diff --git a/README.md b/README.md index f09c4d4b9a..b9c90d8551 100644 --- a/README.md +++ b/README.md @@ -193,7 +193,6 @@ Current jobs being checked and executed are: | --- | ----------- | -------- | | update_messaging | Update MOTD and APT messages | 6 hours | | update_status | Update UA status | 12 hours | -| gcp_auto_attach | Try to auto-attach on a GCP instance | 5 minutes | - The `update_messaging` job makes sure that the MOTD and APT messages match the available/enabled services on the system, showing information about available @@ -201,10 +200,6 @@ packages or security updates. See [MOTD messages](#motd-messages). - The `update_status` job makes sure the `ua status` command will have the latest information even when executed by a non-root user, updating the `/var/lib/ubuntu-advantage/status.json` file. -- The `gcp_auto_attach` job is only operable on Google Cloud Platform (GCP) generic -Ubuntu VMs without an active Ubuntu Advantage license. It polls GCP metadata every 5 -minutes to discover if a license has been attached to the VM through Google Cloud and -will perform `ua auto-attach` in that case. The timer intervals can be changed using the `ua config set` command. ```bash diff --git a/debian/rules b/debian/rules index 67d155e16b..98e9485427 100755 --- a/debian/rules +++ b/debian/rules @@ -56,14 +56,10 @@ override_dh_systemd_enable: dh_systemd_enable -pubuntu-advantage-tools ua-reboot-cmds.service dh_systemd_enable -pubuntu-advantage-tools ua-timer.timer dh_systemd_enable -pubuntu-advantage-tools ua-timer.service - dh_systemd_enable -pubuntu-advantage-tools ua-license-check.timer - dh_systemd_enable -pubuntu-advantage-tools ua-license-check.service - dh_systemd_enable -pubuntu-advantage-tools ua-license-check.path dh_systemd_enable -pubuntu-advantage-tools ubuntu-advantage.service override_dh_systemd_start: dh_systemd_start -pubuntu-advantage-tools ua-timer.timer - dh_systemd_start -pubuntu-advantage-tools ua-license-check.path dh_systemd_start -pubuntu-advantage-tools ubuntu-advantage.service override_dh_auto_install: diff --git a/debian/ubuntu-advantage-tools.postinst b/debian/ubuntu-advantage-tools.postinst index fcfdd0c0cd..c9cdbf8fa1 100644 --- a/debian/ubuntu-advantage-tools.postinst +++ b/debian/ubuntu-advantage-tools.postinst @@ -35,6 +35,8 @@ OLD_CLIENT_FIPS_PPA="private-ppa.launchpad.net/ubuntu-advantage/fips/ubuntu" UA_TIMER_NAME="ua-timer.timer" OLD_MESSAGING_TIMER="ua-messaging.timer" OLD_MESSAGING_TIMER_MASKED_LOCATION="/etc/systemd/system/timers.target.wants/$OLD_MESSAGING_TIMER" +OLD_LICENSE_CHECK_PATH="ua-license-check.path" +OLD_LICENSE_CHECK_PATH_MASKED_LOCATION="/etc/systemd/system/multi-user.target.wants/$OLD_LICENSE_CHECK_PATH" ESM_APT_PREF_FILE_TRUSTY="$APT_PREFERENCES_DIR/ubuntu-esm-trusty" ESM_INFRA_OLD_APT_PREF_FILE_TRUSTY="$APT_PREFERENCES_DIR/ubuntu-esm-infra-trusty" @@ -49,7 +51,7 @@ SYSTEMD_HELPER_ENABLED_AUTO_ATTACH_DSH="/var/lib/systemd/deb-systemd-helper-enab SYSTEMD_HELPER_ENABLED_WANTS_LINK="/var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/ua-auto-attach.service" REBOOT_CMD_MARKER_FILE="/var/lib/ubuntu-advantage/marker-reboot-cmds-required" -LICENSE_CHECK_MARKER_FILE="/var/lib/ubuntu-advantage/marker-license-check" +OLD_LICENSE_CHECK_MARKER_FILE="/var/lib/ubuntu-advantage/marker-license-check" MACHINE_TOKEN_FILE="/var/lib/ubuntu-advantage/private/machine-token.json" @@ -308,14 +310,9 @@ notify_wrong_fips_metapackage_on_cloud() { fi } -enable_periodic_license_check() { - cloud_id=$(cloud-id 2>/dev/null) || cloud_id="" - if echo "$cloud_id" | grep -q "^gce"; then - if check_is_lts "${UBUNTU_CODENAME}"; then - if [ ! -f $MACHINE_TOKEN_FILE ]; then - touch $LICENSE_CHECK_MARKER_FILE - fi - fi +rm_old_license_check_marker() { + if [ -f $OLD_LICENSE_CHECK_MARKER_FILE ]; then + rm -f $OLD_LICENSE_CHECK_MARKER_FILE fi } @@ -355,10 +352,24 @@ remove_old_systemd_timers() { # Since we actually want to remove this service from now on # we have replicated that behavior here if [ -L $OLD_MESSAGING_TIMER_MASKED_LOCATION ]; then - if [ -x "/usr/bin/deb-systemd-helper" ]; then - deb-systemd-helper purge ua-messaging.timer > /dev/null || true - deb-systemd-helper unmask ua-messaging.timer > /dev/null || true + deb-systemd-helper purge ua-messaging.timer > /dev/null || true + deb-systemd-helper unmask ua-messaging.timer > /dev/null || true + fi + if [ -L $OLD_LICENSE_CHECK_PATH_MASKED_LOCATION ]; then + if [ -d /run/systemd/system ]; then + # If the old ua-license-check.timer was running during upgrade + # then it will be in a failed state because the files were removed + # The failed state is ephemeral and only needs to be cleared if + # it is there so that the system doesn't say it is degraded. + # If the old timer was not running, then this is a noop. + systemctl --system daemon-reload > /dev/null || true + systemctl reset-failed ua-license-check.timer > /dev/null 2>&1 || true + # In rare race-condition scenarios, the service can also get into + # the same failed state. + systemctl reset-failed ua-license-check.service > /dev/null 2>&1 || true fi + deb-systemd-helper purge ua-license-check.path > /dev/null || true + deb-systemd-helper unmask ua-license-check.path > /dev/null || true fi } @@ -444,7 +455,7 @@ case "$1" in fi fi mark_reboot_for_fips_pro - enable_periodic_license_check + rm_old_license_check_marker disable_new_timer_if_old_timer_already_disabled $PREVIOUS_PKG_VER remove_old_systemd_timers ;; diff --git a/features/attached_commands.feature b/features/attached_commands.feature index 060fb785a9..9e893805ba 100644 --- a/features/attached_commands.feature +++ b/features/attached_commands.feature @@ -855,9 +855,6 @@ Feature: Command behaviour when attached to an UA subscription ua-auto-attach.path.txt(-error)? ua-auto-attach.service.txt(-error)? uaclient.conf - ua-license-check.path.txt - ua-license-check.service.txt - ua-license-check.timer.txt ua-reboot-cmds.service.txt ua-status.json ua-timer.service.txt diff --git a/features/license_check.feature b/features/license_check.feature deleted file mode 100644 index f77ea13756..0000000000 --- a/features/license_check.feature +++ /dev/null @@ -1,122 +0,0 @@ -Feature: License check timer only runs in environments where necessary - - @series.lts - @uses.config.contract_token - @uses.config.machine_type.gcp.generic - Scenario Outline: license_check job should run periodically on gcp generic lts - Given a `` machine with ubuntu-advantage-tools installed - # verify its enabled - Then I verify the `ua-license-check` systemd timer is scheduled to run within `10` minutes - # run it and verify that it didn't disable itself - When I run `systemctl start ua-license-check.service` with sudo - When I wait `5` seconds - Then I verify the `ua-license-check` systemd timer is scheduled to run within `10` minutes - # verify attach disables it - When I wait `5` seconds - When I attach `contract_token` with sudo - Then I verify the `ua-license-check` systemd timer is disabled - # verify detach enables it - When I run `ua detach --assume-yes` with sudo - And I wait `5` seconds - Then I verify the `ua-license-check` systemd timer is scheduled to run within `10` minutes - # verify stopping and deleting marker file and stopping disables it - # We need to call stop both before and after rm-ing the marker file - # because at least one version of systemd requires it before (245.4-4ubuntu3.11 - # on focal gcp), and every other tested version of systemd requires it after - # But this is only necessary when manually running the steps or in this test. - # `disable_license_checks_if_applicable` works fine with only calling stop after, - # as evidenced by the "verify attach disables it" steps above passing on focal gcp. - When I run `systemctl stop ua-license-check.timer` with sudo - When I run `rm /var/lib/ubuntu-advantage/marker-license-check` with sudo - When I run `systemctl stop ua-license-check.timer` with sudo - Then I verify the `ua-license-check` systemd timer is disabled - # verify creating marker file enables it - When I run `touch /var/lib/ubuntu-advantage/marker-license-check` with sudo - Then I verify the `ua-license-check` systemd timer is scheduled to run within `10` minutes - Examples: version - | release | - | xenial | - | bionic | - | focal | - - @series.impish - @uses.config.contract_token - @uses.config.machine_type.gcp.generic - Scenario Outline: license_check is disabled gcp generic non lts - Given a `` machine with ubuntu-advantage-tools installed - Then I verify the `ua-license-check` systemd timer is disabled - # verify creating marker file enables it, but it disables itself - When I run `touch /var/lib/ubuntu-advantage/marker-license-check` with sudo - Then I verify the `ua-license-check` systemd timer either ran within the past `5` seconds OR is scheduled to run within `10` minutes - When I run `systemctl start ua-license-check.service` with sudo - When I wait `5` seconds - Then I verify the `ua-license-check` systemd timer is disabled - # verify attach and detach does not enable it - When I wait `5` seconds - When I attach `contract_token` with sudo - When I run `ua detach --assume-yes` with sudo - When I wait `5` seconds - Then I verify the `ua-license-check` systemd timer is disabled - Examples: version - | release | - | impish | - - @series.all - @uses.config.contract_token - @uses.config.machine_type.lxd.container - @uses.config.machine_type.lxd.vm - @uses.config.machine_type.aws.generic - @uses.config.machine_type.azure.generic - Scenario Outline: license_check is disabled everywhere but gcp generic - Given a `` machine with ubuntu-advantage-tools installed - Then I verify the `ua-license-check` systemd timer is disabled - When I reboot the `` machine - Then I verify the `ua-license-check` systemd timer is disabled - # verify creating marker file enables it, but it disables itself - When I run `touch /var/lib/ubuntu-advantage/marker-license-check` with sudo - Then I verify the `ua-license-check` systemd timer either ran within the past `5` seconds OR is scheduled to run within `10` minutes - When I run `systemctl start ua-license-check.service` with sudo - When I wait `5` seconds - And I verify that running `grep "Disabling gcp_auto_attach job" /var/log/ubuntu-advantage-license-check.log` `with sudo` exits `0` - And I verify that running `grep "Disabling gcp_auto_attach job" /var/log/ubuntu-advantage.log` `with sudo` exits `1` - Then I verify the `ua-license-check` systemd timer is disabled - # verify attach and detach does not enable it - When I wait `5` seconds - When I attach `contract_token` with sudo - When I run `ua detach --assume-yes` with sudo - When I wait `5` seconds - Then I verify the `ua-license-check` systemd timer is disabled - Examples: version - | release | - | xenial | - | bionic | - | focal | - | impish | - | jammy | - - @series.lts - @uses.config.machine_type.aws.pro - @uses.config.machine_type.azure.pro - @uses.config.machine_type.gcp.pro - Scenario Outline: license_check is disabled everywhere but gcp generic - Given a `` machine with ubuntu-advantage-tools installed - When I create the file `/etc/ubuntu-advantage/uaclient.conf` with the following: - """ - contract_url: 'https://contracts.canonical.com' - data_dir: /var/lib/ubuntu-advantage - log_level: debug - log_file: /var/log/ubuntu-advantage.log - """ - When I run `ua auto-attach` with sudo - Then I verify the `ua-license-check` systemd timer is disabled - # verify creating marker file enables it, but it disables itself - When I run `touch /var/lib/ubuntu-advantage/marker-license-check` with sudo - Then I verify the `ua-license-check` systemd timer either ran within the past `5` seconds OR is scheduled to run within `10` minutes - When I run `systemctl start ua-license-check.service` with sudo - When I wait `5` seconds - Then I verify the `ua-license-check` systemd timer is disabled - Examples: version - | release | - | xenial | - | bionic | - | focal | diff --git a/features/unattached_commands.feature b/features/unattached_commands.feature index e3d1fb31d0..a26bf7bcd2 100644 --- a/features/unattached_commands.feature +++ b/features/unattached_commands.feature @@ -512,9 +512,6 @@ Feature: Command behaviour when unattached ua-auto-attach.path.txt-error ua-auto-attach.service.txt-error uaclient.conf - ua-license-check.path.txt - ua-license-check.service.txt - ua-license-check.timer.txt ua-reboot-cmds.service.txt ua-status.json ua-timer.service.txt diff --git a/lib/license_check.py b/lib/license_check.py deleted file mode 100644 index d2dfb8f2aa..0000000000 --- a/lib/license_check.py +++ /dev/null @@ -1,28 +0,0 @@ -""" -Try to auto-attach in a GCP instance. This should only work -if the instance has a new UA license attached to it -""" -import logging - -from uaclient.cli import setup_logging -from uaclient.config import UAConfig -from uaclient.jobs.license_check import gcp_auto_attach - -LOG = logging.getLogger("ua_lib.license_check") - -if __name__ == "__main__": - cfg = UAConfig() - # The ua-license-check logger should log everything to its file - setup_logging( - logging.CRITICAL, - logging.DEBUG, - log_file=cfg.license_check_log_file, - logger=LOG, - ) - # Make sure the ua-license-check logger does not generate double logging - LOG.propagate = False - # The root logger should log any error to the timer log file - setup_logging( - logging.CRITICAL, logging.ERROR, log_file=cfg.license_check_log_file - ) - gcp_auto_attach(cfg=cfg) diff --git a/sru/release-27.7/cleanup_failed_old_license_check_timer.sh b/sru/release-27.7/cleanup_failed_old_license_check_timer.sh new