foreman_maintain 1.12.2 → 1.12.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 841269b0b17944b3a732b728e7c51ba5c11bdec27b47c45ce6b13fb61ec8be06
-  data.tar.gz: 966dd22a328585cb68ecb248341b8b566787f7efa6f590eb8dc1877203fdc895
+  metadata.gz: a99136516325dc9d13b83ddca246f197ecc63199d74cd950a582946a503fc2eb
+  data.tar.gz: c59533ff3ae35ffdece203759eef0d16b3bc67fc9bd5146b32a0988c00821770
 SHA512:
-  metadata.gz: f996ba857e7ad9598f6b4e26811710387d8592c2841bb26dbf63660d44774c388312ab217d795dbd24c258767b3c276b048f13ced797927703dd6c85dbde106f
-  data.tar.gz: 72cc8e83ee3ff2fb76fdcaa226695c05b90fe70ed63bb82b7d65e8307d82cbab6b6141b51a8f5ceaac410648d41f9308744998b255a9ab2e9f8bf43b0d50d8fa
+  metadata.gz: d2f883dfe1a9959d2790d856be260073a57a874d3d3e0fadd2c54b4eef1dbaf4979fe20070ffde6699dd2ff86dcb8733426f1eaa4a7213f1c1493a419678bc58
+  data.tar.gz: 00a9ee5352ef84dd5b36451e862eedb070806e2b6233042cc35b72a1cd43c6c483b163246f301f833f4c2f3f6edf8bfbd1379463c9cf0060adef2e3ec6fb7258

data/definitions/checks/container/podman_login.rb

@@ -5,7 +5,7 @@ module Checks::Container
       confine do
         feature(:satellite)&.connected? && feature(:containers)
       end
-      description 'Check whether podman is logged in to registry'
+      description 'Check whether podman needs to be logged in to the registry'
       tags :pre_upgrade
     end
 

data/definitions/features/iop.rb

@@ -8,6 +8,22 @@ class Features::Iop < ForemanMaintain::Feature
     end
   end
 
+  CONTAINER_NAMES =
+    [
+      'insights-engine',
+      'gateway',
+      'host-inventory',
+      'ingress',
+      'puptoo',
+      'yuptoo',
+      'advisor-backend',
+      'advisor-frontend',
+      'remediations',
+      'vmaas',
+      'vulnerability-engine',
+      'vulnerability-frontend',
+    ].freeze
+
   def config_files
     [
       '/var/lib/containers/storage/volumes/iop-core-kafka-data',
@@ -42,4 +58,32 @@ class Features::Iop < ForemanMaintain::Feature
     ]
   end
   # rubocop:enable Metrics/MethodLength
+
+  def timers
+    [
+      system_service('iop-service-vuln-vmaas-sync.timer', 20),
+    ]
+  end
+
+  def container_base
+    if feature(:instance).downstream
+      'registry.redhat.io/satellite'
+    else
+      'quay.io/iop'
+    end
+  end
+
+  def container_names
+    if feature(:instance).downstream
+      CONTAINER_NAMES.map { |container_name| "#{container_name}-rhel9" }
+    else
+      CONTAINER_NAMES
+    end
+  end
+
+  def container_images(container_version)
+    container_names.map do |container_name|
+      "#{container_base}/#{container_name}:#{container_version}"
+    end
+  end
 end

data/definitions/features/service.rb

@@ -1,4 +1,7 @@
+require 'foreman_maintain/concerns/systemd'
+
 class Features::Service < ForemanMaintain::Feature
+  include ForemanMaintain::Concerns::Systemd
   metadata do
     label :service
   end
@@ -13,10 +16,7 @@ class Features::Service < ForemanMaintain::Feature
 
   def existing_services
     ForemanMaintain.available_features.flat_map(&:services).
-      sort.
-      inject([]) do |pool, service| # uniq(&:to_s) for ruby 1.8.7
-        (pool.last.nil? || !pool.last.matches?(service)) ? pool << service : pool
-      end.
+      sort.uniq(&:to_s).
       select(&:exist?)
   end
 
@@ -30,14 +30,6 @@ class Features::Service < ForemanMaintain::Feature
     Hash[services.sort_by { |k, _| k.to_i }.reverse]
   end
 
-  def action_noun(action)
-    action_word_modified(action) + 'ing'
-  end
-
-  def action_past_tense(action)
-    action_word_modified(action) + 'ed'
-  end
-
   def filter_disabled_services!(action, service_list)
     if %w[start stop restart status].include?(action)
       service_list.select! { |service| !service.respond_to?(:enabled?) || service.enabled? }
@@ -45,13 +37,6 @@ class Features::Service < ForemanMaintain::Feature
     service_list
   end
 
-  def unit_file_available?(name)
-    cmd = "systemctl --no-legend --no-pager list-unit-files --type=service #{name} |\
-           grep --word-regexp --quiet #{name}"
-    exit_status, = execute_with_status(cmd)
-    exit_status == 0
-  end
-
   private
 
   def use_system_service(action, options, spinner)
@@ -96,28 +81,6 @@ class Features::Service < ForemanMaintain::Feature
     services_and_statuses.map! { |service, status| [service, status.value] }
   end
 
-  def format_status(output, exit_code, options)
-    status = ''
-    if !options[:failing] || exit_code > 0
-      if options[:brief]
-        status += format_brief_status(exit_code)
-      elsif !(output.nil? || output.empty?)
-        status += "\n" + output
-      end
-    end
-    status
-  end
-
-  def format_brief_status(exit_code)
-    result = (exit_code == 0) ? reporter.status_label(:success) : reporter.status_label(:fail)
-    padding = reporter.max_length - reporter.last_line.to_s.length - 30
-    "#{' ' * padding} #{result}"
-  end
-
-  def allowed_action?(action)
-    %w[start stop restart status enable disable].include?(action)
-  end
-
   def extend_service_list_with_sockets(service_list, options)
     return service_list unless options[:include_sockets]
 
@@ -162,21 +125,4 @@ class Features::Service < ForemanMaintain::Feature
     service_list.concat(unregistered_service_list)
     service_list
   end
-
-  def action_word_modified(action)
-    case action
-    when 'status'
-      'display'
-    when 'enable', 'disable'
-      action.chomp('e')
-    when 'stop'
-      action + 'p'
-    else
-      action
-    end
-  end
-
-  def exclude_services_only(options)
-    existing_services - filtered_services(options)
-  end
 end

data/definitions/features/timer.rb

@@ -0,0 +1,96 @@
+require 'foreman_maintain/concerns/systemd'
+
+class Features::Timer < ForemanMaintain::Feature
+  include ForemanMaintain::Concerns::Systemd
+  metadata do
+    label :timer
+  end
+
+  def handle_timers(spinner, action, options = {})
+    # options is used to handle "exclude" and "only" i.e.
+    # { :only => ["httpd"] }
+    # { :exclude => ["pulp-workers", "tomcat"] }
+    use_system_timer(action, options, spinner)
+  end
+
+  def existing_timers
+    ForemanMaintain.available_features.flat_map(&:timers).
+      sort.uniq(&:to_s).
+      select(&:exist?)
+  end
+
+  def filtered_timers(options, action = '')
+    timers = filter_timers(existing_timers, options, action)
+
+    raise 'No timers found matching your parameters' unless timers.any?
+    return timers unless options[:reverse]
+
+    Hash[timers.sort_by { |k, _| k.to_i }.reverse]
+  end
+
+  def filter_disabled_timers!(action, timer_list)
+    if %w[start stop restart status].include?(action)
+      timer_list.select! { |timer| !timer.respond_to?(:enabled?) || timer.enabled? }
+    end
+    timer_list
+  end
+
+  private
+
+  def use_system_timer(action, options, spinner)
+    options[:reverse] = action == 'stop'
+    raise 'Unsupported action detected' unless allowed_action?(action)
+
+    status, failed_timers = run_action_on_timers(action, options, spinner)
+
+    spinner.update("All timers #{action_past_tense(action)}")
+    if action == 'status'
+      raise "Some timers are not running (#{failed_timers.join(', ')})" if status > 0
+
+      spinner.update('All timers are running')
+    end
+  end
+
+  def run_action_on_timers(action, options, spinner)
+    status = 0
+    failed_timers = []
+    filtered_timers(options, action).each_value do |group|
+      fork_threads_for_timers(action, group, spinner).each do |timer, status_and_output|
+        spinner.update("#{action_noun(action)} #{timer}") if action == 'status'
+        item_status, output = status_and_output
+        formatted = format_status(output, item_status, options)
+        puts formatted unless formatted.empty?
+
+        if item_status > 0
+          status = item_status
+          failed_timers << timer
+        end
+      end
+    end
+    [status, failed_timers]
+  end
+
+  def fork_threads_for_timers(action, timers, spinner)
+    timers_and_statuses = []
+    timers.each do |timer|
+      spinner.update("#{action_noun(action)} #{timer}") if action != 'status'
+      timers_and_statuses << [timer, Thread.new { timer.send(action.to_sym) }]
+    end
+    timers_and_statuses.map! { |timer, status| [timer, status.value] }
+  end
+
+  def filter_timers(timer_list, options, action)
+    if options[:only]&.any?
+      timer_list = timer_list.select do |timer|
+        options[:only].any? { |opt| timer.matches?(opt) }
+      end
+    end
+
+    if options[:exclude]&.any?
+      timer_list = timer_list.reject { |timer| options[:exclude].include?(timer.name) }
+    end
+
+    timer_list = filter_disabled_timers!(action, timer_list)
+    timer_list.group_by(&:priority).to_h
+  end
+end

