[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
laney@dev> ./change-override --suite groovy --component main python3-octavia-lib ~/dev/canonical/release/ubuntu-archive-tools Override component to main python3-octavia-lib 2.2.0-0ubuntu1 in groovy amd64: universe/python/optional/100% -> main python3-octavia-lib 2.2.0-0ubuntu1 in groovy arm64: universe/python/optional/100% -> main python3-octavia-lib 2.2.0-0ubuntu1 in groovy armhf: universe/python/optional/100% -> main python3-octavia-lib 2.2.0-0ubuntu1 in groovy i386: universe/python/optional/100% -> main python3-octavia-lib 2.2.0-0ubuntu1 in groovy ppc64el: universe/python/optional/100% -> main python3-octavia-lib 2.2.0-0ubuntu1 in groovy riscv64: universe/python/optional/100% -> main python3-octavia-lib 2.2.0-0ubuntu1 in groovy s390x: universe/python/optional/100% -> main Override [y|N]? y 7 publications overridden. ** Changed in: python-octavia-lib (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
python-octavia-lib: python3-octavia-lib MIR: #1864666 (New) [Reverse-Depends: python3-octavia] This is ready and shows in mismatches, setting python3-octavia-lib to Fix Committed ** Changed in: python-octavia-lib (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
I reviewed python-octavia-lib 2.2.0-0ubuntu1 as checked into groovy. This shouldn't be considered a full audit but rather a quick gauge of maintainability. python-octavia-lib is a python3 library for developers writing Octavia load balancer provider drivers. - No CVE history. - No concerning build or runtime depends. - Only autogenerated maintainer scripts for removing python compiled bytecode. - No init scripts. - No systemd units. - No dbus services. - No setuid binaries. - No binaries in PATH. - No sudo fragments. - No polkit files. - No udev rules. - Some unit tests, run at build time. No autopkgtests. - No cron jobs. - Build log is okay, no lintian warnings or errors.: - No apparent processes spawned. - Limited file IO. Uses AF_UNIX sockets to communicate with driver agents. - No apparent logging. - No apparent environment variable usage. - No use of privileged functions. - Cryptography: allows use of SSLv3 for pools and listeners. - No apparent use of temp files. - No use of WebKit. - No use of PolicyKit. - No Coverity findings. - No significant bandit results. Security team ACK for promoting python-octavia-lib to main. ** Tags added: security-review-done ** Changed in: python-octavia-lib (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
Override component to main ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy: universe/net -> main python3-ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy amd64: universe/python/optional/100% -> main python3-ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy arm64: universe/python/optional/100% -> main python3-ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy armhf: universe/python/optional/100% -> main python3-ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy i386: universe/python/optional/100% -> main python3-ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy ppc64el: universe/python/optional/100% -> main python3-ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy riscv64: universe/python/optional/100% -> main python3-ovn-octavia-provider 0.2.1~git2020073017.fac554d-0ubuntu1 in groovy s390x: universe/python/optional/100% -> main 8 publications overridden. ** Changed in: ovn-octavia-provider (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
Hi Seth Apologies - I forgot to un-assign myself. I acked ovn-octavia-provider - only python-octavia-lib required security review. ** Changed in: ovn-octavia-provider (Ubuntu) Assignee: James Page (james-page) => (unassigned) ** Changed in: ovn-octavia-provider (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
James, I see ovn-octavia-provider is marked 'confirmed' but still assigned to you; does this package need security review or is it ready for promotion if the other packages are approved? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
[Summary] ovn-octavia-provider provides integration between OpenStack Octavia and OVN, supporting provisioing of load balancers as part of the SDN function of the cloud (vs use of instances for Load Balancers). MIR team ack for inclusion in Ubuntu main. [Duplication] There is no other package in main providing the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this (other than those already on this bug report) - no -dev/-debug/-doc packages that need exclusion [Embedded sources and static linking] OK: - no embedded source present - no static linking [Security] OK: - history of CVEs does not look concerning no security history https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ovn-octavia-provider - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats Uses JSON for communication between the driver manager and Octavia (using oslo_serialization which is already in main). - does not open a port - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (e.g. pam), etc) [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a test suite that runs as autopkgtest autopkgtest-pkg-python - The package has a team bug subscriber ubuntu-openstack - no translation present, but none needed for this case - no new python2 dependency - Python package that is using dh_python [Packaging red flags] OK: - Ubuntu does carry a delta, but it is reasonable and maintenance under control OpenStack ahead of Debian in Ubuntu. - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok - Upstream update history is good - Debian/Ubuntu update history is good but divereged - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far maintained the package - no massive Lintian warnings - d/rules is rather clean - not using Built-Using [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as I can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - no embedded source copies - not part of the UI for extra checks ** Changed in: ovn-octavia-provider (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