file mode 100755 index 0000000000..6ba42ccced --- /dev/null +++ b/sru/release-27.7/cleanup_failed_old_license_check_timer.sh @@ -0,0 +1,57 @@ +series=$1 +deb=$2 + +set -e + +GREEN="\e[32m" +RED="\e[31m" +BLUE="\e[36m" +END_COLOR="\e[0m" + +function cleanup { + lxc delete test --force +} + +function on_err { + echo -e "${RED}Test Failed${END_COLOR}" + cleanup + exit 1 +} + +trap on_err ERR + +function print_and_run_cmd { + echo -e "${BLUE}Running:${END_COLOR}" "$@" + echo -e "${BLUE}Output:${END_COLOR}" + lxc exec test -- sh -c "$@" + echo +} + +function explanatory_message { + echo -e "${BLUE}$@${END_COLOR}" +} + +explanatory_message "Starting $series container and updating ubuntu-advantage-tools" +lxc launch ubuntu-daily:$series test >/dev/null 2>&1 +sleep 10 + +lxc exec test -- apt-get update >/dev/null +lxc exec test -- apt-get install -y ubuntu-advantage-tools locate >/dev/null +print_and_run_cmd "ua version" +explanatory_message "Start the timer to make sure its state is fixed on upgrade" +print_and_run_cmd "systemctl start ua-license-check.timer" +print_and_run_cmd "systemctl status ua-license-check.timer" + +explanatory_message "installing new version of ubuntu-advantage-tools from local copy" +lxc file push $deb test/tmp/ua.deb > /dev/null +print_and_run_cmd "dpkg -i /tmp/ua.deb" +print_and_run_cmd "ua version" + +explanatory_message "systemd should not list the timer as failed" +print_and_run_cmd "systemctl status ua-license-check.timer || true" +print_and_run_cmd "systemctl --no-pager | grep ua-license-check || true" +result=$(lxc exec test -- sh -c "systemctl --no-pager | grep ua-license-check.timer" || true) +echo "$result" | grep -qv "ua-license-check.timer\s\+not-found\s\+failed" + +echo -e "${GREEN}Test Passed${END_COLOR}" +cleanup diff --git a/sru/release-27.7/remove_old_license_check_timer.sh b/sru/release-27.7/remove_old_license_check_timer.sh new file mode 100755 index 0000000000..89b64efc86 --- /dev/null +++ b/sru/release-27.7/remove_old_license_check_timer.sh @@ -0,0 +1,57 @@ +series=$1 +deb=$2 + +set -e + +GREEN="\e[32m" +RED="\e[31m" +BLUE="\e[36m" +END_COLOR="\e[0m" + +function cleanup { + lxc delete test --force +} + +function on_err { + echo -e "${RED}Test Failed${END_COLOR}" + cleanup + exit 1 +} + +trap on_err ERR + +function print_and_run_cmd { + echo -e "${BLUE}Running:${END_COLOR}" "$@" + echo -e "${BLUE}Output:${END_COLOR}" + lxc exec test -- sh -c "$@" + echo +} + +function explanatory_message { + echo -e "${BLUE}$@${END_COLOR}" +} + +explanatory_message "Starting $series container and updating ubuntu-advantage-tools" +lxc launch ubuntu-daily:$series test >/dev/null 2>&1 +sleep 10 + +lxc exec test -- apt-get update >/dev/null +lxc exec test -- apt-get install -y ubuntu-advantage-tools locate >/dev/null +print_and_run_cmd "ua version" +explanatory_message "Note where all license-check artifacts are before upgrade" +print_and_run_cmd "updatedb" +print_and_run_cmd "locate ua-license-check" + +explanatory_message "installing new version of ubuntu-advantage-tools from local copy" +lxc file push $deb test/tmp/ua.deb > /dev/null +print_and_run_cmd "dpkg -i /tmp/ua.deb" +print_and_run_cmd "ua version" + +explanatory_message "license-check artifacts should be gone" +print_and_run_cmd "updatedb" +print_and_run_cmd "locate ua-license-check || true" +result=$(lxc exec test -- locate ua-license-check || true) +test -z "$result" + +echo -e "${GREEN}Test Passed${END_COLOR}" +cleanup diff --git a/sru/release-27.7/remove_old_marker_file.sh b/sru/release-27.7/remove_old_marker_file.sh new file mode 100755 index 0000000000..4db13153ba --- /dev/null +++ b/sru/release-27.7/remove_old_marker_file.sh @@ -0,0 +1,58 @@ +series=$1 +deb=$2 + +set -e + +GREEN="\e[32m" +RED="\e[31m" +BLUE="\e[36m" +END_COLOR="\e[0m" + +function cleanup { + lxc delete test --force +} + +function on_err { + echo -e "${RED}Test Failed${END_COLOR}" + cleanup + exit 1 +} + +trap on_err ERR + +function print_and_run_cmd { + echo -e "${BLUE}Running:${END_COLOR}" "$@" + echo -e "${BLUE}Output:${END_COLOR}" + lxc exec test -- sh -c "$@" + echo +} + +function explanatory_message { + echo -e "${BLUE}$@${END_COLOR}" +} + + +explanatory_message "Starting $series container and updating ubuntu-advantage-tools" +lxc launch ubuntu-daily:$series test >/dev/null 2>&1 +sleep 10 + +lxc exec test -- apt-get update >/dev/null +lxc exec test -- apt-get install -y ubuntu-advantage-tools >/dev/null +print_and_run_cmd "ua version" +explanatory_message "manually creating the marker