diff --git a/src/core/src/core_logic/PatchAssessor.py b/src/core/src/core_logic/PatchAssessor.py index 9e079fcf..3ee0c991 100644 --- a/src/core/src/core_logic/PatchAssessor.py +++ b/src/core/src/core_logic/PatchAssessor.py @@ -81,7 +81,7 @@ def start_assessment(self): self.status_handler.set_package_assessment_status(sec_packages, sec_package_versions, Constants.PackageClassification.SECURITY) # Set the security-esm packages in status. - self.package_manager.set_security_esm_package_status(Constants.ASSESSMENT) + self.package_manager.set_security_esm_package_status(Constants.ASSESSMENT, packages=[]) # ensure reboot status is set reboot_pending = self.package_manager.is_reboot_pending() diff --git a/src/core/src/core_logic/PatchInstaller.py b/src/core/src/core_logic/PatchInstaller.py index 1f69a82f..a97523ca 100644 --- a/src/core/src/core_logic/PatchInstaller.py +++ b/src/core/src/core_logic/PatchInstaller.py @@ -160,7 +160,7 @@ def install_updates(self, maintenance_window, package_manager, simulate=False): # These packages will already be marked with version as 'UA_ESM_REQUIRED'. # Esm packages will not be dependent packages to non-esm packages. This is confirmed by Canonical. So, once these are removed from processing, we need not worry about handling it in our batch / sequential patch processing logic. # Adding this after filtering excluded packages, so we don`t un-intentionally mark excluded esm-package status as failed. - packages, package_versions, self.skipped_esm_packages, self.skipped_esm_package_versions, self.esm_packages_found_without_attach = package_manager.filter_out_esm_packages(packages, package_versions) + packages, package_versions, self.skipped_esm_packages, self.skipped_esm_package_versions, self.esm_packages_found_without_attach = package_manager.separate_out_esm_packages(packages, package_versions) self.telemetry_writer.write_event("Final package list: " + str(packages), Constants.TelemetryEventLevel.Verbose) @@ -177,7 +177,7 @@ def install_updates(self, maintenance_window, package_manager, simulate=False): self.status_handler.set_package_install_status_classification(sec_packages, sec_package_versions, classification="Security") # Set the security-esm package status. - package_manager.set_security_esm_package_status(Constants.INSTALLATION) + package_manager.set_security_esm_package_status(Constants.INSTALLATION, packages) self.composite_logger.log("\nNote: Packages that are neither included nor excluded may still be installed if an included package has a dependency on it.") # We will see this as packages going from NotSelected --> Installed. We could remove them preemptively from not_included_packages, but we're explicitly choosing not to. diff --git a/src/core/src/package_managers/AptitudePackageManager.py b/src/core/src/package_managers/AptitudePackageManager.py index 9f35895b..a0d47280 100644 --- a/src/core/src/package_managers/AptitudePackageManager.py +++ b/src/core/src/package_managers/AptitudePackageManager.py @@ -643,7 +643,7 @@ def check_pro_client_prerequisites(self): self.composite_logger.log_debug("Ubuntu Pro Client pre-requisite checks:[IsFeatureEnabled={0}][IsOSVersionCompatible={1}][IsPythonCompatible={2}][Error={3}]".format(Constants.UbuntuProClientSettings.FEATURE_ENABLED, self.__get_os_major_version() <= Constants.UbuntuProClientSettings.MAX_OS_MAJOR_VERSION_SUPPORTED, self.__is_minimum_required_python_installed(), exception_error)) return self.__pro_client_prereq_met - def set_security_esm_package_status(self, operation): + def set_security_esm_package_status(self, operation, packages): """Set the security-ESM classification for the esm packages.""" security_esm_update_query_success, security_esm_updates, security_esm_updates_versions = self.get_security_esm_updates() if self.__pro_client_prereq_met and security_esm_update_query_success and len(security_esm_updates) > 0: @@ -654,6 +654,9 @@ def set_security_esm_package_status(self, operation): if not self.ubuntu_pro_client.is_ubuntu_pro_client_attached: self.status_handler.add_error_to_status("{0} patches requires Ubuntu Pro for Infrastructure with Extended Security Maintenance".format(len(security_esm_updates)), Constants.PatchOperationErrorCodes.UA_ESM_REQUIRED) elif operation == Constants.INSTALLATION: + if security_esm_update_query_success: + esm_packages_selected_to_install = [package for package in packages if package in security_esm_updates] + self.composite_logger.log_debug("Setting security ESM package status. [SelectedEsmPackagesCount={0}]".format(len(esm_packages_selected_to_install))) self.status_handler.set_package_install_status_classification(security_esm_updates, security_esm_updates_versions, Constants.PackageClassification.SECURITY_ESM) def __get_os_major_version(self): @@ -675,15 +678,15 @@ def add_arch_dependencies(self, package_manager, package, packages, package_vers """ return - def filter_out_esm_packages(self, packages, package_versions): + def separate_out_esm_packages(self, packages, package_versions): """ Filter out packages from the list where the version matches the UA_ESM_REQUIRED string. """ non_esm_packages = [] non_esm_package_versions = [] - esm_packages = [] - esm_package_versions = [] - esm_packages_found = False + ua_esm_required_packages = [] + ua_esm_required_package_versions = [] + ua_esm_required_packages_found = False for pkg, version in zip(packages, package_versions): if version != Constants.UA_ESM_REQUIRED: @@ -692,14 +695,13 @@ def filter_out_esm_packages(self, packages, package_versions): continue # version is UA_ESM_REQUIRED. - esm_packages.append(pkg) - esm_package_versions.append(version) + ua_esm_required_packages.append(pkg) + ua_esm_required_package_versions.append(version) - esm_packages_found = len(esm_packages) > 0 - if esm_packages_found: - self.status_handler.add_error_to_status("{0} patches requires Ubuntu Pro for Infrastructure with Extended Security Maintenance".format(len(esm_packages)), Constants.PatchOperationErrorCodes.UA_ESM_REQUIRED) # Set the error status with the esm_package details. Will be used in portal. - self.telemetry_writer.write_event("Filter esm packages [EsmPackagesCount={0}]".format(len(esm_packages)), Constants.TelemetryEventLevel.Informational) + ua_esm_required_packages_found = len(ua_esm_required_packages) > 0 + if ua_esm_required_packages_found: + self.status_handler.add_error_to_status("{0} patches requires Ubuntu Pro for Infrastructure with Extended Security Maintenance".format(len(ua_esm_required_packages)), Constants.PatchOperationErrorCodes.UA_ESM_REQUIRED) # Set the error status with the esm_package details. Will be used in portal. - self.composite_logger.log_debug("Filter esm packages : [TotalPackagesCount={0}][EsmPackagesCount={1}]".format(len(packages), len(esm_packages))) - return non_esm_packages, non_esm_package_versions, esm_packages, esm_package_versions, esm_packages_found + self.composite_logger.log_debug("Filter esm packages : [TotalPackagesCount={0}][EsmPackagesCount={1}]".format(len(packages), len(ua_esm_required_packages))) + return non_esm_packages, non_esm_package_versions, ua_esm_required_packages, ua_esm_required_package_versions, ua_esm_required_packages_found diff --git a/src/core/src/package_managers/PackageManager.py b/src/core/src/package_managers/PackageManager.py index 13ba3eff..824fa999 100644 --- a/src/core/src/package_managers/PackageManager.py +++ b/src/core/src/package_managers/PackageManager.py @@ -453,10 +453,10 @@ def add_arch_dependencies(self, package_manager, package, packages, package_vers pass @abstractmethod - def set_security_esm_package_status(self, operation): + def set_security_esm_package_status(self, operation, packages): pass @abstractmethod - def filter_out_esm_packages(self, packages, package_versions): + def separate_out_esm_packages(self, packages, package_versions): pass diff --git a/src/core/src/package_managers/YumPackageManager.py b/src/core/src/package_managers/YumPackageManager.py index 7c1f9268..bfddfafc 100644 --- a/src/core/src/package_managers/YumPackageManager.py +++ b/src/core/src/package_managers/YumPackageManager.py @@ -958,13 +958,13 @@ def add_arch_dependencies(self, package_manager, package, packages, package_vers package_and_dependencies.append(possible_arch_dependency) package_and_dependency_versions.append(possible_arch_dependency_version) - def set_security_esm_package_status(self, operation): + def set_security_esm_package_status(self, operation, packages): """ Set the security-ESM classification for the esm packages. Only needed for apt. No-op for yum and zypper. """ pass - def filter_out_esm_packages(self, packages, package_versions): + def separate_out_esm_packages(self, packages, package_versions): """ Filter out packages from the list where the version matches the UA_ESM_REQUIRED string. Only needed for apt. No-op for yum and zypper diff --git a/src/core/src/package_managers/ZypperPackageManager.py b/src/core/src/package_managers/ZypperPackageManager.py index 5e866b4e..5f172d40 100644 --- a/src/core/src/package_managers/ZypperPackageManager.py +++ b/src/core/src/package_managers/ZypperPackageManager.py @@ -813,13 +813,13 @@ def add_arch_dependencies(self, package_manager, package, packages, package_vers """ return - def set_security_esm_package_status(self, operation): + def set_security_esm_package_status(self, operation, packages): """ Set the security-ESM classification for the esm packages. Only needed for apt. No-op for yum and zypper. """ pass - def filter_out_esm_packages(self, packages, package_versions): + def separate_out_esm_packages(self, packages, package_versions): """ Filter out packages from the list where the version matches the UA_ESM_REQUIRED string. Only needed for apt. No-op for yum and zypper