Added sru test for release-32

debian/ubuntu-advantage-tools.postinst

@@ -296,11 +296,22 @@ create_public_user_config_file() {
     # UserConfigFile we already write the public
     # version of the user-config file with all the
     # sensitive data removed.
+    # We also move the user-config.json file to the private 
+    # directory
+    source_file="/var/lib/ubuntu-advantage/user-config.json"
+    destination_dir="/var/lib/ubuntu-advantage/private"
+    # Check if the source file exists
+    if [ -f "$source_file" ]; then
+        mkdir -p "$destination_dir"
+        # Move the user-config.json file to the private directory
+        mv "$source_file" "$destination_dir/user-config.json"
+    fi
+
     /usr/bin/python3 -c "
-from uaclient.files import UserConfigFileObject, UserConfigData
+from uaclient.files import UserConfigFileObject
 try:
     user_config_file = UserConfigFileObject()
-    content = UserConfigData()
+    content = user_config_file.read()
     user_config_file.write(content)
 except Exception as e:
     print('Error while creating public user-config file: {}'.format(e))

sru/release-32/test-user-config-created.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+set -e
+
+series=$1
+install_from=$2 # either path to a .deb, or 'staging', or 'proposed'
+
+name=$series-dev
+
+function cleanup {
+  lxc delete $name --force
+}
+
+function on_err {   
+  echo -e "Test Failed"
+  cleanup
+  exit 1
+}
+trap on_err ERR
+
+
+lxc launch ubuntu-daily:$series $name
+sleep 5
+
+# Install latest ubuntu-advantage-tools
+lxc exec $name -- apt-get update > /dev/null
+lxc exec $name -- apt-get install  -y ubuntu-advantage-tools > /dev/null
+echo -e "\n* Latest u-a-t is installed"
+echo "###########################################"
+lxc exec $name -- apt-cache policy ubuntu-advantage-tools
+echo -e "###########################################\n"
+
+# Create user-config.json file with the given content
+http_proxy_value="http://someuser:[email protected]:3128"
+# Create user-config.json file with the given content
+lxc exec $name -- sh -c "echo '{\"http_proxy\": \"$http_proxy_value\"}' > /var/lib/ubuntu-advantage/user-config.json"
+
+# ----------------------------------------------------------------
+if [ $install_from == 'staging' ]; then
+  lxc exec $name -- sudo add-apt-repository ppa:ua-client/staging -y > /dev/null
+  lxc exec $name -- apt-get update > /dev/null
+  lxc exec $name -- apt-get install ubuntu-advantage-tools -y > /dev/null
+elif [ $install_from == 'proposed' ]; then
+  lxc exec $name -- sh -c "echo \"deb http://archive.ubuntu.com/ubuntu $series-proposed main\" | tee /etc/apt/sources.list.d/proposed.list"
+  lxc exec $name -- apt-get update > /dev/null
+  lxc exec $name -- apt-get install ubuntu-advantage-tools -y > /dev/null
+else
+  lxc file push $install_from $name/new-ua.deb
+  lxc exec $name -- dpkg -i /new-ua.deb > /dev/null
+fi
+# ----------------------------------------------------------------
+
+# Check if user-config.json is moved to the private directory
+lxc exec $name -- test -e /var/lib/ubuntu-advantage/private/user-config.json;
+private_config_contents=$(lxc exec $name -- cat /var/lib/ubuntu-advantage/private/user-config.json)
+private_http_proxy_value=$(echo "$private_config_contents" | jq -r '.http_proxy')
+# Check if the contents are the same as the previous contents
+if [ "$http_proxy_value" == "$private_http_proxy_value" ]; then
+  echo "Contents of private/user-config.json have not changed"
+fi
+# Check if the file permissions are root
+lxc exec $name -- stat -c %U /var/lib/ubuntu-advantage/private/user-config.json | grep -q "-rw-------"
+
+# Check if a new public file is created
+lxc exec $name -- test -e /var/lib/ubuntu-advantage/user-config.json;
+public_config_contents=$(lxc exec $name -- cat /var/lib/ubuntu-advantage/user-config.json)
+public_http_proxy_value=$(echo "$public_config_contents" | jq -r '.http_proxy')
+# Check if the public_http_proxy_value is "<REDACTED>"
+if [ "$public_http_proxy_value" = "<REDACTED>" ]; then
+  echo "public_http_proxy_value is <REDACTED>"
+fi
+# Check if file permissions are public
+lxc exec $name -- stat -c %A /var/lib/ubuntu-advantage/user-config.json | grep -q "-rw-r--r--"
+
+cleanup