[Summary] python-octavia-lib provides a python library for developers of Octavia provider drivers, allowing alternative LB solutions to be integrated into Octavia. https://docs.openstack.org/octavia/latest/contributor/guides/providers.html This does need a security review, so assigning to ubuntu-security. MIR team ack for main inclusion (pending security team review). [Duplication] There is no other package in main providing the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this - no -dev/-debug/-doc packages that need exclusion [Embedded sources and static linking] OK: - no embedded source present - no static linking TODO: Problems: [Security] OK: - history of CVEs does not look concerning No security history https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=octavia-lib - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats JSON is used as the on-the-wire format for communication between drivers and Octavia (using oslo_serialization which is already in main). - does not open a port - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (e.g. pam), etc) [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a test suite that runs as autopkgtest No - but covered by autopkgtests in octavia - The package has a team bug subscriber ubuntu-openstack - no translation present, but none needed for this case - no new python2 dependency - Python package that is using dh_python [Packaging red flags] OK: - Ubuntu does carry a delta, but it is reasonable and maintenance under control OpenStack ahead of Debian in terms of versions - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok - Upstream update history is good - Debian/Ubuntu update history is good but diverged - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far maintained the package - no massive Lintian warnings - d/rules is rather clean - Does not have Built-Using [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as I can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - no embedded source copies - not part of the UI for extra checks ** Changed in: python-octavia-lib (Ubuntu) Assignee: James Page (james-page) => Ubuntu Security Team (ubuntu-security) ** Changed in: python-octavia-lib (Ubuntu) Milestone: later => ubuntu-20.10 ** Changed in: ovn-octavia-provider (Ubuntu) Milestone: later => ubuntu-20.10 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
The octavia MIR is being tracked at LP: #1888309 ** Changed in: ovn-octavia-provider (Ubuntu) Status: Incomplete => New ** Changed in: python-octavia-lib (Ubuntu) Status: Incomplete => New ** No longer affects: octavia (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
Deferring to 20.10 cycle as we're to late to include Octavia for 20.04 main. ** Changed in: octavia (Ubuntu) Assignee: (unassigned) => Corey Bryant (corey.bryant) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/octavia/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
As Octavia is still in Universe there seems little point in reviewing these packages by themselves. ** Changed in: ovn-octavia-provider (Ubuntu) Status: New => Incomplete ** Changed in: python-octavia-lib (Ubuntu) Status: New => Incomplete ** Changed in: ovn-octavia-provider (Ubuntu) Importance: Undecided => Medium ** Changed in: python-octavia-lib (Ubuntu) Importance: Undecided => Medium ** Also affects: octavia (Ubuntu) Importance: Undecided Status: New ** Changed in: octavia (Ubuntu) Status: New => Incomplete ** Changed in: octavia (Ubuntu) Importance: Undecided => Medium ** Changed in: octavia (Ubuntu) Milestone: None => later ** Changed in: ovn-octavia-provider (Ubuntu) Milestone: None => later ** Changed in: python-octavia-lib (Ubuntu) Milestone: None => later -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/octavia/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
** Also affects: ovn-octavia-provider (Ubuntu) Importance: Undecided Status: New ** Changed in: ovn-octavia-provider (Ubuntu) Assignee: (unassigned) => James Page (james-page) ** Changed in: python-octavia-lib (Ubuntu) Assignee: (unassigned) => James Page (james-page) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn-octavia-provider/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864666] Re: [MIR] python-octavia-lib, ovn-octavia-provider
** Description changed: [MIR] ovn-octavia-provider [Availability] - Currently in focal NEW queue. + Currently in universe. [Rationale] This package provides integration of OpenStack Octavia with OVN. [Security] No security history. [Quality Assurance] Package works out of the box with no prompting. There are no major bugs in Ubuntu and there are no major bugs in Debian. Unit tests are run during build. [Dependencies] All are in main except python3-octavia-lib. [Standards Compliance] FHS and Debian Policy compliant. [Maintenance] Simple python package that the OpenStack Team will take care of. [Background] OVN provides virtual networking for Open vSwitch and is a component of the Open vSwitch project. This package provides the Python 3 module for the integration between Octavia and OVN. -- [MIR] python-octavia-lib [Availability] Currently in universe. [Rationale] This package provides python library support for OpenStack Octavia provider drivers. [Security] No security history. [Quality Assurance] Package works out of the box with no prompting. There are no major bugs in Ubuntu and there are no major bugs in Debian. Unit tests are run during build. [Dependencies] All are in main. [Standards Compliance] FHS and Debian Policy compliant. [Maintenance] Python package that the OpenStack Team will take care of. [Background] Octavia provides the Load Balancer as a Service for OpenStack clouds. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864666 Title: [MIR] python-octavia-lib, ovn-octavia-provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-octavia-lib/+bug/1864666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs