foreman_maintain 1.0.8 → 1.0.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cbe5e2f041a482d1800b74195b3d0cbaeb504d14345c86402d4ee9402f052999
-  data.tar.gz: 96420eefe94c8632ec43a52d105af613aaf7b30107e59f6a69abc9549a02200b
+  metadata.gz: 27d440b036591f10b20bfde591adfe573d8d48602c40a76791e9fe5fde2eb0a6
+  data.tar.gz: ed71b8df8d073dc8c0607a8b2fdb95926a659033ce5f97b6e01d24a3f1d0916d
 SHA512:
-  metadata.gz: 2207cfef121cf8a15ce12c0c961b249b31ac3fb92b2275c15df58b245fc987261c634d53bd0fad5cfe8de3c71106fd30016f76fa7ffac67da2b5ab593fb02347
-  data.tar.gz: a121716d79737dbe7e480bca7aa767dd17090226d8ef51f19c9f49e8ce82b7b8620416bc5cecc2a654068f7a7e0d0ed8ba93dbf2eedac71ccbbb36517f7bbd0b
+  metadata.gz: 0e5b7682a945427963ce4931e2980e49b29633e53f6f3d6172e482a6eb6fe11c84b5f600f00195e6bfd66ba083e359ee811ab75196ffc9af6e096d36f52d0b7d
+  data.tar.gz: 3d4f6b27203254baeafb5f077569b4062c8ab96ee383595f3dd3dbc6acdb0849a68103a959e4306c3e05986c9cf9a3cc5b134726067bdb12e4c02553025f0978

data/definitions/checks/package_manager/yum/validate_yum_config.rb

@@ -41,9 +41,7 @@ module Checks::PackageManager
 
       def yum_config_options
         @yum_config_options ||= {
-          'exclude' => '^exclude\s*=\s*\S+.*$',
-          'clean_requirements_on_remove' =>
-            '^clean_requirements_on_remove\s*=\S*(1|yes|true)$'
+          'exclude' => '^exclude\s*=\s*\S+.*$'
         }
       end
     end

data/definitions/features/installer.rb

@@ -64,7 +64,9 @@ class Features::Installer < ForemanMaintain::Feature
   def config_files
     Dir.glob(File.join(config_directory, '**/*')) +
       [
-        '/usr/local/bin/validate_postgresql_connection.sh'
+        '/usr/local/bin/validate_postgresql_connection.sh',
+        '/opt/puppetlabs/puppet/cache/foreman_cache_data',
+        '/opt/puppetlabs/puppet/cache/pulpcore_cache_data'
       ]
   end
 

data/definitions/features/nftables.rb

@@ -25,12 +25,14 @@ class Features::Nftables < ForemanMaintain::Feature
     execute!("nft add chain #{family} #{table} #{chain} #{chain_options}")
   end
 
-  def add_rule(options = {})
+  def add_rules(options = {})
     family = options.fetch(:family, ip_family)
     table = options.fetch(:table, table_name)
     chain = options.fetch(:chain, chain_name)
-    rule = options.fetch(:rule) # needs validation
-    execute!("nft add rule #{family} #{table} #{chain} #{rule}")
+    rules = options.fetch(:rules) # needs validation
+    rules.each do |rule|
+      execute!("nft add rule #{family} #{table} #{chain} #{rule}")
+    end
   end
 
   def table_exist?(name = table_name)

data/definitions/features/puppet_server.rb

@@ -11,8 +11,6 @@ class Features::PuppetServer < ForemanMaintain::Feature
     [
       '/etc/puppet',
       '/etc/puppetlabs',
-      '/opt/puppetlabs/puppet/cache/foreman_cache_data',
-      '/var/lib/puppet/foreman_cache_data',
       '/opt/puppetlabs/puppet/ssl/',
       '/var/lib/puppet/ssl',
       '/var/lib/puppet',

data/definitions/procedures/content/prepare.rb

@@ -4,6 +4,7 @@ module Procedures::Content
       description 'Prepare content for Pulp 3'
       for_feature :pulpcore
       param :quiet, 'Keep the output on a single line', :flag => true, :default => false
+      do_not_whitelist
     end
 
     def run

data/definitions/procedures/content/switchover.rb

@@ -9,6 +9,7 @@ module Procedures::Content
       end
 
       param :skip_deb, 'Do not run debian options in installer.'
+      do_not_whitelist
     end
 
     def run

data/definitions/procedures/foreman/apipie_cache.rb

@@ -6,7 +6,7 @@ module Procedures::Foreman
     end
 
     def run
-      execute!('foreman-rake apipie:cache')
+      execute!('FOREMAN_APIPIE_LANGS=en foreman-rake apipie:cache')
     end
   end
 end

data/definitions/procedures/restore/candlepin_reset_migrations.rb

@@ -0,0 +1,14 @@
+module Procedures::Restore
+  class CandlepinResetMigrations < ForemanMaintain::Procedure
+    metadata do
+      description 'Ensure Candlepin runs all migrations after restoring the database'
+      confine do
+        feature(:candlepin_database)
+      end
+    end
+
+    def run
+      FileUtils.rm_f('/var/lib/candlepin/.puppet-candlepin-rpm-version')
+    end
+  end
+end

data/definitions/scenarios/puppet.rb

@@ -15,6 +15,7 @@ module ForemanMaintain::Scenarios
           add_step(Procedures::Puppet::RemovePuppet)
           add_step(Procedures::Puppet::RemovePuppetData) if context.get(:remove_data)
           add_step(Procedures::Service::Restart)
+          add_step(Procedures::Foreman::ApipieCache)
         end
       end
     end

data/definitions/scenarios/restore.rb

@@ -46,7 +46,8 @@ module ForemanMaintain::Scenarios
       end
       restore_mongo_dump(backup)
       add_steps_with_context(Procedures::Pulp::Migrate,
-                             Procedures::Pulpcore::Migrate)
+                             Procedures::Pulpcore::Migrate,
+                             Procedures::Restore::CandlepinResetMigrations)
 
       add_steps_with_context(Procedures::Restore::RegenerateQueues) if backup.online_backup?
       add_steps_with_context(Procedures::Service::Start,

data/definitions/scenarios/self_upgrade.rb

@@ -1,5 +1,6 @@
 module ForemanMaintain::Scenarios
   class SelfUpgradeBase < ForemanMaintain::Scenario
+    include ForemanMaintain::Concerns::Downstream
     def enabled_system_repos_id
       repository_manager.enabled_repos.keys
     end
@@ -67,7 +68,10 @@ module ForemanMaintain::Scenarios
 
     def repos_ids_to_reenable
       repos_ids_to_reenable = stored_enabled_repos_ids - all_maintenance_repos
-      repos_ids_to_reenable << maintenance_repo(maintenance_repo_version)
+      if use_rhsm?
+        repos_ids_to_reenable << maintenance_repo(maintenance_repo_version)
+      end
+      repos_ids_to_reenable
     end
 
     def use_rhsm?
@@ -79,6 +83,10 @@ module ForemanMaintain::Scenarios
 
       true
     end
+
+    def req_repos_to_update_pkgs
+      main_rh_repos + [maintenance_repo_id(target_version)]
+    end
   end
 
   class SelfUpgrade < SelfUpgradeBase
@@ -94,9 +102,10 @@ module ForemanMaintain::Scenarios
         pkgs_to_update = %w[satellite-maintain rubygem-foreman_maintain]
         add_step(Procedures::Repositories::BackupEnabledRepos.new)
         disable_repos
-        add_step(Procedures::Repositories::Enable.new(repos: [maintenance_repo_id(target_version)],
+        add_step(Procedures::Repositories::Enable.new(repos: req_repos_to_update_pkgs,
                                                       use_rhsm: use_rhsm?))
         add_step(Procedures::Packages::Update.new(packages: pkgs_to_update, assumeyes: true))
+        disable_repos('*')
         enable_repos(repos_ids_to_reenable)
       end
     end
@@ -113,6 +122,7 @@ module ForemanMaintain::Scenarios
 
     def compose
       if check_min_version('foreman', '2.5') || check_min_version('foreman-proxy', '2.5')
+        disable_repos('*')
         enable_repos(repos_ids_to_reenable)
       end
     end

data/lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb

@@ -10,7 +10,7 @@ module ForemanMaintain
           unless table_exist?
             add_table
             add_chain(:chain_options => nftables_chain_options)
-            add_rule(rule: nftables_rule)
+            add_rules(rules: nftables_rules)
           end
         end
 
@@ -22,8 +22,8 @@ module ForemanMaintain
           '{type filter hook input priority 0\\;}'
         end
 
