cloud-init-dev team mailing list archive

[Chad Smith <chad.smith@xxxxxxxxxxxxx>]

Rejecting as we'll really just fix cloud-init query to look fallback to the original instance-data.json if instance-data-sensitive.json doesn't exist and print a sensible warning message.

Diff comments:

> diff --git a/debian/cloud-init.postinst b/debian/cloud-init.postinst
> index f88d1c5..11ae75b 100644
> --- a/debian/cloud-init.postinst
> +++ b/debian/cloud-init.postinst
> @@ -206,6 +206,20 @@ cleanup_lp1552999() {
>          "$edir/cloud-init-local.service" "$edir/cloud-init.service"
>  }
>  
> +# Old instance-data.json was root read-only, new is redacted world-readable
> +# Also add instance-data-sensitive.json that is root read-only
> +regenerate_instance_data_json_on_upgrade() {
> +    if [ -f /run/cloud-init/instance-data.json -a
> +         ! -f /run/cloud-init/instance-data-sensitive.json ]; then
> +        # this is an upgraded system with old instance-data.json file
> +        echo "Updating /run/cloud-init/instance-data.json"
> +        python3 -c '
> +from cloudinit.stages import _pkl_load
> +pickled_ds = _pkl_load("/var/lib/cloud/instance/obj.pkl")
> +pickled_ds.persist_instance_data()'

I'll add a RELEASE_NOTE comment in cloudinit.stages._obj_pkl so that we check ubuntu/{series} branches if we change the behavior.

> +    fi
> +}
> +
>  disable_network_config_on_upgrade() {
>      local oldver="$1" last_without_net="0.7.7~bzr1182-0ubuntu1"
>      if [ ! -f /var/lib/cloud/instance/obj.pkl ]; then


-- 
https://code.launchpad.net/~chad.smith/cloud-init/+git/cloud-init/+merge/356897
Your team cloud-init commiters is requested to review the proposed merge of ~chad.smith/cloud-init:ubuntu/bionic into cloud-init:ubuntu/bionic.