specific DNS rules for a region/cloud).

The Problem:

When instances are launched in regions/availability zones containing characters that are invalid in URIs (e.g. zone_01), cloud-init will currently generate and configure apt host names which are invalid URIs (e.g. zone_01.clouds.archive.ubuntu.com). These invalid URIs are now rejected by the archive.ubuntu.com web hosts (which were recently upgraded to bionic and its Apache), which means that new instances launched in these zones are configured with non-functional mirrors (the configured mirrors will return 400 for all requests).

The Proposed Solution:

cloud-init will remove invalid URI characters from the generated hostnames before configuring apt with them. (For example, zone_01.clouds.archive.ubuntu.com would be rewritten to zone01.clouds.archive.ubuntu.com.) Special care will be taken to ensure that IDNA names are not regressed.

[ubuntu-server-builder]

Launchpad user Seth Arnold(seth-arnold) wrote on 2020-03-24T02:58:49.996545+00:00

It would be nice to address the wildcard DNS entries, as those have a potential for abuse, and can be endlessly confusing if you're not prepared for them.

In the meantime though, this plan sounds good to me.

I'm worried about collisions, where multiple providers may use us_west_2, us%west2, uswest~2, etc.

Some phrases read differently if the spacing is removed. The usual examples are powergen_italia and experts_exchange, but perhaps there's more realistic phrases for region names. (This seems quite small problem compared to the overall wildcard DNS entries, though.)

Reversible transformations are usually better but since we're presumably doing this with business partners, the trouble cases may fall under "don't do that" kinds of categories.

Are these actual problems? Probably it's fine but I thought I'd mention them just in case someone else with more context or creativity can make more of them.

Thanks

[ubuntu-server-builder]

Launchpad user Junien Fridrick(axino) wrote on 2020-03-24T08:02:28.839221+00:00

I do wonder about the actual risks of using "HttpProtocolOptions Unsafe" on the archive servers, which are only serving public, static files.

[ubuntu-server-builder]

Launchpad user Dan Watkins(oddbloke) wrote on 2020-03-24T14:10:45+00:00

On Tue, Mar 24, 2020 at 02:58:49AM -0000, Seth Arnold wrote:

It would be nice to address the wildcard DNS entries, as those have a
potential for abuse, and can be endlessly confusing if you're not
prepared for them.

The wildcard DNS entries are required for the system as-designed to
work, I believe. cloud-init will configure region-based mirror names
based only on the metadata available to it in the instance (so if
RandomCloud set up a eu-random-1 region, cloud-init would configure
eu-random-1.clouds.archive.ubuntu.com as the mirror for instances in
that new region). So we need some guarantee that all possible
region-named mirrors will be listened on, hence the wildcard DNS
entries.

(We generate per-region mirrors for, I believe, a couple of reasons.
Firstly, it allows us, or the cloud, to spin up in-region mirrors and
have them used by ~all already-deployed Ubuntu instances just by adding
non-wildcard DNS entries pointing at the new mirrors. And, secondly, it
means that clouds don't have an incentive to DNS-hijack
archive.ubuntu.com if they decide they want to host in-cloud mirrors, so
cloud users will have an easy way around the in-cloud mirrors if they
so desire.)

In the meantime though, this plan sounds good to me.

OK, good!

I'm worried about collisions, where multiple providers may use
us_west_2, us%west2, uswest~2, etc.

To some extent, we do have this problem to solve already, as clouds
could have regions named identically. That said, this certainly does
increase the chance of collision.

Some phrases read differently if the spacing is removed. The usual
examples are powergen_italia and experts_exchange, but perhaps there's
more realistic phrases for region names. (This seems quite small problem
compared to the overall wildcard DNS entries, though.)

Reversible transformations are usually better but since we're presumably
doing this with business partners, the trouble cases may fall under
"don't do that" kinds of categories.

It wouldn't be reversible, but we could convert invalid characters into,
say, "--" which is relatively unlikely to be used in real region
names/URIs. That would at least mean that "useast_1" and "useast1"
wouldn't collapse to the same mirror hostname (although it wouldn't do
anything about useast^1 and useast_1 colliding).

(I wonder if there are URI/hostname length boundaries that we would risk
running into if we replace single characters with anything more than a
single character, though.)

Are these actual problems? Probably it's fine but I thought I'd mention
them just in case someone else with more context or creativity can make
more of them.

The input is certainly welcome!

[ubuntu-server-builder]

Launchpad user Dimitri John Ledkov(xnox) wrote on 2020-03-25T11:02:37.036902+00:00

in punnycode -- is the encoding of -, thus i wouldn't want to use that.

In [36]: "-☃.com".encode('idna')
Out[36]: b'xn----gsx.com'

I wish that idna module would do something sensible, and allow invalid chars to be encoded into xn-* string as unicode codepoints, but nothing seems to do that in python. Maybe time for an RFC update?!

Maybe it is worth talking to the cloud admins about using idna-safe zone names.

Most clouds use '-' for region name separators. We don't need round trip safety, as one can always query the zone name from the cloud-init metadata.

Thus cloud init imho, should be replacing any invalid chars with '-' (slightly better than dropping them, as the string length remains the same)

In terms of applying "HttpProtocolOptions Unsafe" on the cloud-mirror side, we should do this to support all the already launched instances, and those that are getting launched with cloud-init versions that generate unsafe urls, because otherwise those instances do not receive any updates. (I hope i understand the option right, and support strategy)

[ubuntu-server-builder]

Launchpad user Dan Watkins(oddbloke) wrote on 2020-03-25T21:00:12.385015+00:00

in punnycode -- is the encoding of -, thus i wouldn't want to use that.

In [36]: "-☃.com".encode('idna')
Out[36]: b'xn----gsx.com'

This isn't the case; "xn--" is the prefix used to indicate a domain name label is encoded with Punycode. I don't believe Punycode modifies ASCII characters in its input (though it of course does change their position (and order relative to non-ASCII characters)):

In [17]: "-\u3061".encode('idna') == "a\u3061".encode('idna').replace(b'a', b'-')
Out[17]: True

Regardless, I think increasing the length of the string is asking for problems, so I think "--" would a mistake.

Replacing them with "-" also poses a problem: "-" isn't a valid character at the start or end of domain name labels; rewriting "foo_.example.com" to "foo-.example.com" isn't any more valid (and, in fact, as "-"s are explicitly disallowed there, I bet it's actually worse in practical terms as naive implementations may reject the latter but not the former).

I think I'm going to go for "replace non-LDH characters with a single dash, then strip leading/trailing dashes". (It won't be too costly to modify, so if someone has a better idea please let me know.)

[ubuntu-server-builder]

Launchpad user Chad Smith(chad.smith) wrote on 2020-03-26T23:14:26.834061+00:00

+1 on this case. I worry about extending hostnames too as that typically has been a problem in the past at 63 chars disappear quickly.
In reviewing the RFC on hostnames[1] it makes sense to single minus/dash replace non-conforming characters and make sure first and last hostname chars are stripped if '-'.

The only alternative I could think of was replacing a leading or trailing '-' with an arbitrary 0 to avoid collisions with other hostnames that don't start or end with '-' if we strip characters.

[ubuntu-server-builder]

Launchpad user Paul Collins(pjdc) wrote on 2020-04-15T04:45:19.170283+00:00

We've made some changes to the archive.ubuntu.com environment, and now requests to e.g. under_score.clouds.archive.ubuntu.com are directed to a dedicated vhost that has "HTTPProtocolOptions unsafe" enabled.

[ubuntu-server-builder]

Launchpad user Chad Smith(chad.smith) wrote on 2020-05-09T03:02:10.584272+00:00

This bug is believed to be fixed in cloud-init in version 20.2. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

[ubuntu-server-builder]

Launchpad user Launchpad Janitor(janitor) wrote on 2020-05-13T22:38:19.088559+00:00

This bug was fixed in the package cloud-init - 20.2-20-gd10ce3ec-0ubuntu1

---

cloud-init (20.2-20-gd10ce3ec-0ubuntu1) groovy; urgency=medium

• drop the following cherry-picks now included:
  • cpick-6600c642-ec2-render-network-on-all-NICs-and-add-secondary-IPs-as
  • cpick-986f37b0-cloudinit-move-to-pytest-for-running-tests-211
  • cpick-4fb6fd8a-net-ubuntu-focal-prioritize-netplan-over-eni-even-if
  • cpick-04771d75-cc_disk_setup-fix-RuntimeError-270
  • cpick-c5e949c0-distros-tests-test_init-add-tests-for
  • cpick-2566fdbe-net-introduce-is_ip_address-function-288
  • cpick-4f825b3e-cloudinit-refactor-util.is_ipv4-to-net.is_ipv4_address
  • cpick-c478d0bf-distros-replace-invalid-characters-in-mirror-URLs-with
  • cpick-1bbc4908-distros-drop-leading-trailing-hyphens-from-mirror-URL
  • cpick-09fea85f-net-ignore-renderer-key-in-netplan-config-306
  • fix-cpick-4fb6fd8a-net-ubuntu-focal-prioritize-netplan-over-eni.patch
  • cpick-9d7b35ce-cc_mounts-fix-incorrect-format-specifiers-316
  • cpick-0c5c7367-test_mounts-expand-happy-path-test-for-both-happy-paths
• New upstream snapshot.
  • analyze/dump: refactor shared string into variable (analyze/dump: refactor shared string into variable #350)
  • doc: update boot.rst with correct timing of runcmd (doc: update boot.rst with correct timing of runcmd #351)
  • HACKING.rst: change contact info to Rick Harding (HACKING.rst: change contact info to Rick Harding #359) [lucasmoura]
  • HACKING.rst: guide people to add themselves to the CLA file (HACKING.rst: guide people to add themselves to the CLA file #349)
  • HACKING.rst: more unit testing documentation (HACKING.rst: more unit testing documentation #354)
  • .travis.yml: don't run lintian during integration test package builds
    (.travis.yml: don't run lintian during integration test package builds #352)
  • Add test to ensure docs examples are valid cloud-init configs (Add test to ensure docs examples are valid cloud-init configs #355)
    [James Falcon] (LP: #1876414)
  • make suse and sles support 127.0.1.1 (make suse and sles support 127.0.1.1 #336) [chengcheng-chcheng]
  • Create tests to validate schema examples (Create tests to validate schema examples #348)
    [lucasmoura] (LP: #1876412)
  • analyze/dump: add support for Amazon Linux 2 log lines (analyze/dump: add support for Amazon Linux 2 log lines #346)
    (LP: #1876323)
  • bsd: upgrade support (BSD: upgrade support #305) [Gonéri Le Bouder]
  • Add lucasmoura as contributor (Add lucasmoura as contributor #345) [lucasmoura]
  • Add "therealfalcon" as contributor (Add "TheRealFalcon" as contributor #344) [James Falcon]
  • Adapt the package building scripts to use Python 3 (Adapt the package building scripts to use Python 3 #231)
    [Paride Legovini]
  • DataSourceEc2: use metadata's NIC ordering to determine route-metrics
    (DataSourceEc2: use metadata's NIC ordering to determine route-metrics #342) (LP: #1876312)
  • .travis.yml: introduce caching (.travis.yml: introduce caching #329)
  • cc_locale: introduce schema (cc_locale: introduce schema #335)
  • doc/rtd/conf.py: bump copyright year to 2020 (doc/rtd/conf.py: bump copyright year to 2020 #341)
  • yum_add_repo: Add Centos to the supported distro list (yum_add_repo: Add Centos to the supported distro list #340)
  • Release 20.2 (Release 20.2 #337) (LP: #1875951)
  • doc/format: reference make-mime.py instead of an inline script (doc/format: reference make-mime.py instead of an inline script #334)
  • Add docs about creating parent folders ([Docs] Clarify that write_files creates parent folders #330) [Adrian Wilkins]
  • DataSourceNoCloud/OVF: drop claim to support FTP (DataSourceNoCloud/OVF: drop claim to support FTP #333) (LP: #1875470)
  • schema: ignore spurious pylint error (schema: ignore spurious pylint error #332)
  • schema: add json schema for write_files module (schema: add json schema for write_files module #152)
  • BSD: find_devs_with_ refactoring (BSD: find_devs_with_ refactoring #298) [Gonéri Le Bouder]
  • nocloud: drop work around for Linux 2.6 (nocloud: drop work around for Linux 2.6 #324) [Gonéri Le Bouder]
  • cloudinit: drop dependencies on unittest2 and contextlib2 (cloudinit: drop dependencies on unittest2 and contextlib2 #322)
  • distros: handle a potential mirror filtering error case (distros: handle a potential mirror filtering error case #328)