-        def nftables_rule
-          'tcp dport https reject'
+        def nftables_rules
+          ['iifname "lo" accept', 'tcp dport 443 reject']
         end
 
         def status_for_maintenance_mode

data/lib/foreman_maintain/concerns/metadata.rb

@@ -100,6 +100,10 @@ module ForemanMaintain
           @data[:advanced_run] = advanced_run
         end
 
+        def do_not_whitelist
+          @data[:do_not_whitelist] = true
+        end
+
         def self.eval_dsl(metadata, &block)
           new(metadata).tap do |dsl|
             dsl.instance_eval(&block)

data/lib/foreman_maintain/reporter/cli_reporter.rb

@@ -317,7 +317,11 @@ module ForemanMaintain
 
         steps_with_error = scenario.steps_with_error(:whitelisted => false)
         steps_with_skipped = scenario.steps_with_skipped(:whitelisted => true)
-        steps_to_whitelist = steps_with_error + steps_with_skipped
+        not_skippable_steps = scenario.steps_with_error.select do |step|
+          step.metadata[:do_not_whitelist] == true
+        end
+
+        steps_to_whitelist = steps_with_error + steps_with_skipped - not_skippable_steps
         unless steps_with_error.empty?
           message << format(<<-MESSAGE.strip_heredoc, format_steps(steps_with_error, "\n", 2))
           The following steps ended up in failing state:
@@ -325,11 +329,25 @@ module ForemanMaintain
           %s
           MESSAGE
           whitelist_labels = steps_to_whitelist.map(&:label_dashed).join(',')
-          recommend << format(<<-MESSAGE.strip_heredoc, whitelist_labels)
-          Resolve the failed steps and rerun
-          the command. In case the failures are false positives,
-          use --whitelist="%s"
-          MESSAGE
+          unless whitelist_labels.empty?
+            recommend << if scenario.detector.feature(:instance).downstream
+                           format(<<-MESSAGE.strip_heredoc, whitelist_labels)
+              Resolve the failed steps and rerun the command.
+
+              If the situation persists and, you are unclear what to do next,
+              contact Red Hat Technical Support.
+
+              In case the failures are false positives, use
+              --whitelist="%s"
+              MESSAGE
+                         else
+                           format(<<-MESSAGE.strip_heredoc, whitelist_labels)
+              Resolve the failed steps and rerun the command.
+              In case the failures are false positives, use
+              --whitelist="%s"
+              MESSAGE
+                         end
+          end
         end
 
         steps_with_warning = scenario.steps_with_warning(:whitelisted => false)

data/lib/foreman_maintain/version.rb

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '1.0.8'.freeze
+  VERSION = '1.0.11'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 1.0.8
+  version: 1.0.11
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-22 00:00:00.000000000 Z
+date: 2022-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -273,7 +273,6 @@ files:
 - definitions/procedures/maintenance_mode/enable_maintenance_mode.rb
 - definitions/procedures/maintenance_mode/is_enabled.rb
 - definitions/procedures/packages/check_update.rb
-- definitions/procedures/packages/enable_version_locking.rb
 - definitions/procedures/packages/install.rb
 - definitions/procedures/packages/installer_confirmation.rb
 - definitions/procedures/packages/lock_versions.rb
@@ -298,6 +297,7 @@ files:
 - definitions/procedures/repositories/enable.rb
 - definitions/procedures/repositories/setup.rb
 - definitions/procedures/restore/candlepin_dump.rb
+- definitions/procedures/restore/candlepin_reset_migrations.rb
 - definitions/procedures/restore/configs.rb
 - definitions/procedures/restore/confirmation.rb
 - definitions/procedures/restore/drop_databases.rb

data/definitions/procedures/packages/enable_version_locking.rb

@@ -1,16 +0,0 @@
-module Procedures::Packages
-  class EnableVersionLocking < ForemanMaintain::Procedure
-    metadata do
-      description 'Install and configure tools for version locking'
-      param :assumeyes, 'Do not ask for confirmation'
-    end
-
-    def run
-      installed_fm_packages = []
-      ['satellite-maintain', 'rubygem-foreman_maintain'].each do |pkg|
-        installed_fm_packages << find_package(pkg)
-      end
-      package_manager.reinstall(installed_fm_packages, :assumeyes => @assumeyes)
-    end
-  end
-end