[Bug 1832757] Re: Update ubuntu-advantage-client

[Andreas Hasenack]

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces an updated command line interface (UA Client) to simplify some interaction with Ubuntu Advantage support offerings, and interacts with a new service backend built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach <token>
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in behavior.
  - new services will be listed, but not avaialble for trusty, only for later LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability of updates in that repository. This hook has failed in the past while this package was in disco, and that failed the apt transaction. This has of course been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. Respectively:
  CC (not available on trusty atm): https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
+ 
+ cis-audit is not ready and we don't have a gpg key for it yet, so we are
+ shpping a placeholder file in the package called ubuntu-
+ securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
+ audit is not available for trusty, and gpg keyrings are only copied over
+ to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
+ if it was copied over to that directory, an empty file there doesn't
+ cause issues. The reason we still have the file is, as said, a
+ placeholder, as the code and tests expect it, and because we want to use
+ the same source package for all supported ubuntu releases.

-- 
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to ubuntu-advantage-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions