Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package google-guest-agent for openSUSE:Factory checked in at 2022-02-09 20:39:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/google-guest-agent (Old) and /work/SRC/openSUSE:Factory/.google-guest-agent.new.1898 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "google-guest-agent" Wed Feb 9 20:39:29 2022 rev:10 rq:952790 version:20220204.00 Changes: -------- --- /work/SRC/openSUSE:Factory/google-guest-agent/google-guest-agent.changes 2021-12-02 02:13:50.658920685 +0100 +++ /work/SRC/openSUSE:Factory/.google-guest-agent.new.1898/google-guest-agent.changes 2022-02-09 20:40:41.402589810 +0100 @@ -1,0 +2,13 @@ +Tue Feb 8 15:46:09 UTC 2022 - John Paul Adrian Glaubitz <[email protected]> + +- Update to version 20220204.00 (bsc#1195437, bsc#1195438) + * remove han from owners (#154) + * Remove extra slash from metadata URL. (#151) +- from version 20220104.00 + * List IPv6 routes (#150) +- from version 20211228.00 + * add add or remove route integration test, utils (#147) +- from version 20211214.00 + * add malformed ssh key unit test (#142) + +------------------------------------------------------------------- Old: ---- guest-agent-20211116.00.tar.gz New: ---- guest-agent-20220204.00.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ google-guest-agent.spec ++++++ --- /var/tmp/diff_new_pack.0GYj92/_old 2022-02-09 20:40:42.046591351 +0100 +++ /var/tmp/diff_new_pack.0GYj92/_new 2022-02-09 20:40:42.050591361 +0100 @@ -1,7 +1,7 @@ # # spec file for package google-guest-agent # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ %global import_path %{provider_prefix} Name: google-guest-agent -Version: 20211116.00 +Version: 20220204.00 Release: 0 Summary: Google Cloud Guest Agent License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.0GYj92/_old 2022-02-09 20:40:42.086591447 +0100 +++ /var/tmp/diff_new_pack.0GYj92/_new 2022-02-09 20:40:42.090591457 +0100 @@ -3,8 +3,8 @@ <param name="url">https://github.com/GoogleCloudPlatform/guest-agent/</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="versionformat">20211116.00</param> - <param name="revision">20211116.00</param> + <param name="versionformat">20220204.00</param> + <param name="revision">20220204.00</param> <param name="changesgenerate">enable</param> </service> <service name="recompress" mode="disabled"> @@ -15,7 +15,7 @@ <param name="basename">guest-agent</param> </service> <service name="go_modules" mode="disabled"> - <param name="archive">guest-agent-20211116.00.tar.gz</param> + <param name="archive">guest-agent-20220204.00.tar.gz</param> </service> </services> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.0GYj92/_old 2022-02-09 20:40:42.110591504 +0100 +++ /var/tmp/diff_new_pack.0GYj92/_new 2022-02-09 20:40:42.114591514 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/GoogleCloudPlatform/guest-agent/</param> - <param name="changesrevision">b0c8cbdfb9e74a4ef05e0ac09faf20e83eddbbcc</param></service></servicedata> + <param name="changesrevision">a592540d245747ad8a8a982b93e32056357076dc</param></service></servicedata> (No newline at EOF) ++++++ guest-agent-20211116.00.tar.gz -> guest-agent-20220204.00.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20211116.00/OWNERS new/guest-agent-20220204.00/OWNERS --- old/guest-agent-20211116.00/OWNERS 2021-11-11 20:48:43.000000000 +0100 +++ new/guest-agent-20220204.00/OWNERS 2022-01-24 21:23:50.000000000 +0100 @@ -5,11 +5,9 @@ - adjackura - hopkiw - zmarano - - gaohannk - bkatyl reviewers: - adjackura - hopkiw - zmarano - - gaohannk - bkatyl diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20211116.00/google_guest_agent/addresses.go new/guest-agent-20220204.00/google_guest_agent/addresses.go --- old/guest-agent-20211116.00/google_guest_agent/addresses.go 2021-11-11 20:48:43.000000000 +0100 +++ new/guest-agent-20220204.00/google_guest_agent/addresses.go 2022-01-24 21:23:50.000000000 +0100 @@ -146,6 +146,21 @@ res = append(res, line) } } + + // and again for IPv6 routes, without 'scope host' which is IPv4 only + args = fmt.Sprintf("-6 route list table local type local dev %s proto %s", ifname, protoID) + out = runCmdOutput(exec.Command("ip", strings.Split(args, " ")...)) + if out.ExitCode() != 0 { + return nil, error(out) + } + for _, line := range strings.Split(out.Stdout(), "\n") { + line = strings.TrimPrefix(line, "local ") + line = strings.Split(line, " ")[0] + line = strings.TrimSpace(line) + if line != "" { + res = append(res, line) + } + } return res, nil } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20211116.00/google_guest_agent/addresses_integ_test.go new/guest-agent-20220204.00/google_guest_agent/addresses_integ_test.go --- old/guest-agent-20211116.00/google_guest_agent/addresses_integ_test.go 1970-01-01 01:00:00.000000000 +0100 +++ new/guest-agent-20220204.00/google_guest_agent/addresses_integ_test.go 2022-01-24 21:23:50.000000000 +0100 @@ -0,0 +1,98 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build integration + +package main + +import ( + "context" + "fmt" + "strings" + "testing" +) + +const testIp = "192.168.0.0" + +func TestAddAndRemoveLocalRoute(t *testing.T) { + metdata, err := getMetadata(context.Context(), false) + if err != nil { + t.Fatalf("failed to get metadata, err %v", err) + } + iface, err := getInterfaceByMAC(metdata.Instance.NetworkInterfaces[0].Mac) + if err != nil { + t.Fatalf("failed to get interface from mac, err %v", err) + } + // test add local route + if err := removeLocalRoute(testIp, iface.Name); err != nil { + t.Fatalf("failed to remove local route, err %v", err) + } + if err := addLocalRoute(testIp, iface.Name); err != nil { + t.Fatalf("add test local route should not failed, err %v", err) + } + + res, err := getLocalRoutes(iface.Name) + if err != nil { + t.Fatalf("get local route should not failed, err %v", err) + } + exist := false + for _, route := range res { + if strings.Contains(route, fmt.Sprintf("local %s/24", testIp)) { + exist = true + } + } + if !exist { + t.Fatalf("route %s is not added", testIp) + } + + // test remove local route + if err := removeLocalRoute(testIp, iface.Name); err != nil { + t.Fatalf("add test local route should not failed") + } + res, err := getLocalRoutes(iface.Name) + if err != nil { + t.Fatalf("ip route list should not failed, err %s", res.err) + } + + for _, route := range res { + if strings.Contains(route, fmt.Sprintf("local %s/24", testIp)) { + t.Fatalf("route %s should be removed but exist", testIp) + } + } +} + +func TestGetLocalRoute(t *testing.T) { + metdata, err := getMetadata(context.Context(), false) + if err != nil { + t.Fatalf("failed to get metadata, err %v", err) + } + iface, err := getInterfaceByMAC(metdata.Instance.NetworkInterfaces[0].Mac) + if err != nil { + t.Fatalf("failed to get interface from mac, err %v", err) + } + + if err := addLocalRoute(testIp, iface.Name); err != nil { + t.Fatalf("add test local route should not failed, err %v", err) + } + routes, err := getLocalRoutes(iface.Name) + if err != nil { + t.Fatalf("get local routes should not failed, err %v", err) + } + if len(routes) != 1 { + t.Fatal("find unexpected local route %s.", routes[0]) + } + if routes[0] != testIp { + t.Fatal("find unexpected local route %s.", routes[0]) + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20211116.00/google_guest_agent/metadata.go new/guest-agent-20220204.00/google_guest_agent/metadata.go --- old/guest-agent-20211116.00/google_guest_agent/metadata.go 2021-11-11 20:48:43.000000000 +0100 +++ new/guest-agent-20220204.00/google_guest_agent/metadata.go 2022-01-24 21:23:50.000000000 +0100 @@ -31,7 +31,7 @@ const defaultEtag = "NONE" var ( - metadataURL = "http://169.254.169.254/computeMetadata/v1/"; + metadataURL = "http://169.254.169.254/computeMetadata/v1"; metadataRecursive = "/?recursive=true&alt=json" metadataHang = "&wait_for_change=true&timeout_sec=60" defaultTimeout = 70 * time.Second diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20211116.00/google_guest_agent/non_windows_accounts.go new/guest-agent-20220204.00/google_guest_agent/non_windows_accounts.go --- old/guest-agent-20211116.00/google_guest_agent/non_windows_accounts.go 2021-11-11 20:48:43.000000000 +0100 +++ new/guest-agent-20220204.00/google_guest_agent/non_windows_accounts.go 2022-01-24 21:23:50.000000000 +0100 @@ -73,7 +73,7 @@ // If any on-disk keys have expired. for _, keys := range sshKeys { - if len(keys) != len(removeExpiredKeys(keys)) { + if len(keys) != len(getUserKeys(keys)) { return true } } @@ -118,22 +118,7 @@ mdkeys = append(mdkeys, newMetadata.Project.Attributes.SSHKeys...) } - mdKeyMap := make(map[string][]string) - for _, key := range removeExpiredKeys(mdkeys) { - idx := strings.Index(key, ":") - if idx == -1 { - logger.Debugf("invalid ssh key entry: %q", key) - continue - } - user := key[:idx] - if user == "" { - logger.Debugf("invalid ssh key entry: %q", key) - continue - } - userKeys := mdKeyMap[user] - userKeys = append(userKeys, key[idx+1:]) - mdKeyMap[user] = userKeys - } + mdKeyMap := getUserKeys(mdkeys) logger.Debugf("read google users file") gUsers, err := readGoogleUsersFile() @@ -197,6 +182,55 @@ return nil } +// getUserKeys returns the keys which are not expired and non-expiring key. +// valid formats are: +// user:ssh-rsa [KEY_VALUE] [USERNAME] +// user:ssh-rsa [KEY_VALUE] +// user:ssh-rsa [KEY_VALUE] google-ssh {"userName":"[USERNAME]","expireOn":"[EXPIRE_TIME]"} +func getUserKeys(mdkeys []string) map[string][]string { + mdKeyMap := make(map[string][]string) + for i := 0; i < len(mdkeys); i++ { + key := strings.Trim(mdkeys[i], " ") + if key == "" { + logger.Debugf("invalid ssh key entry: %q", key) + continue + } + idx := strings.Index(key, ":") + if idx == -1 { + logger.Debugf("invalid ssh key entry: %q", key) + continue + } + user := key[:idx] + if user == "" { + logger.Debugf("invalid ssh key entry: %q", key) + continue + } + fields := strings.SplitN(key, " ", 4) + if len(fields) == 3 && fields[2] == "google-ssh" { + logger.Debugf("invalid ssh key entry: %q", key) + // expiring key without expiration format. + continue + } + if len(fields) > 3 { + lkey := linuxKey{} + if err := json.Unmarshal([]byte(fields[3]), &lkey); err != nil { + // invalid expiration format. + logger.Debugf("invalid ssh key entry: %q", key) + continue + } + if lkey.expired() { + logger.Debugf("expired ssh key entry: %q", key) + continue + } + } + // key which is not expired or non-expiring key, add it. + userKeys := mdKeyMap[user] + userKeys = append(userKeys, key[idx+1:]) + mdKeyMap[user] = userKeys + } + return mdKeyMap +} + // passwdEntry is a user.User with omitted passwd fields restored. type passwdEntry struct { Username string @@ -311,42 +345,6 @@ return t.Before(time.Now()) } -// removeExpiredKeys returns the provided list of keys with expired keys removed. -// valid formats are: -// ssh-rsa [KEY_VALUE] [USERNAME] -// ssh-rsa [KEY_VALUE] -// ssh-rsa [KEY_VALUE] google-ssh {"userName":"[USERNAME]","expireOn":"[EXPIRE_TIME]"} -// -// see: https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#sshkeyformat -func removeExpiredKeys(keys []string) []string { - var res []string - for i := 0; i < len(keys); i++ { - key := strings.Trim(keys[i], " ") - if key == "" { - continue - } - fields := strings.SplitN(key, " ", 4) - if len(fields) < 3 || fields[2] != "google-ssh" { - // non-expiring key, add it. - res = append(res, key) - continue - } - if len(fields) < 4 { - // expiring key without expiration format. - continue - } - lkey := linuxKey{} - if err := json.Unmarshal([]byte(fields[3]), &lkey); err != nil { - // invalid expiration format. - continue - } - if !lkey.expired() { - res = append(res, key) - } - } - return res -} - // Replaces {user} or {group} in command string. Supports legacy python-era // user command overrides. func createUserGroupCmd(cmd, user, group string) *exec.Cmd { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20211116.00/google_guest_agent/non_windows_accounts_integ_test.go new/guest-agent-20220204.00/google_guest_agent/non_windows_accounts_integ_test.go --- old/guest-agent-20211116.00/google_guest_agent/non_windows_accounts_integ_test.go 2021-11-11 20:48:43.000000000 +0100 +++ new/guest-agent-20220204.00/google_guest_agent/non_windows_accounts_integ_test.go 2022-01-24 21:23:50.000000000 +0100 @@ -1,3 +1,17 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // +build integration package main diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/guest-agent-20211116.00/google_guest_agent/windows_accounts_test.go new/guest-agent-20220204.00/google_guest_agent/windows_accounts_test.go --- old/guest-agent-20211116.00/google_guest_agent/windows_accounts_test.go 2021-11-11 20:48:43.000000000 +0100 +++ new/guest-agent-20220204.00/google_guest_agent/windows_accounts_test.go 2022-01-24 21:23:50.000000000 +0100 @@ -216,32 +216,50 @@ } } -func TestRemoveExpiredKeys(t *testing.T) { +func TestGetUserKeys(t *testing.T) { var tests = []struct { - key string - valid bool + key string + expectedValid int }{ - {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2028-11-08T19:30:47+0000"}`, true}, - {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2028-11-08T19:30:47+0700"}`, true}, - {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2028-11-08T19:30:47+0700", "futureField": "UNUSED_FIELDS_IGNORED"}`, true}, - {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2018-11-08T19:30:46+0000"}`, false}, - {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2018-11-08T19:30:46+0700"}`, false}, - {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"INVALID_TIMESTAMP"}`, false}, - {`user:ssh-rsa [KEY] google-ssh`, false}, - {`user:ssh-rsa [KEY] user`, true}, - {`user:ssh-rsa [KEY]`, true}, - {}, + {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2028-11-08T19:30:47+0000"}`, + 1, + }, + {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2028-11-08T19:30:47+0700"}`, + 1, + }, + {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2028-11-08T19:30:47+0700", "futureField": "UNUSED_FIELDS_IGNORED"}`, + 1, + }, + {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2018-11-08T19:30:46+0000"}`, + 0, + }, + {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"2018-11-08T19:30:46+0700"}`, + 0, + }, + {`user:ssh-rsa [KEY] google-ssh {"userName":"[email protected]", "expireOn":"INVALID_TIMESTAMP"}`, + 0, + }, + {`user:ssh-rsa [KEY] google-ssh`, + 0, + }, + {`user:ssh-rsa [KEY] user`, + 1, + }, + {`user:ssh-rsa [KEY]`, + 1, + }, + {`malformed-ssh-keys [KEY] google-ssh`, + 0, + }, + {`:malformed-ssh-keys [KEY] google-ssh`, + 0, + }, } for _, tt := range tests { - ret := removeExpiredKeys([]string{tt.key}) - if tt.valid { - if len(ret) == 0 || ret[0] != tt.key { - t.Errorf("valid key was removed: %q", tt.key) - } - } - if !tt.valid && len(ret) == 1 { - t.Errorf("invalid key was kept: %q", tt.key) + ret := getUserKeys([]string{tt.key}) + if userKeys, _ := ret["user"]; len(userKeys) != tt.expectedValid { + t.Errorf("expected %d valid keys from getUserKeys, but %d", tt.expectedValid, len(userKeys)) } } } ++++++ vendor.tar.gz ++++++