data/definitions/procedures/iop/image_prune.rb

@@ -0,0 +1,19 @@
+module Procedures::Iop
+  class ImagePrune < ForemanMaintain::Procedure
+    metadata do
+      description 'Prune unused IoP container images'
+
+      confine do
+        feature(:iop)
+      end
+    end
+
+    def run
+      prune_images
+    end
+
+    def prune_images
+      execute!("podman image prune --force")
+    end
+  end
+end

data/definitions/procedures/iop/update.rb

@@ -0,0 +1,25 @@
+module Procedures::Iop
+  class Update < ForemanMaintain::Procedure
+    metadata do
+      description 'Update IoP containers'
+
+      confine do
+        feature(:iop) && (feature(:satellite)&.connected? || !feature(:satellite))
+      end
+
+      param :version,
+        'Version of the containers to pull',
+        :required => true
+    end
+
+    def run
+      pull_images
+    end
+
+    def pull_images
+      feature(:iop).container_images(@version).each do |container_image|
+        execute!("podman pull #{container_image}")
+      end
+    end
+  end
+end

data/definitions/procedures/timer/start.rb

@@ -0,0 +1,20 @@
+module Procedures::Timer
+  class Start < ForemanMaintain::Procedure
+    metadata do
+      description 'Start systemd timers'
+
+      for_feature :timer
+      confine do
+        feature(:timer)&.existing_timers&.any?
+      end
+
+      tags :post_migrations
+    end
+
+    def run
+      with_spinner('Starting systemd timers') do |spinner|
+        feature(:timer).handle_timers(spinner, 'start')
+      end
+    end
+  end
+end

data/definitions/procedures/timer/stop.rb

@@ -0,0 +1,20 @@
+module Procedures::Timer
+  class Stop < ForemanMaintain::Procedure
+    metadata do
+      description 'Stop systemd timers'
+
+      for_feature :timer
+      confine do
+        feature(:timer)&.existing_timers&.any?
+      end
+
+      tags :pre_migrations
+    end
+
+    def run
+      with_spinner('Stopping systemd timers') do |spinner|
+        feature(:timer).handle_timers(spinner, 'stop')
+      end
+    end
+  end
+end

data/definitions/reports/bookmarks.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Reports
+  class Bookmarks < ForemanMaintain::Report
+    metadata do
+      description 'Report about bookmark usage'
+    end
+
+    def run
+      public_count = bookmarks_custom_public_count
+      private_count = bookmarks_custom_private_count
+
+      data_field('bookmarks_custom_public_count') { public_count }
+      data_field('bookmarks_custom_private_count') { private_count }
+      data_field('bookmarks_custom_count') { public_count + private_count }
+    end
+
+    private
+
+    def bookmarks_custom_public_count
+      # Count public bookmarks that are NOT owned by internal users
+      bookmarks_not_owned_by_internal_users(public: true)
+    end
+
+    def bookmarks_custom_private_count
+      # Count private bookmarks that are NOT owned by internal users
+      bookmarks_not_owned_by_internal_users(public: false)
+    end
+
+    def bookmarks_not_owned_by_internal_users(public:)
+      # Helper method to count bookmarks not owned by internal users with optional public filter
+      public_condition = public ? 'AND b.public = true' : 'AND b.public = false'
+
+      sql_count(
+        <<~SQL
+          bookmarks b
+          WHERE (
+            b.owner_type = 'User'
+            #{public_condition}
+            AND b.owner_id NOT IN (
+              SELECT u.id
+              FROM users u
+              INNER JOIN auth_sources a ON u.auth_source_id = a.id
+              WHERE a.type = 'AuthSourceHidden'
+            )
+          )
+        SQL
+      )
+    end
+  end
+end

data/definitions/reports/disconnected_environment.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Reports
+  class DisconnectedEnvironment < ForemanMaintain::Report
+    metadata do
+      description 'Checks if the instance is in a disconnected environment'
+    end
+
+    def run
+      data_field('disconnected_environment') do
+        subscription_connection_setting = sql_setting('subscription_connection_enabled')
+
+        # If setting doesn't exist, assume connected (not disconnected)
+        if subscription_connection_setting.nil?
+          false
+        else
+          # disconnected when subscription_connection_enabled is false
+          YAML.safe_load(subscription_connection_setting) == false
+        end
+      end
+    end
+  end
+end

data/definitions/reports/grouping.rb

@@ -4,6 +4,7 @@ module Reports
       description 'Check how resources are grouped'
     end
 
