foreman_maintain 0.6.4 → 0.6.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e51a96d2df37cf98881bc81a1b67f33dca283ea34b226f2f434273984e6baa59
-  data.tar.gz: ad6c47b27ba7e5c2869354c0a60885e8da2158cc3b6feb04df614ccc78c395d5
+  metadata.gz: 7050dd905c1396f95686caabf7afaea60f963b8c68c2b0849eb4d06b7e5330f7
+  data.tar.gz: d683a46f74563cb3c22a4f0ab94ebf3354aa4685afd8b22a7ea68ec1fc6d70a7
 SHA512:
-  metadata.gz: ddd22571061620757eaa7d814c34c7c4d06801361ebba1296b5089a345ed61ac91c41fbaa97f643bb8535bf5644d5e96065dccbd66681d6b3516963462f1d940
-  data.tar.gz: 9f0023b28042b0f5145a7c2b60b91a8194216eeaa5936987cb91504c49a502a9dfd03c21d3d527cc7487a14a7abe2d8513dcc66a7f47454fa9f3bdc61debdb85
+  metadata.gz: 56ffb28e036596b3b7262ff27e5f7ab85ccd98ba3f261ef5049f0e4c404b743b96fe3086723a7a0d08005e27308b40888e209ca66125662d4dd72da8706a540c
+  data.tar.gz: f056a9c36223352dededfd338e462070f71780b679e2d661360733a85ef07045ac1fd7f803421f945d9f1cc0176d7351d8f0f951da558635b33a5dcc7e99a67c

data/README.md

@@ -1,6 +1,6 @@
 # Foreman Maintenance [![Build Status](https://travis-ci.org/theforeman/foreman_maintain.svg?branch=master)](https://travis-ci.org/theforeman/foreman_maintain) <a href="https://codeclimate.com/github/theforeman/foreman_maintain"><img src="https://codeclimate.com/github/theforeman/foreman_maintain/badges/gpa.svg" /></a>
 
-`foreman_maintain` aims to provide various features that helps keep the
+The `foreman_maintain` aims to provide various features that helps keep the
 Foreman/Satellite up and running. It supports multiple versions and subparts
 of the Foreman infrastructure, including server or smart proxy and is smart
 enough to provide the right tools for the specific version.
@@ -19,8 +19,10 @@ Subcommands:
     upgrade                       Upgrade related commands
       list-versions                 List versions this system is upgradable to
       check --target-version TARGET_VERSION   Run pre-upgrade checks for upgrading to specified version
+            --disable-self-upgrade            Disable automatic self upgrade (default: false)
       run --target-version TARGET_VERSION     Run the full upgrade
           [--phase=phase TARGET_VERSION]      Run just a specific phase of the upgrade
+          --disable-self-upgrade              Disable automatic self upgrade (default: false)
 
     advanced                      Advanced tools for server maintenance
       procedure                     Run maintain procedures manually
@@ -59,8 +61,8 @@ Subcommands:
 Foreman-maintain implements upgrade tooling that helps the administrator to go
 through the upgrade process.
 
-Foreman-maintain scans the system to know, what version are available
-to upgrade to for the particular system. To see what versions are available
+Foreman-maintain scans the system to know, what versions are available
+for upgrade on the particular system. To see what versions are available
 for upgrade, run:
 
 ```
@@ -88,13 +90,13 @@ of the system:
 
   * **pre-migrations** - these steps perform changes on the system before
     the actual upgrade starts. An example is disabling access to the system from
-    external sources, a.k.a. maintenance mode or disabling sync plans during the run.
+    external sources, a.k.a. maintenance mode or disabling Katello sync plans during the run.
 
     After this phase ends, the system is still running the old version, and it's possible
     to revert the changes by running the post-migrations steps.
 
   * **migrations** - this phase performs the actual migrations, starting with
-    configuring new repositories, updated the packages and running the installer.
+    configuring new repositories, updating the packages and running the installer.
 
     At the end of this phase, the system should be fully migrated to the new version.
     However, the system is not fully operational yet, as the post-migrations steps
@@ -103,7 +105,7 @@ of the system:
   * **post-migrations** - these steps revert the changes made in pre-migrations phase,
     turning the system into fully-operational again.
 
-  * **post-upgrade checks** - this steps should perform sanity check of the system
+  * **post-upgrade checks** - these steps should perform sanity check of the system
     to ensure the system is valid and ready to be used again.
 
 
@@ -114,6 +116,40 @@ the *pre-upgrade check* phase. In case the upgrade failed before **migrations**
 phase made some modifying changes, the tool tries to rollback to the previous
 state of the system.
 
+#### Self-upgrade for rubygem-foreman_maintain package
+
+**Note:** This feature is available from `rubygem-foreman_maintain` version 0.6.4 and newer.
+
+When a user runs any `foreman-maintain upgrade` sub commands (e.g. `foreman-maintain upgrade check` or `foreman-maintain upgrade run`) then,
+
+  * If update available for `rubygem-foreman_maintain` package, the sub command tries to update this package. After successful package update, it returns the exit code 75 and requests user to re-run with the updated source code.
+
+    Here, exit code (value 75) is to indicate that it can not continue with further execution & needs re-run. e.g.,
+
+    ~~~
+    # foreman-maintain upgrade check --target-version TARGET_VERSION
+    Checking for new version of foreman-maintain...
+    rubygem-foreman_maintain.noarch   repository
+
+    Updating foreman-maintain package.
+
+    The foreman-maintain package successfully updated.
+
+    Re-run foreman-maintain with required options!
+
+    # echo $?
+    75
+    ~~~
+
+  * If update is not available for `rubygem-foreman_maintain` package, then sub command simply executes the further steps without halt.
+
+  * If user wants to skip self-update mechanism then `--disable-self-upgrade` flag can be used with upgrade sub commands. e.g.,
+
+  ~~~
+  # foreman-maintain upgrade check --target-version TARGET_VERSION --disable-self-upgrade
+  # foreman-maintain upgrade run --target-version TARGET_VERSION --disable-self-upgrade
+  ~~~
+
 #### Satellite notes
 
 To use custom organization/activation key for configuring repositories during
@@ -132,7 +168,7 @@ export FOREMAN_MAINTAIN_USE_BETA='1'
 
 ## Implementation
 
-`foreman_maintain` maps the CLI commands into definitions. This allows to keep the set
+The `foreman_maintain` maps the CLI commands into definitions. This allows to keep the set
 of the commands the user needs to know immutable from version-specific changes. The mapping
 between the CLI commands and definitions is made by defining various metadata.
 
@@ -329,8 +365,8 @@ end
 ```
 