uaclient/files/user_config_file.py

@@ -2,8 +2,9 @@
 import logging
 import os
 from typing import Optional
+from urllib.parse import urlparse
 
-from uaclient import defaults, event_logger, exceptions, util
+from uaclient import defaults, event_logger, util
 from uaclient.data_types import (
     BoolDataValue,
     DataObject,
@@ -109,11 +110,13 @@ def redact_config_data(
         for field in PROXY_FIELDS:
             value = getattr(redacted_data, field)
             if value:
-                setattr(
-                    redacted_data,
-                    field,
-                    "<REDACTED>",
-                )
+                parsed_url = urlparse(value)
+                if parsed_url.username and parsed_url.password:
+                    setattr(
+                        redacted_data,
+                        field,
+                        "<REDACTED>",
+                    )
         return redacted_data
 
     def read(self) -> Optional[UserConfigData]:

uaclient/tests/test_config.py

@@ -1347,15 +1347,67 @@ class TestConfigShow:
     def test_redact_config_data(self, _write, FakeConfig):
         cfg = FakeConfig()
 
-        for field in user_config_file.PROXY_FIELDS:
-            setattr(
-                cfg.user_config, field, "http://username:password@proxy:port"
-            )
+        setattr(
+            cfg.user_config,
+            "apt_http_proxy",
+            "http://username:password@proxy:port",
+        )
+        setattr(
+            cfg.user_config,
+            "apt_https_proxy",
+            "http://username:password@proxy:port",
+        )
+        setattr(
+            cfg.user_config,
+            "global_apt_http_proxy",
+            "http://username:password@proxy:port",
+        )
+        setattr(
+            cfg.user_config,
+            "global_apt_https_proxy",
+            "http://username:password@proxy:port",
+        )
+        setattr(
+            cfg.user_config,
+            "ua_apt_http_proxy",
+            "http://username:password@proxy:port",
+        )
+        setattr(
+            cfg.user_config,
+            "ua_apt_https_proxy",
+            "http://username:password@proxy:port",
+        )
+        setattr(
+            cfg.user_config,
+            "http_proxy",
+            "http://username:password@proxy:port",
+        )
+        setattr(cfg.user_config, "https_proxy", "https://www.example.com")
 
         user_config_file_object = user_config_file.UserConfigFileObject()
         redacted_config = user_config_file_object.redact_config_data(
             cfg.user_config
         )
 
-        for field in user_config_file.PROXY_FIELDS:
-            assert getattr(redacted_config, field) == "<REDACTED>"
+        # Assert that proxy configurations are redacted
+        assert getattr(redacted_config, "apt_http_proxy") == "<REDACTED>"
+        assert getattr(redacted_config, "apt_https_proxy") == "<REDACTED>"
+        assert (
+            getattr(redacted_config, "global_apt_http_proxy") == "<REDACTED>"
+        )
+        assert (
+            getattr(redacted_config, "global_apt_https_proxy") == "<REDACTED>"
+        )
+        assert getattr(redacted_config, "ua_apt_http_proxy") == "<REDACTED>"
+        assert getattr(redacted_config, "ua_apt_https_proxy") == "<REDACTED>"
+        assert getattr(redacted_config, "http_proxy") == "<REDACTED>"
+        assert (
+            getattr(redacted_config, "https_proxy")
+            == "https://www.example.com"
+        )
+
+        # Assert that redacting multiple times does not change the result
+        redacted_again = user_config_file_object.redact_config_data(
+            redacted_config
+        )
+        assert redacted_config == redacted_again