  • log: remove unnecessary import fallback logic (log: remove unnecessary import fallback logic #327)
  • .travis.yml: don't run integration test on ubuntu/* branches (.travis.yml: don't run integration test on ubuntu/* branches #321)
  • More unit test documentation (More unit test documentation #314)
  • conftest: introduce disable_subp_usage autouse fixture (conftest: introduce disable_subp_usage autouse fixture #304)
  • YAML align indent sizes for docs readability (YAML align indent sizes for docs readability  #323) [Tak Nishigori]
  • network_state: add missing space to log message (network_state: add missing space to log message #325)
  • tests: add missing mocks for get_interfaces_by_mac (tests: add missing mocks for get_interfaces_by_mac #326) (LP: #1873910)
  • test_mounts: expand happy path test for both happy paths (test_mounts: expand happy path test for both happy paths #319)
  • cc_mounts: fix incorrect format specifiers (cc_mounts: fix incorrect format specifiers #316) (LP: #1872836)
  • swap file "size" being used before checked if str (swap file "size" being used before checked if str #315) [Eduardo Otubo]
  • HACKING.rst: add pytest version gotchas section (HACKING.rst: add pytest version gotchas section #311)
  • docs: Add steps to re-run cloud-id and cloud-init (docs: Add steps to re-run cloud-id and cloud-init #313) [Joshua Powers]
  • readme: OpenBSD is now supported (readme: OpenBSD is now supported #309) [Gonéri Le Bouder]
  • net: ignore 'renderer' key in netplan config (net: ignore 'renderer' key in netplan config #306) (LP: #1870421)
  • Add support for NFS/EFS mounts (Add support for NFS/EFS mounts #300) [Andrew Beresford] (LP: #1870370)
  • openbsd: set_passwd should not unlock user (openbsd: set_passwd should not unlock user #289) [Gonéri Le Bouder]
  • tools/.github-cla-signers: add beezly as CLA signer (tools/.github-cla-signers: add beezly as CLA signer #301)
  • util: remove unnecessary lru_cache import fallback (util: remove unnecessary lru_cache import fallback #299)
  • HACKING.rst: reorganise/update CLA signature info (HACKING.rst: reorganise/update CLA signature info #297)
  • distros: drop leading/trailing hyphens from mirror URL labels (distros: drop leading/trailing hyphens from mirror URL labels #296)
  • HACKING.rst: add note about variable annotations (HACKING.rst: add note about variable annotations #295)
  • CiTestCase: stop using and remove sys_exit helper (CiTestCase: stop using and remove sys_exit helper #283)
  • distros: replace invalid characters in mirror URLs with hyphens (distros: replace invalid characters in mirror URLs with hyphens #291)
    (LP: #1868232)
  • rbxcloud: gracefully handle arping errors (rbxcloud: gracefully handle arping errors #262) [Adam Dobrawy]
  • Fix cloud-init ignoring some misdeclared mimetypes in user-data.
    [Kurt Garloff]
  • net: ubuntu focal prioritize netplan over eni even if both present
    (net: ubuntu focal prioritize netplan over eni even if both present #267) (LP: #1867029)
  • cloudinit: refactor util.is_ipv4 to net.is_ipv4_address (cloudinit: refactor util.is_ipv4 to net.is_ipv4_address #292)
  • net/cmdline: replace type comments with annotations (net/cmdline: replace type comments with annotations #294)
  • HACKING.rst: add Type Annotations design section (HACKING.rst: add Type Annotations design section #293)
  • net: introduce is_ip_address function (net: introduce is_ip_address function #288)
  • CiTestCase: remove now-unneeded parse_and_read helper method (CiTestCase: remove now-unneeded parse_and_read helper method #286)
  • .travis.yml: allow 30 minutes of inactivity in cloud tests (.travis.yml: allow 30 minutes of inactivity in cloud tests #287)
  • sources/tests/test_init: drop use of deprecated inspect.getargspec (sources/tests/test_init: drop use of deprecated inspect.getargspec #285)
  • setup.py: drop NIH check_output implementation (setup.py: drop NIH check_output implementation #282)
  • Identify SAP Converged Cloud as OpenStack [Silvio Knizek]
  • add Openbsd support (add Openbsd support #147) [Gonéri Le Bouder]
  • HACKING.rst: add examples of the two test class types (HACKING.rst: add examples of the two test class types #278)