 Before executing the command the feature checks if it has valid hammer configuration to run the command.
-Foreman maintain always use the 'admin' account to run the commands. The password is taken either form
-the Hammer config or installer answer files or asked from the user interactively (in this order).
+Foreman maintain always use the 'admin' account to run the commands. The password is taken from
+the hammer config or installer answer files or asked from the user interactively (in this order).
 The valid credentials are stored and reused next time if still valid.
 
 Usually we want to do the user interaction at the beginning of our scenario.
@@ -449,7 +485,7 @@ Possible options for the `:completion` attribute are:
 * `maintenance-mode is-enabled` returns `0 or 1` output depending upon the maintenance-mode status.
 Here, 0=ON & 1=OFF.
 
-If User would like to check whether maintenance-mode is ON/OFF on system in their external script then
+If users would like to check whether maintenance-mode is ON/OFF on system in their external script then
 they can use subcommand `foreman-maintain maintenance-mode is-enabled`.
 
 ## How to contribute?

data/bin/foreman-maintain-complete

@@ -13,7 +13,8 @@ require 'foreman_maintain/utils/bash'
 # rubocop:disable Lint/RescueWithoutErrorClass, Lint/HandleExceptions
 def cache_file(config_file)
   config = YAML.load(File.open(config_file))
-  config[:completion_cache_file]
+  config.fetch(:completion_cache_file,
+               "#{ENV['HOME'] || '/root'}/.cache/foreman_maintain_completion.yml")
 rescue
 end
 # rubocop:enable Lint/RescueWithoutErrorClass, Lint/HandleExceptions
@@ -23,7 +24,7 @@ config_file = if File.exist?(CONFIG_FILE)
               else
                 File.join(project_root, 'config/foreman_maintain.yml')
               end
-completion_cache_file = cache_file(config_file) || '~/.cache/foreman_maintain_completion.yml'
+completion_cache_file = cache_file(config_file)
 completion_cache_file = File.expand_path(completion_cache_file)
 
 # build the cache if it does not exist

data/definitions/checks/env_proxy.rb

@@ -0,0 +1,13 @@
+class Checks::EnvProxy < ForemanMaintain::Check
+  metadata do
+    label :env_proxy
+    tags :env_proxy
+    description 'Check to make sure no HTTP(S) proxy set in ENV'
+  end
+
+  def run
+    variables = %w[http_proxy https_proxy HTTP_PROXY HTTPS_PROXY]
+    has_proxy_set = true if variables.map { |variable| ENV[variable] }.compact.any?
+    assert(!has_proxy_set, 'Global HTTP(S) proxy in environment (env) is set. Please unset first!')
+  end
+end

data/definitions/checks/foreman/check_corrupted_roles.rb

@@ -14,14 +14,22 @@ module Checks
       def run
         items = find_filter_permissions
         assert(items.empty?,
-               'There are user roles with inconsistent filters',
+               error_message(items),
                :next_steps => Procedures::Foreman::FixCorruptedRoles.new)
       end
 
+      def error_message(items)
+        roles = items.map { |item| item['role_name'] }.uniq
+        'There are filters having permissions with multiple resource types. ' \
+        'Roles with such filters are:' \
+        "\n#{roles.join("\n")}"
+      end
+
       def find_filter_permissions
         feature(:foreman_database).query(self.class.inconsistent_filter_perms)
       end
 
+      # rubocop:disable Metrics/MethodLength
       def self.inconsistent_filter_perms
         subquery = <<-SQL
           SELECT filters.id AS filter_id,
@@ -32,14 +40,17 @@ module Checks
                  filterings.id AS filtering_id,
                  permissions.id AS permission_id,
                  permissions.name AS permission_name,
-                 permissions.resource_type
+                 permissions.resource_type,
+                 roles.name AS role_name
           FROM filters INNER JOIN filterings ON filters.id = filterings.filter_id
                        INNER JOIN permissions ON permissions.id = filterings.permission_id
+                       INNER JOIN roles ON filters.role_id = roles.id
         SQL
 
         <<-SQL
           SELECT DISTINCT first.filter_id,
                           first.role_id,
+                          first.role_name,
                           first.filtering_id,
                           first.permission_id,
                           first.permission_name,
@@ -54,6 +65,7 @@ module Checks
                 OR (first.resource_type != second.resource_type))
         SQL
       end
+      # rubocop:enable Metrics/MethodLength
     end
   end
 end

data/definitions/checks/foreman_proxy/check_tftp_storage.rb

@@ -0,0 +1,52 @@
+module Checks::ForemanProxy
+  class CheckTftpStorage < ForemanMaintain::Check
+    metadata do
+      label :check_tftp_storage
+      description 'Clean old Kernel and initramfs files from tftp-boot'
+      tags :default
+      confine do
+        feature(:satellite) && feature(:foreman_proxy) &&
+          feature(:foreman_proxy).features.include?('tftp') && non_zero_token_duration?
+      end
+    end
+
+    def run
+      if Dir.exist?(tftp_boot_directory)
+        files = old_files_from_tftp_boot
+        assert(files.empty?,
+               'There are old initrd and vmlinuz files present in tftp',
+               :next_steps => Procedures::Files::Remove.new(:files => files))
+      else
+        skip "TFTP #{tftp_boot_directory} directory doesn't exist."
+      end
+    end
+
+    def old_files_from_tftp_boot
+      Dir.entries(tftp_boot_directory).map do |file|
+        unless File.directory?(file)
+          file_path =  tftp_boot_directory + file
+          file_path if File.mtime(file_path) + (token_duration * 60) < Time.now
+        end
+      end.compact
+    end
+
+    def self.non_zero_token_duration?
+      lookup_token_duration != 0
+    end
+
+    def tftp_boot_directory
+      @tftp_boot_directory ||= "#{feature(:foreman_proxy).tftp_root_directory}/boot/"
+    end
+
+    def token_duration
+      @token_duration ||= self.class.lookup_token_duration
+    end
+
+    def self.lookup_token_duration
+      data = feature(:foreman_database). \
+             query("select s.value, s.default from settings s \
+                    where category = 'Setting::Provisioning' and name = 'token_duration'")
+      YAML.load(data[0]['value'] || data[0]['default'])
+    end
+  end
+end

data/definitions/checks/foreman_proxy/verify_dhcp_config_syntax.rb

@@ -4,20 +4,18 @@ module Checks::ForemanProxy
       description 'Check for verifying syntax for ISP DHCP configurations'
       tags :default
       confine do
-        feature(:foreman_proxy)
+        feature(:foreman_proxy) &&
+          feature(:foreman_proxy).features.include?('dhcp') &&
+          feature(:foreman_proxy).dhcp_isc_provider?
       end
     end
 
     def run
-      if feature(:foreman_proxy).features.include?('dhcp')
-        if feature(:foreman_proxy).dhcpd_conf_exist?
-          success = feature(:foreman_proxy).valid_dhcp_configs?
-          assert(success, 'Please check and verify DHCP configurations.')
-        else
-          fail! "Couldn't find configuration file at #{feature(:foreman_proxy).dhcpd_config_file}"
-        end
+      if feature(:foreman_proxy).dhcpd_conf_exist?
+        success = feature(:foreman_proxy).valid_dhcp_configs?
+        assert(success, 'Please check and verify DHCP configurations.')
       else
-        skip 'DHCP feature is not enabled'
+        fail! "Couldn't find configuration file at #{feature(:foreman_proxy).dhcpd_config_file}"
       end
     end
   end

data/definitions/checks/repositories/check_non_rh_repository.rb

@@ -2,7 +2,7 @@ module Checks::Repositories
   class CheckNonRhRepository < ForemanMaintain::Check
     metadata do
       label :check_non_redhat_repository
-      description "Check whether system don't have any non Red Hat repositories(Eg: EPEL) enabled"
+      description 'Check whether system has any non Red Hat repositories (e.g.: EPEL) enabled'
       tags :pre_upgrade
       confine do
         feature(:instance).downstream
@@ -11,7 +11,7 @@ module Checks::Repositories
 
     def run
       with_spinner('Checking repositories enabled on the system') do
-        assert(!epel_enabled?, 'System is subscribed to non Red Hat repositories(Eg: EPEL)')
+        assert(!epel_enabled?, 'System is subscribed to non Red Hat repositories')
       end
     end
 

data/definitions/features/capsule.rb

@@ -5,7 +5,8 @@ class Features::Capsule < ForemanMaintain::Feature
     label :capsule
 
     confine do
-      package_manager.installed?(['satellite-capsule']) ||
+      !package_manager.installed?(['satellite']) &&
+        package_manager.installed?(['satellite-capsule']) ||
         package_manager.installed?(['capsule-installer'])
     end
   end

data/definitions/features/foreman_proxy.rb

@@ -12,6 +12,9 @@ class Features::ForemanProxy < ForemanMaintain::Feature
   FOREMAN_PROXY_DHCP_YML_PATHS = ['/etc/foreman-proxy/settings.d/dhcp.yml',
                                   '/usr/local/etc/foreman-proxy/settings.d/dhcp.yml'].freeze
 
+  FOREMAN_PROXY_TFTP_YML_PATHS = ['/etc/foreman-proxy/settings.d/tftp.yml',
+                                  '/usr/local/etc/foreman-proxy/settings.d/tftp.yml'].freeze
+
   def valid_dhcp_configs?
     dhcp_req_pass? && !syntax_error_exists?
   end
@@ -66,7 +69,7 @@ class Features::ForemanProxy < ForemanMaintain::Feature
 
     configs.push('/var/lib/tftpboot') if backup_features.include?('tftp')
     configs += ['/var/named/', '/etc/named*'] if backup_features.include?('dns')
-    if backup_features.include?('dhcp')
+    if backup_features.include?('dhcp') && dhcp_isc_provider?
       configs += ['/var/lib/dhcpd', File.dirname(dhcpd_config_file)]
     end
     configs.push('/usr/share/xml/scap') if backup_features.include?('openscap')
@@ -98,7 +101,9 @@ class Features::ForemanProxy < ForemanMaintain::Feature
   end
 
   def certs_tar
-    feature(:installer).answers[content_module][certs_param_name[:param_section]] if content_module
+    if content_module
+      feature(:installer).answers.fetch(content_module, {})[certs_param_name[:param_key]]
+    end
   end
 
   def settings_file
@@ -113,6 +118,14 @@ class Features::ForemanProxy < ForemanMaintain::Feature
     @dhcpd_config_file ||= lookup_dhcpd_config_file
   end
 
+  def tftp_root_directory
+    @tftp_root_directory ||= lookup_tftp_root_directory
+  end
+
+  def dhcp_isc_provider?
+    configs_from_dhcp_yml[:use_provider] == 'dhcp_isc'
+  end
+
   private
 
   def backup_features(for_features)
@@ -209,11 +222,18 @@ class Features::ForemanProxy < ForemanMaintain::Feature
     dhcpd_config_file
   end
 
-  def lookup_using_dhcp_yml
-    dhcp_yml_path = lookup_into(FOREMAN_PROXY_DHCP_YML_PATHS)
-    raise "Couldn't find dhcp.yml file under foreman-proxy" unless dhcp_yml_path
+  def dhcp_yml_path
+    dhcp_path = lookup_into(FOREMAN_PROXY_DHCP_YML_PATHS)
+    raise "Couldn't find dhcp.yml file under foreman-proxy" unless dhcp_path
 
-    configs_from_dhcp_yml = yaml_load(dhcp_yml_path)
+    dhcp_path
+  end
+
+  def configs_from_dhcp_yml
+    @configs_from_dhcp_yml ||= yaml_load(dhcp_yml_path)
+  end
+
+  def lookup_using_dhcp_yml
     if configs_from_dhcp_yml.key?(:dhcp_config)
       return configs_from_dhcp_yml[:dhcp_config]
     elsif configs_from_dhcp_yml.key?(:use_provider)
@@ -226,6 +246,13 @@ class Features::ForemanProxy < ForemanMaintain::Feature
     end
   end
 
+  def lookup_tftp_root_directory
+    tftp_yml_path = lookup_into(FOREMAN_PROXY_TFTP_YML_PATHS)
+    raise "Couldn't find tftp.yml file under foreman-proxy" unless tftp_yml_path
+
+    yaml_load(tftp_yml_path)[:tftproot]
+  end
+
   def yaml_load(path)
     YAML.load_file(path) || {}
   end

data/definitions/features/foreman_server.rb

@@ -28,7 +28,7 @@ module ForemanMaintain
       def config_files
         [
           '/etc/httpd',
-          '/var/www/html/pub',
+          '/var/www/html/pub/katello-*',
           '/etc/squid',
           '/etc/foreman',
           '/etc/selinux/targeted/contexts/files/file_contexts.subs',

data/definitions/procedures/backup/metadata.rb

@@ -6,6 +6,7 @@ module Procedures::Backup
       preparation_steps { Checks::Foreman::DBUp.new if feature(:foreman_server) }
       param :backup_dir, 'Directory where to backup to', :required => true
       param :incremental_dir, 'Changes since specified backup only'
+      param :online_backup, 'Select for online backup', :flag => true, :default => false
     end
 
     def run
@@ -16,6 +17,7 @@ module Procedures::Backup
         metadata['proxy_features'] = proxy_feature_list(spinner) || []
         metadata['rpms'] = rpms(spinner)
         metadata['incremental'] = @incremental_dir || false
+        metadata['online'] = @online_backup
         save_metadata(metadata, spinner)
       end
     end

data/definitions/procedures/backup/prepare_directory.rb

@@ -8,6 +8,7 @@ module Procedures::Backup
       param :incremental_dir, 'Changes since specified backup only'
     end
 
+    # rubocop:disable Metrics/MethodLength
     def run
       puts "Creating backup folder #{@backup_dir}"
 
@@ -22,8 +23,14 @@ module Procedures::Backup
 
       FileUtils.rm(Dir.glob(File.join(@backup_dir, '.*.snar'))) if @preserve_dir
       if @incremental_dir
-        FileUtils.cp(Dir.glob(File.join(@incremental_dir, '.*.snar')), @backup_dir)
+        if (snar_files = Dir.glob(File.join(@incremental_dir, '.*.snar'))).empty?
+          raise "#{@incremental_dir}/*.snar files unavailable. "\
+                'Provide a valid previous backup directory'
+        else
+          FileUtils.cp(snar_files, @backup_dir)
+        end
       end
     end
+    # rubocop:enable Metrics/MethodLength
   end
 end

data/definitions/procedures/backup/snapshot/logical_volume_confirmation.rb

@@ -12,7 +12,7 @@ module Procedures::Backup
         backup_lv = get_lv_info(@backup_dir)
 
         dbs = {}
-        dbs[:pulp] = 'Pulp' if feature(:pulp2) && !@skip_pulp
+        dbs[:pulp2] = 'Pulp' if feature(:pulp2) && !@skip_pulp
         dbs[:mongo] = 'Mongo' if db_local?(:mongo)
         dbs[:candlepin_database] = 'Candlepin' if db_local?(:candlepin_database)
         dbs[:foreman_database] = 'Foreman' if db_local?(:foreman_database)

data/definitions/procedures/content/prepare.rb

@@ -3,6 +3,11 @@ module Procedures::Content
     metadata do
       description 'Prepare content for Pulp 3'
       for_feature :pulpcore
+
+      confine do
+        # FIXME: remove this condition on next downstream upgrade scenario
+        !feature(:instance).downstream
+      end
     end
 
     def run

data/definitions/procedures/content/switchover.rb

@@ -3,6 +3,11 @@ module Procedures::Content
     metadata do
       description 'Switch support for certain content from Pulp 2 to Pulp 3'
       for_feature :pulpcore
+
+      confine do
+        # FIXME: remove this condition on next downstream upgrade scenario
+        !feature(:instance).downstream
+      end
     end
 
     def run
@@ -15,7 +20,8 @@ module Procedures::Content
       puts 'Re-running the installer to switch specified content over to pulp3'
       args = ['--foreman-proxy-content-proxy-pulp-isos-to-pulpcore=true',
               '--katello-use-pulp-2-for-file=false',
-              '--katello-use-pulp-2-for-docker=false']
+              '--katello-use-pulp-2-for-docker=false',
+              '--katello-use-pulp-2-for-yum=false']
       feature(:installer).run(args.join(' '))
     end
   end

data/definitions/procedures/packages/locking_status.rb

@@ -18,7 +18,7 @@ module Procedures::Packages
       else
         puts '  Packages are not locked.'
         puts "  WARNING: When locking is disabled there is a risk of unwanted update\n" \
-             "  of #{feature(:instance).product_name}' and its components and possible " \
+             "  of #{feature(:instance).product_name} and its components and possible " \
              'data inconsistency'
       end
     end

data/definitions/procedures/restore/configs.rb

@@ -19,10 +19,15 @@ module Procedures::Restore
       end
     end
 
+    # rubocop:disable  Metrics/MethodLength
     def restore_configs(backup)
       exclude = ForemanMaintain.available_features.each_with_object([]) do |feat, cfgs|
+        if backup.online_backup?
+          feat.config_files_exclude_for_online.each { |f| cfgs << f.gsub(%r{^/}, '') }
+        end
         feat.config_files_to_exclude.each { |f| cfgs << f.gsub(%r{^/}, '') }
       end
+
       tar_options = {
         :overwrite => true,
         :listed_incremental => '/dev/null',
@@ -35,6 +40,7 @@ module Procedures::Restore
 
       feature(:tar).run(tar_options)
     end
+    # rubocop:enable  Metrics/MethodLength
 
     def reload_configs
       feature(:mongo).reload_db_config if feature(:mongo)

data/definitions/procedures/restore/regenerate_queues.rb

@@ -0,0 +1,69 @@
+module Procedures::Restore
+  class RegenerateQueues < ForemanMaintain::Procedure
+    metadata do
+      advanced_run false
+      description 'Regenerate required activemq and qpidd queues while restoring online backup'
+      confine do
+        feature(:pulp2)
+      end
+    end
+
+    def qpid_router_broker_port
+      @qpid_router_broker_port ||= feature(:installer).
+                                   answers['foreman_proxy_content']['qpid_router_broker_port']
+    end
+
+    def qpid_configs
+      @qpid_configs ||= {
+        'ssl_cert' => "/etc/pki/katello/certs/#{hostname}-qpid-broker.crt",
+        'ssl_key' => "/etc/pki/katello/private/#{hostname}-qpid-broker.key",
+        'amqps_url' => "amqps://localhost:#{qpid_router_broker_port}"
+      }
+    end
+
+    def katello_events
+      %w[compliance.created
+         entitlement.created
+         entitlement.deleted
+         pool.created
+         pool.deleted]
+    end
+
+    def run
+      with_spinner('Resetting the queues') do |spinner|
+        regenerate_activemq_queues(spinner)
+        regenerate_qpidd_queues(spinner)
+        spinner.update('Queues created successfully')
+      end
+    end
+
+    def regenerate_activemq_queues(spinner)
+      # The activemq queues(/var/lib/candlepin/activemq-artemis) regenerate on tomcat restart.
+      # After stopping the tomcat here, service start is triggered from the restore scenario.
+      spinner.update('Stopping tomcat service')
+      feature(:candlepin).services.select(&:exist?).first.stop
+      spinner.update('Recreating activemq queues')
+      execute!('rm -rf /var/lib/candlepin/activemq-artemis/')
+    end
+
+    def run_qpid_command(opts)
+      execute!("qpid-config --ssl-certificate #{qpid_configs['ssl_cert']} \\
+                --ssl-key #{qpid_configs['ssl_key']} -b #{qpid_configs['amqps_url']} #{opts}")
+    end
+
+    def regenerate_qpidd_queues(spinner)
+      feature(:service).handle_services(spinner, 'stop', :only => ['qpidd'])
+      execute!('rm -rf /var/lib/qpidd/.qpidd/qls')
+      spinner.update('Starting qpidd service')
+      feature(:service).handle_services(spinner, 'start', :only => ['qpidd'])
+      spinner.update('Service qpidd started, waiting 60 seconds to start it completely')
+      sleep 60
+      spinner.update('Recreating qpidd queues')
+      run_qpid_command('add exchange topic event --durable')
+      run_qpid_command('add queue katello_event_queue --durable')
+      katello_events.each do |event|
+        run_qpid_command("bind event katello_event_queue #{event}")
+      end
+    end
+  end
+end

data/definitions/scenarios/backup.rb

@@ -210,6 +210,7 @@ module ForemanMaintain::Scenarios
         Procedures::Backup::Online::ForemanDB,
         Procedures::Backup::Online::PulpcoreDB
       )
+      add_step_with_context(Procedures::Backup::Metadata, :online_backup => true)
     end
 
     def strategy

data/definitions/scenarios/content.rb

@@ -8,7 +8,10 @@ module ForemanMaintain::Scenarios
       end
 
       def compose
-        add_step(Procedures::Content::Prepare)
+        # FIXME: remove this condition on next downstream upgrade scenario
+        if Procedures::Content::Prepare.present?
+          add_step(Procedures::Content::Prepare)
+        end
       end
     end
 
@@ -20,7 +23,10 @@ module ForemanMaintain::Scenarios
       end
 
       def compose
-        add_step(Procedures::Content::Switchover)
+        # FIXME: remove this condition on next downstream upgrade scenario
+        if Procedures::Content::Switchover.present?
+          add_step(Procedures::Content::Switchover)
+        end
       end
     end
   end

data/definitions/scenarios/packages.rb

@@ -1,7 +1,10 @@
 module ForemanMaintain::Scenarios
   module Packages
     def self.skip_installer_run?(packages_list)
-      packages_list = packages_list.split(',').map(&:strip) if packages_list.is_a?(String)
+      if packages_list.is_a?(String)
+        packages_list = packages_list.split(',').map(&:strip)
+      end
+      packages_list ||= []
 
       return false unless packages_list.any? { |p| p.include?('foreman_maintain') }
       return true if packages_list.length == 1

data/definitions/scenarios/restore.rb

@@ -20,6 +20,7 @@ module ForemanMaintain::Scenarios
                              Checks::Restore::ValidateHostname,
                              Procedures::Selinux::SetFileSecurity,
                              Procedures::Restore::Configs)
+      add_step_with_context(Procedures::Crond::Stop) if feature(:cron)
       unless backup.incremental?
         add_steps_with_context(Procedures::Restore::EnsureMongoEngineMatches,
                                Procedures::Restore::InstallerReset)
@@ -36,9 +37,12 @@ module ForemanMaintain::Scenarios
       end
       restore_mongo_dump(backup)
       add_steps_with_context(Procedures::Pulp::Migrate,
-                             Procedures::Pulpcore::Migrate,
-                             Procedures::Service::Start,
+                             Procedures::Pulpcore::Migrate)
+
+      add_steps_with_context(Procedures::Restore::RegenerateQueues) if backup.online_backup?
+      add_steps_with_context(Procedures::Service::Start,
                              Procedures::Service::DaemonReload)
+      add_step_with_context(Procedures::Crond::Start) if feature(:cron)
     end
     # rubocop:enable Metrics/MethodLength,Metrics/AbcSize
 
@@ -96,4 +100,15 @@ module ForemanMaintain::Scenarios
                   Procedures::Selinux::SetFileSecurity => :incremental_backup)
     end
   end
+
+  class RestoreRescue < ForemanMaintain::Scenario
+    metadata do
+      description 'Resuce Restore backup'
+      manual_detection
+    end
+
+    def compose
+      add_step_with_context(Procedures::Crond::Stop) if feature(:cron)
+    end
+  end
 end

data/extras/foreman_protector/foreman-protector.py

@@ -26,7 +26,7 @@ def _load_whitelist():
                 continue
             _package_whitelist.add(line.rstrip().lower())
         llfile.close()
-    except urlgrabber.grabber.URLGrabError, e:
+    except urlgrabber.grabber.URLGrabError as e:
         raise PluginYumExit('Unable to read Foreman protector"s configuration: %s' % e)
 
 def _add_obsoletes(conduit):

data/lib/foreman_maintain.rb

@@ -53,6 +53,8 @@ module ForemanMaintain
     }.freeze
 
     def setup(options = {})
+      set_home_environment
+
       # using a queue, we can log the messages which are generated before initializing logger
       self.config = Config.new(options)
       load_definitions
@@ -60,6 +62,10 @@ module ForemanMaintain
       update_path
     end
 
+    def set_home_environment
+      ENV['HOME'] ||= '/root'
+    end
+
     # Appending PATH with expected paths needed for commands we run
     def update_path
       paths = ['/sbin']
@@ -162,7 +168,7 @@ module ForemanMaintain
         ForemanMaintain.package_manager.update(main_package_name, :assumeyes => true)
         puts "\nThe #{package_name} package successfully updated."\
              "\nRe-run #{command} with required options!"
-        exit 0
+        exit 75
       end
       puts "Nothing to update, can't find new version of #{package_name}."
     end

data/lib/foreman_maintain/cli/restore_command.rb

@@ -13,7 +13,8 @@ module ForemanMaintain
           :backup_dir => @backup_dir,
           :incremental_backup => @incremental || incremental_backup?
         )
-        run_scenario(scenario)
+        rescue_scenario = Scenarios::RestoreRescue.new
+        run_scenario(scenario, rescue_scenario)
         exit runner.exit_code
       end
 

data/lib/foreman_maintain/concerns/base_database.rb

@@ -82,7 +82,7 @@ module ForemanMaintain
           tar_options = {
             :archive => backup_file,
             :command => 'create',
-            :transform => 's,^,var/lib/pgsql/data/,S',
+            :transform => "s,^,#{data_dir[1..-1]},S",
             :files => '*'
           }.merge(extra_tar_options)
           feature(:tar).run(tar_options)

data/lib/foreman_maintain/concerns/downstream.rb

@@ -97,23 +97,19 @@ module ForemanMaintain
       end
 
       def common_repos(rh_version_major, full_version)
-        repos_arrary = common_repos_array(rh_version_major, full_version)
+        repos_arrary = if ENV['FOREMAN_MAINTAIN_USE_BETA'] == '1'
+                         ["rhel-#{rh_version_major}-server-satellite-maintenance-6-beta-rpms",
+                          "rhel-#{rh_version_major}-server-satellite-tools-6-beta-rpms"]
+                       else
+                         ["rhel-#{rh_version_major}-server-satellite-maintenance-6-rpms",
+                          "rhel-#{rh_version_major}-server-satellite-tools-#{full_version}-rpms"]
+                       end
+
         return repos_arrary.first(1) if feature(:capsule)
 
         repos_arrary
       end
 
-      def common_repos_array(rh_version_major, full_version)
-        ["rhel-#{rh_version_major}-server-satellite-maintenance-6#{use_beta}-rpms",
-         "rhel-#{rh_version_major}-server-satellite-tools-#{full_version}#{use_beta}-rpms"]
-      end
-
-      def use_beta
-        return '-beta' if ENV['FOREMAN_MAINTAIN_USE_BETA'] == '1'
-
-        nil
-      end
-
       def main_rh_repos(rh_version_major)
         ["rhel-#{rh_version_major}-server-rpms",
          "rhel-server-rhscl-#{rh_version_major}-rpms"]

data/lib/foreman_maintain/utils/backup.rb

@@ -204,6 +204,10 @@ module ForemanMaintain
       def incremental?
         !!metadata.fetch('incremental', false)
       end
+
+      def online_backup?
+        !!metadata.fetch('online', false)
+      end
     end
   end
 end

data/lib/foreman_maintain/version.rb

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '0.6.4'.freeze
+  VERSION = '0.6.9'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 0.6.4
+  version: 0.6.9
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-27 00:00:00.000000000 Z
+date: 2020-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -126,6 +126,7 @@ files:
 - definitions/checks/check_tmout.rb
 - definitions/checks/disk/available_space.rb
 - definitions/checks/disk/performance.rb
+- definitions/checks/env_proxy.rb
 - definitions/checks/foreman/check_corrupted_roles.rb
 - definitions/checks/foreman/check_duplicate_roles.rb
 - definitions/checks/foreman/db_up.rb
@@ -133,6 +134,7 @@ files:
 - definitions/checks/foreman/puppet_class_duplicates.rb
 - definitions/checks/foreman/validate_external_db_version.rb
 - definitions/checks/foreman_openscap/invalid_report_associations.rb
+- definitions/checks/foreman_proxy/check_tftp_storage.rb
 - definitions/checks/foreman_proxy/verify_dhcp_config_syntax.rb
 - definitions/checks/foreman_tasks/invalid/check_old.rb
 - definitions/checks/foreman_tasks/invalid/check_pending_state.rb
@@ -265,6 +267,7 @@ files:
 - definitions/procedures/restore/pg_global_objects.rb
 - definitions/procedures/restore/postgres_owner.rb
 - definitions/procedures/restore/pulpcore_dump.rb
+- definitions/procedures/restore/regenerate_queues.rb
 - definitions/procedures/selinux/set_file_security.rb
 - definitions/procedures/service/base.rb
 - definitions/procedures/service/daemon_reload.rb
@@ -283,8 +286,6 @@ files:
 - definitions/scenarios/packages.rb
 - definitions/scenarios/restore.rb
 - definitions/scenarios/services.rb
-- definitions/scenarios/upgrade_to_capsule_6_7.rb
-- definitions/scenarios/upgrade_to_capsule_6_7_z.rb
 - definitions/scenarios/upgrade_to_capsule_6_8.rb
 - definitions/scenarios/upgrade_to_capsule_6_8_z.rb
 - definitions/scenarios/upgrade_to_satellite_6_2.rb
@@ -400,7 +401,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Foreman maintenance tool belt

