1428919 - Raise minimum Vagrant Bento box_version to pick up recent kernel updates

Status: RESOLVED FIXED

(Tree Management :: Treeherder, enhancement, P1)

Description

[Ed Morley [:emorley]]

Let's raise the minimum box version to ensure it has the latest Meltdown/Spectre patches.

https://app.vagrantup.com/bento/boxes/ubuntu-16.04

Comment 1

[Ed Morley [:emorley]]

The initial batch of updates should be out on 9th:
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

Comment 2

[Ed Morley [:emorley]]

I found a bug with the Bento image cleanup script that breaks us just using `apt-get dist-upgrade` to update the kernel:
https://github.com/chef/bento/issues/975

Given that and there likely be other updates coming out soon, we should wait until Bento roll a new image version that has these built-in.

Comment 3

[Ed Morley [:emorley]]

The new Bento image release is out, so we can proceed with this.

Whilst making the changes I hit a Vagrant bug, which I've filed as:
https://github.com/hashicorp/vagrant/issues/9452

Comment 4

[GitHub Bugzilla PR Linker]

Attachment: Link to GitHub pull-request: https://github.com/mozilla/treeherder/pull/3202

Comment 5

[Treeherder GitHub Bugbot]

Commit pushed to master at https://github.com/mozilla/treeherder

https://github.com/mozilla/treeherder/commit/b7ec45cd3edcb7ebf28044d962fa7065e7358774
Bug 1428919 - Vagrant: Update to latest Bento image (#3202)

To pick up the newer kernel/security updates. Only takes effect when
people destroy/recreate their VM, so also adds a `dist-upgrade` to
upgrade existing boxes. (The older Bento box had a broken kernel
config so `dist-upgrade` can't upgrade the kernel, but it's better
than nothing.)

Also switches the Hyper-V provider to the Bento images for parity,
since Bento now create Hyper-V variants too.

The `box` name cannot be factored out of the provider blocks due to:
https://github.com/hashicorp/vagrant/issues/9452