file" +print_and_run_cmd "touch /var/lib/ubuntu-advantage/marker-license-check" +print_and_run_cmd "ls /var/lib/ubuntu-advantage" + +explanatory_message "installing new version of ubuntu-advantage-tools from local copy" +lxc file push $deb test/tmp/ua.deb > /dev/null +print_and_run_cmd "dpkg -i /tmp/ua.deb" +print_and_run_cmd "ua version" + + +explanatory_message "make sure the marker file is not longer there" +print_and_run_cmd "ls /var/lib/ubuntu-advantage" +result=$(lxc exec test -- ls /var/lib/ubuntu-advantage) +echo "$result" | grep -v marker-license-check + +echo -e "${GREEN}Test Passed${END_COLOR}" +cleanup diff --git a/systemd/ua-license-check.path b/systemd/ua-license-check.path deleted file mode 100644 index f588736c7e..0000000000 --- a/systemd/ua-license-check.path +++ /dev/null @@ -1,14 +0,0 @@ -# The marker file used here is only created when on a GCP Ubuntu LTS instance -# that is not already using Ubuntu Advantage services. -# This path triggers a timer that will periodically poll the metadata for a GCP -# instance. If the user has added an Ubuntu Pro license to the instance, it will -# activate Ubuntu Advantage services. -[Unit] -Description=Trigger to poll for Ubuntu Pro licenses (Only enabled on GCP LTS non-pro) - -[Path] -PathExists=/var/lib/ubuntu-advantage/marker-license-check -Unit=ua-license-check.timer - -[Install] -WantedBy=multi-user.target diff --git a/systemd/ua-license-check.service b/systemd/ua-license-check.service deleted file mode 100644 index 26d19a6408..0000000000 --- a/systemd/ua-license-check.service +++ /dev/null @@ -1,11 +0,0 @@ -# This service is only activated when on a GCP Ubuntu LTS instance that is not -# already using Ubuntu Advantage services (via ua-license-check.timer). -# This service polls the metadata for a GCP instance. If the user has added an -# Ubuntu Pro license to the instance, it will activate Ubuntu Advantage services. -[Unit] -Description=Poll for Ubuntu Pro licenses (Only enabled on GCP LTS non-pro) -After=network.target network-online.target systemd-networkd.service ua-auto-attach.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/python3 /usr/lib/ubuntu-advantage/license_check.py diff --git a/systemd/ua-license-check.timer b/systemd/ua-license-check.timer deleted file mode 100644 index 7b5405a518..0000000000 --- a/systemd/ua-license-check.timer +++ /dev/null @@ -1,12 +0,0 @@ -# This timer is only activated when on a GCP Ubuntu LTS instance that is not -# already using Ubuntu Advantage services (via ua-license-check.path). -# This timer triggers a service that will poll the metadata for a GCP instance. -# If the user has added an Ubuntu Pro license to the instance, it will -# activate Ubuntu Advantage services. -[Unit] -Description=Timer to poll for Ubuntu Pro licenses (Only enabled on GCP LTS non-pro) - -[Timer] -OnCalendar=*:0/5 -RandomizedDelaySec=5min -OnStartupSec=2min diff --git a/uaclient-devel.conf b/uaclient-devel.conf index bb1c85df64..79b75b99a7 100644 --- a/uaclient-devel.conf +++ b/uaclient-devel.conf @@ -5,7 +5,6 @@ log_file: ubuntu-advantage-devel.log log_level: debug security_url: https://ubuntu.com/security timer_log_file: ubuntu-advantage-timer-devel.log -license_check_log_file: ubuntu-advantage-license-check-devel.log daemon_log_file: ubuntu-advantage-daemon-devel.log ua_config: apt_http_proxy: null diff --git a/uaclient/cli.py b/uaclient/cli.py index 87b50b3826..00bc8a48de 100644 --- a/uaclient/cli.py +++ b/uaclient/cli.py @@ -27,7 +27,6 @@ entitlements, event_logger, exceptions, - jobs, lock, security, security_status, @@ -79,9 +78,6 @@ "ua-auto-attach.path", "ua-auto-attach.service", "ua-reboot-cmds.service", - "ua-license-check.path", - "ua-license-check.service", - "ua-license-check.timer", "ubuntu-advantage.service", ) @@ -1138,7 +1134,6 @@ def _detach(cfg: config.UAConfig, assume_yes: bool) -> int: contract_id = cfg.machine_token["machineTokenInfo"]["contractInfo"]["id"] contract_client.detach_machine_from_contract(machine_token, contract_id) cfg.delete_cache() - jobs.enable_license_check_if_applicable(cfg) daemon.start() update_apt_and_motd_messages(cfg) event.info(ua_status.MESSAGE_DETACH_SUCCESS) @@ -1165,7 +1160,6 @@ def _post_cli_attach(cfg: config.UAConfig) -> None: else: event.info(ua_status.MESSAGE_ATTACH_SUCCESS_NO_CONTRACT_NAME) - jobs.disable_license_check_if_applicable(cfg) daemon.stop() status = actions.status(cfg) @@ -1381,7 +1375,6 @@ def action_collect_logs(args, *, cfg: config.UAConfig): cfg.cfg_path or