data/definitions/scenarios/upgrade_to_capsule_6_7.rb

@@ -1,88 +0,0 @@
-module Scenarios::Capsule_6_7
-  class Abstract < ForemanMaintain::Scenario
-    def self.upgrade_metadata(&block)
-      metadata do
-        tags :upgrade_scenario
-        confine do
-          feature(:capsule) &&
-            (feature(:capsule).current_minor_version == '6.6' || \
-            ForemanMaintain.upgrade_in_progress == '6.7')
-        end
-        instance_eval(&block)
-      end
-    end
-
-    def target_version
-      '6.7'
-    end
-  end
-
-  class PreUpgradeCheck < Abstract
-    upgrade_metadata do
-      description 'Checks before upgrading to Capsule 6.7'
-      tags :pre_upgrade_checks
-      run_strategy :fail_slow
-    end
-
-    def compose
-      add_steps(find_checks(:default))
-      add_steps(find_checks(:pre_upgrade))
-      add_step(Checks::Repositories::Validate.new(:version => '6.7'))
-    end
-  end
-
-  class PreMigrations < Abstract
-    upgrade_metadata do
-      description 'Procedures before migrating to Capsule 6.7'
-      tags :pre_migrations
-    end
-
-    def compose
-      add_steps(find_procedures(:pre_migrations))
-      add_step(Procedures::Service::Stop.new)
-    end
-  end
-
-  class Migrations < Abstract
-    upgrade_metadata do
-      description 'Migration scripts to Capsule 6.7'
-      tags :migrations
-    end
-
-    def set_context_mapping
-      context.map(:assumeyes, Procedures::Installer::Upgrade => :assumeyes)
-    end
-
-    def compose
-      add_step(Procedures::Repositories::Setup.new(:version => '6.7'))
-      add_step(Procedures::Packages::UnlockVersions.new)
-      add_step(Procedures::Packages::Update.new(:assumeyes => true))
-      add_step_with_context(Procedures::Installer::Upgrade)
-    end
-  end
-
-  class PostMigrations < Abstract
-    upgrade_metadata do
-      description 'Procedures after migrating to Capsule 6.7'
-      tags :post_migrations
-    end
-
-    def compose
-      add_step(Procedures::Service::Start.new)
-      add_steps(find_procedures(:post_migrations))
-    end
-  end
-
-  class PostUpgradeChecks < Abstract
-    upgrade_metadata do
-      description 'Checks after upgrading to Capsule 6.7'
-      tags :post_upgrade_checks
-      run_strategy :fail_slow
-    end
-
-    def compose
-      add_steps(find_checks(:default))
-      add_steps(find_checks(:post_upgrade))
-    end
-  end
-end

data/definitions/scenarios/upgrade_to_capsule_6_7_z.rb

@@ -1,88 +0,0 @@
-module Scenarios::Capsule_6_7_z
-  class Abstract < ForemanMaintain::Scenario
-    def self.upgrade_metadata(&block)
-      metadata do
-        tags :upgrade_scenario
-        confine do
-          feature(:capsule) &&
-            (feature(:capsule).current_minor_version == '6.7' || \
-              ForemanMaintain.upgrade_in_progress == '6.7.z')
-        end
-        instance_eval(&block)
-      end
-    end
-
-    def target_version
-      '6.7.z'
-    end
-  end
-
-  class PreUpgradeCheck < Abstract
-    upgrade_metadata do
-      description 'Checks before upgrading to Capsule 6.7.z'
-      tags :pre_upgrade_checks
-      run_strategy :fail_slow
-    end
-
-    def compose
-      add_steps(find_checks(:default))
-      add_steps(find_checks(:pre_upgrade))
-      add_step(Checks::Repositories::Validate.new(:version => '6.7'))
-    end
-  end
-
-  class PreMigrations < Abstract
-    upgrade_metadata do
-      description 'Procedures before migrating to Capsule 6.7.z'
-      tags :pre_migrations
-    end
-
-    def compose
-      add_steps(find_procedures(:pre_migrations))
-      add_step(Procedures::Service::Stop.new)
-    end
-  end
-
-  class Migrations < Abstract
-    upgrade_metadata do
-      description 'Migration scripts to Capsule 6.7.z'
-      tags :migrations
-    end
-
-    def set_context_mapping
-      context.map(:assumeyes, Procedures::Installer::Upgrade => :assumeyes)
-    end
-
-    def compose
-      add_step(Procedures::Repositories::Setup.new(:version => '6.7'))
-      add_step(Procedures::Packages::UnlockVersions.new)
-      add_step(Procedures::Packages::Update.new(:assumeyes => true))
-      add_step_with_context(Procedures::Installer::Upgrade)
-    end
-  end
-
-  class PostMigrations < Abstract
-    upgrade_metadata do
-      description 'Procedures after migrating to Capsule 6.7.z'
-      tags :post_migrations
-    end
-
-    def compose
-      add_step(Procedures::Service::Start.new)
-      add_steps(find_procedures(:post_migrations))
-    end
-  end
-
-  class PostUpgradeChecks < Abstract
-    upgrade_metadata do
-      description 'Checks after upgrading to Capsule 6.7.z'
-      tags :post_upgrade_checks
-      run_strategy :fail_slow
-    end
-
-    def compose
-      add_steps(find_checks(:default))
-      add_steps(find_checks(:post_upgrade))
-    end
-  end
-end