  • VMWware: support to update guest info gc status if enabled (VMWware: support to update guest info gc status if enabled #261)
    [xiaofengw-vmware]
  • Add lp-to-git mapping for kgarloff (Add lp-to-git mapping for kgarloff #279)
  • set_passwords: avoid chpasswd on BSD (set_passwords: avoid chpasswd on BSD #268) [Gonéri Le Bouder]
  • HACKING.rst: add Unit Testing design section (HACKING.rst: add Unit Testing design section #277)
  • util: read_cc_from_cmdline handle urlencoded yaml content (util: read_cc_from_cmdline handle urlencoded yaml content #275)
  • distros/tests/test_init: add tests for _get_package_mirror_info (distros/tests/test_init: add tests for _get_package_mirror_info #272)
  • HACKING.rst: add links to new Code Review Process doc (HACKING.rst: add links to new Code Review Process doc #276)
  • freebsd: ensure package update works (freebsd: ensure package update works #273) [Gonéri Le Bouder]
  • doc: introduce Code Review Process documentation (doc: introduce Code Review Process documentation #160)
  • tools: use python3 (tools: use python3 #274)
  • cc_disk_setup: fix RuntimeError (cc_disk_setup: fix RuntimeError #270) (LP: #1868327)
  • cc_apt_configure/util: combine search_for_mirror implementations (cc_apt_configure/util: combine search_for_mirror implementations #271)
  • bsd: boottime does not depend on the libc soname (bsd: boottime does not depend on the libc soname #269)
    [Gonéri Le Bouder]
  • test_oracle,DataSourceOracle: sort imports (test_oracle,DataSourceOracle: sort imports #266)
  • DataSourceOracle: update .network_config docstring (DataSourceOracle: update .network_config docstring #257)
  • cloudinit/tests: remove unneeded with_logs configuration (cloudinit/tests: remove unneeded with_logs configuration #263)
  • .travis.yml: drop stale comment (.travis.yml: drop stale comment #255)
  • .gitignore: add more common directories (.gitignore: add more common directories #258)
  • ec2: render network on all NICs and add secondary IPs as static (ec2: render network on all NICs and add secondary IPs as static #114)
    (LP: #1866930)
  • ec2 json validation: fix the reference to the 'merged_cfg' key (ec2 json validation: fix the reference to the 'merged_cfg' key #256)
    [Paride Legovini]
  • releases.yaml: quote the Ubuntu version numbers (releases.yaml: quote the Ubuntu version numbers #254) [Paride Legovini]
  • cloudinit: remove six from packaging/tooling (cloudinit: remove six from packaging/tooling #253)
  • util/netbsd: drop six usage (util/netbsd: drop six usage #252)
  • workflows: introduce stale pull request workflow (workflows: introduce stale pull request workflow #125)
  • cc_resolv_conf: introduce tests and stabilise output across Python
    versions (cc_resolv_conf: introduce tests and stabilise output across Python versions #251)
  • fix minor issue with resolv_conf template (fix minor issue with resolv_conf template #144) [andreaf74]
  • doc: CloudInit also support NetBSD (doc: CloudInit also support NetBSD #250) [Gonéri Le Bouder]
  • Add Netbsd support (Add Netbsd support #62) [Gonéri Le Bouder]
  • tox.ini: avoid substition syntax that causes a traceback on xenial (tox.ini: avoid substition syntax that causes a traceback on xenial #245)
  • Add pub_key_ed25519 to cc_phone_home (Add pub_key_ed25519 to cc_phone_home #237) [Daniel Hensby]
  • Introduce and use of a list of GitHub usernames that have signed CLA
    (Introduce and use of a list of GitHub usernames that have signed CLA #244)
  • workflows/cla.yml: use correct username for CLA check (workflows/cla.yml: use correct username for CLA check #243)
  • tox.ini: use xenial version of jsonpatch in CI (tox.ini: use xenial version of jsonpatch in CI #242)
  • workflows: CLA validation altered to fail status on pull_request (workflows: adjust to status_check on pull_request as github actions can't label during CI #164)
  • tox.ini: bump pyflakes version to 2.1.1 (tox.ini: bump pyflakes version to 2.1.1 #239)
  • cloudinit: move to pytest for running tests (cloudinit: move to pytest for running tests #211)

-- Chad Smith chad.smith@canonical.com Mon, 11 May 2020 20:17:06 -0600

[ubuntu-server-builder]

Launchpad user Seth Arnold(seth-arnold) wrote on 2020-05-20T23:50:28.112617+00:00

I believe this is fixed via c478d0b

I read through this patch and liked what I saw, thanks.