DEFAULT_CONFIG_FILE, cfg.log_file, cfg.timer_log_file, - cfg.license_check_log_file, cfg.daemon_log_file, cfg.data_path("jobs-status"), CLOUD_BUILD_INFO, diff --git a/uaclient/config.py b/uaclient/config.py index 62d418093e..861d344cc1 100644 --- a/uaclient/config.py +++ b/uaclient/config.py @@ -79,7 +79,6 @@ "security_url", "settings_overrides", "timer_log_file", - "license_check_log_file", "daemon_log_file", "ua_config", ) @@ -104,7 +103,6 @@ class UAConfig: "marker-reboot-cmds": DataPath( "marker-reboot-cmds-required", False, False ), - "marker-license-check": DataPath("marker-license-check", False, True), "services-once-enabled": DataPath( "services-once-enabled", False, True ), @@ -323,12 +321,6 @@ def timer_log_file(self) -> str: "timer_log_file", CONFIG_DEFAULTS["timer_log_file"] ) - @property - def license_check_log_file(self): - return self.cfg.get( - "license_check_log_file", CONFIG_DEFAULTS["license_check_log_file"] - ) - @property def daemon_log_file(self): return self.cfg.get( @@ -1089,7 +1081,6 @@ def write_cfg(self, config_path=None): "data_dir", "log_file", "timer_log_file", - "license_check_log_file", "daemon_log_file", ): cfg_dict[attr] = getattr(self, attr) diff --git a/uaclient/defaults.py b/uaclient/defaults.py index 6493e035ef..7c1a0be1eb 100644 --- a/uaclient/defaults.py +++ b/uaclient/defaults.py @@ -31,7 +31,6 @@ "log_level": "INFO", "log_file": "/var/log/ubuntu-advantage.log", "timer_log_file": "/var/log/ubuntu-advantage-timer.log", - "license_check_log_file": "/var/log/ubuntu-advantage-license-check.log", "daemon_log_file": "/var/log/ubuntu-advantage-daemon.log", } @@ -39,7 +38,6 @@ "ua_data_dir", "ua_log_file", "ua_timer_log_file", - "ua_license_check_log_file", "ua_daemon_log_file", "ua_log_level", "ua_security_url", diff --git a/uaclient/jobs/__init__.py b/uaclient/jobs/__init__.py index 64cd4c54d0..e69de29bb2 100644 --- a/uaclient/jobs/__init__.py +++ b/uaclient/jobs/__init__.py @@ -1,14 +0,0 @@ -from uaclient import config, util -from uaclient.clouds.identity import get_cloud_type - - -def enable_license_check_if_applicable(cfg: config.UAConfig): - series = util.get_platform_info()["series"] - if "gce" in get_cloud_type() and util.is_lts(series): - cfg.write_cache("marker-license-check", "") - - -def disable_license_check_if_applicable(cfg: config.UAConfig): - if cfg.cache_key_exists("marker-license-check"): - cfg.delete_cache_key("marker-license-check") - util.subp(["systemctl", "stop", "ua-license-check.timer"]) diff --git a/uaclient/jobs/license_check.py b/uaclient/jobs/license_check.py deleted file mode 100644 index 75a0bac19d..0000000000 --- a/uaclient/jobs/license_check.py +++ /dev/null @@ -1,62 +0,0 @@ -""" -Try to auto-attach in a GCP instance. This should only work -if the instance has a new UA license attached to it -""" -import logging - -from uaclient import config, exceptions, jobs -from uaclient.cli import action_auto_attach -from uaclient.clouds.gcp import GCP_LICENSES, UAAutoAttachGCPInstance -from uaclient.clouds.identity import get_cloud_type -from uaclient.util import get_platform_info - -LOG = logging.getLogger("ua_lib.license_check.jobs.license_check") - - -def gcp_auto_attach(cfg: config.UAConfig) -> bool: - # We will not do anything in a non-GCP cloud - cloud_id, _ = get_cloud_type() - if not cloud_id or cloud_id != "gce": - # If we are not running on GCP cloud, we shouldn't run this - # job anymore - LOG.info("Disabling gcp_auto_attach job. Not running on GCP instance") - jobs.disable_license_check_if_applicable(cfg) - return False - - # If the instance is already attached we will not do anything. - # This implies that the user may have a new license attached to the - # instance, but we will not perfom the change through this job. - if cfg.is_attached: - LOG.info("Disabling gcp_auto_attach job. Already attached") - jobs.disable_license_check_if_applicable(cfg) - return False - - series = get_platform_info()["series"] - if series not in GCP_LICENSES: - LOG.info("Disabling gcp_auto_attach job. Not on LTS") - jobs.disable_license_check_if_applicable(cfg) - return False - - # Only try to auto_attach if the license is found in the metadata. - # If there is a problem finding the metadata, do not error out. - try: - licenses = UAAutoAttachGCPInstance().get_licenses_from_identity() - except Exception: - return False - - if GCP_LICENSES[series] in licenses: - try: - # This function already uses the assert lock decorator, - # which means that we don't need to make create another - # lock only for the job - action_auto_attach(args=None, cfg=cfg) - return True - except exceptions.NonAutoAttachImageError: - # If we get a NonAutoAttachImageError we know - # that the machine is not ready yet to perform an - # auto-attach operation (i.e. the license may not - # have been appended yet). If that happens, we will not - # error out. - pass - - return False diff --git a/uaclient/jobs/tests/__init__.py b/uaclient/jobs/tests/__init__.py deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/uaclient/jobs/tests/test_gcp_auto_attach.py b/uaclient/jobs/tests/test_gcp_auto_attach.py deleted file mode 100644 index 9bf65ad9b7..0000000000 --- a/uaclient/jobs/tests/test_gcp_auto_attach.py +++ /dev/null @@ -1,144 +0,0 @@ -import logging - -import mock -import pytest - -from uaclient.clouds.gcp import UAAutoAttachGCPInstance -from uaclient.exceptions import NonAutoAttachImageError -from uaclient.jobs.license_check import gcp_auto_attach - - -@mock.patch( - "uaclient.jobs.license_check.GCP_LICENSES", - {"ubuntu-lts": "test-license-id"}, -) -class TestGCPAutoAttachJob: - @mock.patch("uaclient.jobs.license_check.get_cloud_type") - @mock.patch("uaclient.jobs.license_check.action_auto_attach") - def test_gcp_auto_attach_already_attached( - self, m_auto_attach, m_cloud_type, FakeConfig - ): - m_cloud_type.return_value = ("gce", None) - cfg = FakeConfig.for_attached_machine() - assert gcp_auto_attach(cfg) is False - assert m_auto_attach.call_count == 0 - - @pytest.mark.parametrize("caplog_text", [logging.DEBUG], indirect=True) - @pytest.mark.parametrize( - "cloud_type", (("gce"), ("azure"), ("aws"), (None)) - ) - @mock.patch("uaclient.jobs.license_check.get_cloud_type") - @mock.patch.object(UAAutoAttachGCPInstance, "get_licenses_from_identity") - @mock.patch("uaclient.jobs.license_check.get_platform_info") - @mock.patch("uaclient.jobs.license_check.action_auto_attach") - def test_gcp_auto_attach( - self, - m_auto_attach, - m_platform_info, - m_get_licenses, - m_cloud_type, - cloud_type, - caplog_text, - FakeConfig, - ): - m_cloud_type.return_value = (cloud_type, None) - m_get_licenses.return_value = ["test-license-id"] - m_platform_info.return_value = {"series": "ubuntu-lts"} - cfg = FakeConfig() - - m_auto_attach.return_value = 0 - return_value = gcp_auto_attach(cfg) - - if cloud_type != "gce": - assert m_auto_attach.call_count == 0 - assert ( - "Disabling gcp_auto_attach job. Not running on GCP instance" - ) in caplog_text() - assert return_value is False - - else: - assert m_auto_attach.call_count == 1 - assert return_value is True - - @mock.patch("uaclient.jobs.license_check.get_cloud_type") - @mock.patch.object(UAAutoAttachGCPInstance, "get_licenses_from_identity") - @mock.patch("uaclient.jobs.license_check.get_platform_info") - @mock.patch("uaclient.jobs.license_check.action_auto_attach") - def test_gcp_job_dont_fail_if_non_auto_attach_image_error_is_raised( - self, - m_auto_attach, - m_platform_info, - m_get_licenses, - m_cloud_type, - FakeConfig, - ): - m_cloud_type.return_value = ("gce", None) - m_get_licenses.return_value = ["test-license-id"] - m_platform_info.return_value = {"series": "ubuntu-lts"} - m_auto_attach.side_effect = NonAutoAttachImageError("error") - cfg = FakeConfig() - - assert gcp_auto_attach(cfg) is False - assert m_auto_attach.call_count == 1 - - @mock.patch("uaclient.jobs.license_check.get_cloud_type") - @mock.patch.object(UAAutoAttachGCPInstance, "get_licenses_from_identity") - @mock.patch("uaclient.jobs.license_check.get_platform_info") - @mock.patch("uaclient.jobs.license_check.action_auto_attach") - def test_gcp_job_dont_fail_if_licenses_fail( - self, - m_auto_attach, - m_platform_info, - m_get_licenses, - m_cloud_type, - FakeConfig, - ): - m_cloud_type.return_value = ("gce", None) - m_get_licenses.side_effect = TypeError("error") - m_platform_info.return_value = {"series": "ubuntu-lts"} - cfg = FakeConfig() - - assert gcp_auto_attach(cfg) is False - assert m_auto_attach.call_count == 0 - assert m_get_licenses.call_count == 1 - - @mock.patch("uaclient.jobs.license_check.get_cloud_type") - @mock.patch.object(UAAutoAttachGCPInstance, "get_licenses_from_identity") - @mock.patch("uaclient.jobs.license_check.get_platform_info") - @mock.patch("uaclient.jobs.license_check.action_auto_attach") - def test_gcp_auto_attach_license_not_present( - self, - m_auto_attach, - m_platform_info, - m_get_licenses, - m_cloud_type, - FakeConfig, - ): - m_cloud_type.return_value = ("gce", None) - m_get_licenses.return_value = ["unsupported-license"] - m_platform_info.return_value = {"series": "ubuntu-lts"} - cfg = FakeConfig() - - assert gcp_auto_attach(cfg) is False - assert m_auto_attach.call_count == 0 - assert m_get_licenses.call_count == 1 - - @mock.patch("uaclient.jobs.license_check.get_cloud_type") - @mock.patch.object(UAAutoAttachGCPInstance, "get_licenses_from_identity") - @mock.patch("uaclient.jobs.license_check.get_platform_info") - @mock.patch("uaclient.jobs.license_check.action_auto_attach") - def test_gcp_auto_attach_skips_non_lts( - self, - m_auto_attach, - m_platform_info, - m_get_licenses, - m_cloud_type, - FakeConfig, - ): - m_cloud_type.return_value = ("gce", None) - m_platform_info.return_value = {"series": "ubuntu-non-lts"} - cfg = FakeConfig() - - assert gcp_auto_attach(cfg) is False - assert m_auto_attach.call_count == 0 - assert m_get_licenses.call_count == 0 diff --git a/uaclient/tests/test_cli_collect_logs.py b/uaclient/tests/test_cli_collect_logs.py index 19d6a813c9..b3bfdb2485 100644 --- a/uaclient/tests/test_cli_collect_logs.py +++ b/uaclient/tests/test_cli_collect_logs.py @@ -92,8 +92,6 @@ def test_collect_logs( "-u", "ua-reboot-cmds.service", "-u", - "ua-license-check.service", - "-u", "ubuntu-advantage.service", "-u", "cloud-init-local.service", @@ -115,22 +113,13 @@ def test_collect_logs( mock.call( ["systemctl", "status", "ua-reboot-cmds.service"], rcs=[0, 3] ), - mock.call( - ["systemctl", "status", "ua-license-check.path"], rcs=[0, 3] - ), - mock.call( - ["systemctl", "status", "ua-license-check.service"], rcs=[0, 3] - ), - mock.call( - ["systemctl", "status", "ua-license-check.timer"], rcs=[0, 3] - ), mock.call( ["systemctl", "status", "ubuntu-advantage.service"], rcs=[0, 3] ), ] - assert m_copy.call_count == 15 - assert redact.call_count == 15 + assert m_copy.call_count == 14 + assert redact.call_count == 14 class TestParser: diff --git a/uaclient/tests/test_config.py b/uaclient/tests/test_config.py index 131f5ef3c3..f690adce44 100644 --- a/uaclient/tests/test_config.py +++ b/uaclient/tests/test_config.py @@ -238,7 +238,6 @@ def test_data_path_returns_public_path_for_public_datapath(self): contract_url: https://contracts.canonical.com daemon_log_file: /var/log/ubuntu-advantage-daemon.log data_dir: /var/lib/ubuntu-advantage -license_check_log_file: /var/log/ubuntu-advantage-license-check.log log_file: /var/log/ubuntu-advantage.log log_level: debug security_url: https://ubuntu.com/security @@ -258,7 +257,6 @@ def test_data_path_returns_public_path_for_public_datapath(self): hide: true new: 2 show_beta: true -license_check_log_file: /var/log/ubuntu-advantage-license-check.log log_file: /var/log/ubuntu-advantage.log log_level: debug security_url: https://ubuntu.com/security @@ -1562,7 +1560,6 @@ def test_parse_config_uses_defaults_when_no_config_present( "data_dir": "/var/lib/ubuntu-advantage", "log_file": "/var/log/ubuntu-advantage.log", "timer_log_file": "/var/log/ubuntu-advantage-timer.log", - "license_check_log_file": "/var/log/ubuntu-advantage-license-check.log", # noqa: E501 "daemon_log_file": "/var/log/ubuntu-advantage-daemon.log", # noqa: E501 "log_level": "INFO", } diff --git a/ubuntu-advantage.1 b/ubuntu-advantage.1 index ac7599a46c..448897b665 100644 --- a/ubuntu-advantage.1 +++ b/ubuntu-advantage.1 @@ -170,13 +170,6 @@ updates. Makes sure the `ua status` command will have the latest information even when executed by a non-root user, updating the \fB/var/lib/ubuntu-advantage/status.json\fP file. -.TP -.B -\fBgcp_auto_attach\fP -Only operable on Google Cloud Platform (GCP) generic Ubuntu VMs without an -active Ubuntu Advantage license. It polls GCP metadata every 5 minutes to -discover if a license has been attached to the VM through Google Cloud and will -perform `ua auto-attach` in that case. .SH CONFIGURATION @@ -210,10 +203,6 @@ The log file for the Ubuntu Advantage client The log file for the Ubuntu Advantage timer and timer jobs .TP .B -\fBlicense_check_log_file\fP -The log file for the Ubuntu Advantage license check job (only used on GCP) -.TP -.B \fBdaemon_log_file\fP The log file for the Ubuntu Advantage daemon @@ -259,7 +248,7 @@ Additionally, some configuration options can be overridden in the environment by setting an environment variable prefaced by \fBUA_\fP. Both uppercase and lowercase environment variables are allowed. The configuration options that support this are: data_dir, log_file, timer_log_file, -license_check_log_file, daemon_log_file, log_level, and security_url. +daemon_log_file, log_level, and security_url. For example, the following overrides the log_level found in uaclient.conf: .PP