** Description changed: + [Impact] + + If cloud-id fails in a different way from what our postinst currently + checks for, then the postinst script will fail, breaking whatever apt + process was running. + + We fixed this by changing the line that calls cloud-id to + + cloud_id=$(cloud-id 2>/dev/null) || cloud_id="" + + The commit with this change is here: + https://github.com/canonical/ubuntu-advantage- + client/commit/8ac323b1f2e2031afa8018112d20479085c0e4f7 + + By doing this, any error in cloud-id will be handled by assuming we are + not on a cloud. This is a safe assumption for the purposes of our + postinst script. + + [Test Plan] + + TODO lucas to insert test script here + + [Where problems could occur] + + Any change to postinst is particularly dangerous because a mistake could + cause it to fail and therefore cause apt installs/upgrades to fail. + Because ua-client is on all ubuntu images, we need to be particularly + careful here. + + Further, by changing the code that fixed a critical bug, we run the risk + of reintroducing that bug. We've mitigated this by introducing an + integration test scenario to cover that bug. + + [Other Info] + + The cloud id is used in postinst for doing 2 things: + + 1. notifying the user if they stumbled into an using an unsupported fips kernel on the cloud + 2. activating the gcp_auto_attach job + + It is not critical if the cloud is falsely detected as none. The worst + that could happen is that a user would not be notified of the + unsupported fips kernel or that a user would not have the + gcp_auto_attach job activated. + + [Original Description] + As discovered in regression bug 1936833: - 1) "cloud-id" can sometimes crash; perhaps it should return something + 1) "cloud-id" can sometimes crash; perhaps it should return something more sensible if a cloud-id is not available - 2) ubuntu-advantage-tools.postinst might crash if cloud-id crashes; + 2) ubuntu-advantage-tools.postinst might crash if cloud-id crashes; perhaps it should be generally resilient against cloud-id crashing, instead of trying to predict if it will work or not (additionally the current prediction method seems to be based on an internal implementation detail that might change) I wonder if one or both of these things can be improved. For example, define the failure behaviour of cloud-id when it cannot function, and have the postinst test for that, and further, adjust the postinst to be robust against _any_ failure of cloud-id.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1938207 Title: ubuntu-advantage-tools.postinst and cloud-id are not robust against failure To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1938207/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