+    # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
     def run
       self.data = {}
       data_field('host_collections_count') { sql_count('katello_host_collections') }
@@ -26,6 +27,63 @@ module Reports
       if table_exists('config_groups')
         data_field('config_group_count') { sql_count('config_groups') }
       end
+
+      data_field('usergroup_max_nesting_level') { usergroup_max_nesting_level }
+
+      usergroup_roles_stats = usergroup_roles_statistics
+      data['user_group_roles_max_count'] = usergroup_roles_stats[:max_count]
+      data['user_group_roles_min_count'] = usergroup_roles_stats[:min_count]
+    end
+    # rubocop:enable Metrics/AbcSize, Metrics/MethodLength
+
+    private
+
+    def usergroup_max_nesting_level
+      # Use recursive CTE to find maximum nesting level of usergroups
+      cte_sql = <<~SQL
+        WITH RECURSIVE usergroup_hierarchy AS (
+          -- Base case: root usergroups (not members of any other usergroup)
+          SELECT id, 1 as level
+          FROM usergroups
+          WHERE id NOT IN (
+            SELECT member_id
+            FROM usergroup_members
+            WHERE member_type = 'Usergroup'
+          )
+          UNION ALL
+          -- Recursive case: usergroups that are members of other usergroups
+          SELECT ug.id, uh.level + 1
+          FROM usergroups ug
+          INNER JOIN usergroup_members ugm ON ug.id = ugm.member_id
+          INNER JOIN usergroup_hierarchy uh ON ugm.usergroup_id = uh.id
+          WHERE ugm.member_type = 'Usergroup'
+        )
+      SQL
+
+      sql_as_count('COALESCE(MAX(level) - 1, 0)', 'usergroup_hierarchy', cte: cte_sql)
+    end
+
+    def usergroup_roles_statistics
+      # Query to get role counts per usergroup, including usergroups with 0 roles
+      roles_per_usergroup = query(
+        <<~SQL
+          SELECT ug.id, COALESCE(ur.role_count, 0) as role_count
+          FROM usergroups ug
+          LEFT JOIN (
+            SELECT owner_id, COUNT(*) as role_count
+            FROM user_roles
+            WHERE owner_type = 'Usergroup'
+            GROUP BY owner_id
+          ) ur ON ug.id = ur.owner_id
+        SQL
+      )
+
+      if roles_per_usergroup.empty?
+        { max_count: 0, min_count: 0 }
+      else
+        role_counts = roles_per_usergroup.map { |row| row['role_count'].to_i }
+        { max_count: role_counts.max, min_count: role_counts.min }
+      end
     end
   end
 end

data/definitions/reports/lab_features.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Reports
+  class LabFeatures < ForemanMaintain::Report
+    metadata do
+      description 'Checks if lab features are enabled'
+    end
+
+    def run
+      data_field('lab_features_enabled') do
+        lab_features_setting = sql_setting('lab_features')
+        return false if lab_features_setting.nil?
+
+        # Parse the YAML setting value and convert to boolean
+        YAML.safe_load(lab_features_setting) == true
+      end
+    end
+  end
+end

data/definitions/reports/personal_access_token.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Reports
+  class PersonalAccessToken < ForemanMaintain::Report
+    metadata do
+      description 'Report about Personal Access Token usage'
+    end
+
+    def run
+      # Total count of non-revoked personal access tokens
+      data_field('pat_counts') do
+        sql_count('personal_access_tokens WHERE revoked = false')
+      end
+
+      # Count of tokens that were used recently (updated in last 2 months)
+      data_field('pat_recently_used_count') do
+        sql_count("personal_access_tokens WHERE updated_at >= NOW() - INTERVAL '2 months'")
+      end
+
+      # Count of revoked personal access tokens
+      data_field('revoked_pats_count') do
+        sql_count('personal_access_tokens WHERE revoked = true')
+      end
+    end
+  end
+end

data/definitions/reports/selinux.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Reports
+  class Selinux < ForemanMaintain::Report
+    metadata do
+      description 'Report about SELinux enforcement status'
+    end
+
+    def run
+      data_field('selinux_enforced') { selinux_enforced? }
+    end
+
+    private
+
+    def selinux_enforced?
+      # Check if getenforce command exists and SELinux is installed
+      return false unless command_present?('getenforce')
+
+      # Execute getenforce command and check if SELinux is enforcing
+      status = execute('getenforce').strip.downcase
+      status == 'enforcing'
+    rescue StandardError
+      # If any error occurs, assume SELinux is not enforced
+      false
+    end
+  end
+end

data/definitions/reports/webhooks.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Reports
+  class Webhooks < ForemanMaintain::Report
+    metadata do
+      description 'Report about webhook usage'
+    end
+
+    def run
+      data_field('webhooks_enabled_count') { sql_count('webhooks WHERE enabled = true') }
+      data_field('webhooks_subscribed_events') { webhooks_subscribed_events }
+      data_field('shell_hooks_count') { sql_count('webhooks WHERE proxy_authorization = true') }
+    end
+
+    private
+
+    def webhooks_subscribed_events
+      # Extract all events from webhooks table and join into comma-separated string
+      events_data = query('SELECT events FROM webhooks')
+
+      all_events = []
+      events_data.each do |row|
+        events_value = row['events']
+        next if events_value.nil? || events_value.empty?
+
+        # Parse the array-like string - handle both JSON array format and simple arrays
+        # Remove outer brackets/braces, quotes, and split by comma
+        cleaned_value = events_value.gsub(/^[\[{]|[\]}]$/, '').gsub(/["']/, '')
+        parsed_events = cleaned_value.split(',').map(&:strip)
+        all_events.concat(parsed_events)
+      end
+
+      # Remove duplicates and join with commas
+      all_events.uniq.reject(&:empty?).join(',')
+    end
+  end
+end

data/definitions/scenarios/foreman_upgrade.rb

@@ -72,6 +72,7 @@ module Scenarios::Foreman
       add_steps(
         Procedures::MaintenanceMode::EnableMaintenanceMode,
         Procedures::Crond::Stop,
+        Procedures::Timer::Stop,
         Procedures::SyncPlans::Disable
       )
     end
@@ -113,6 +114,7 @@ module Scenarios::Foreman
         Procedures::RefreshFeatures,
         Procedures::Service::Start,
         Procedures::Crond::Start,
+        Procedures::Timer::Start,
         Procedures::SyncPlans::Enable,
         Procedures::MaintenanceMode::DisableMaintenanceMode
       )

data/definitions/scenarios/maintenance_mode.rb

@@ -10,6 +10,7 @@ module ForemanMaintain::Scenarios
     def compose
       add_step(Procedures::MaintenanceMode::EnableMaintenanceMode)
       add_step(Procedures::Crond::Stop)
+      add_step(Procedures::Timer::Stop)
       add_step(Procedures::SyncPlans::Disable)
     end
   end
@@ -25,6 +26,7 @@ module ForemanMaintain::Scenarios
     def compose
       add_step(Procedures::SyncPlans::Enable)
       add_step(Procedures::Crond::Start)
+      add_step(Procedures::Timer::Start)
       add_step(Procedures::MaintenanceMode::DisableMaintenanceMode)
     end
   end

data/definitions/scenarios/restore.rb

@@ -29,6 +29,7 @@ module ForemanMaintain::Scenarios
         Procedures::Restore::RequiredPackages,
         Procedures::Restore::Configs)
       add_step_with_context(Procedures::Crond::Stop)
+      add_step_with_context(Procedures::Timer::Stop)
       unless backup.incremental?
         add_steps_with_context(Procedures::Restore::InstallerReset)
       end
@@ -49,6 +50,7 @@ module ForemanMaintain::Scenarios
       add_step(Procedures::Installer::Run.new(:assumeyes => true))
       add_step_with_context(Procedures::Installer::UpgradeRakeTask)
       add_step_with_context(Procedures::Crond::Start)
+      add_step_with_context(Procedures::Timer::Start)
     end
     # rubocop:enable Metrics/MethodLength,Metrics/AbcSize
 
@@ -119,6 +121,7 @@ module ForemanMaintain::Scenarios
 
     def compose
       add_step_with_context(Procedures::Crond::Stop)
+      add_step_with_context(Procedures::Timer::Stop)
     end
   end
 end

data/definitions/scenarios/satellite_upgrade.rb

@@ -74,6 +74,7 @@ module Scenarios::Satellite
       add_steps(
         Procedures::MaintenanceMode::EnableMaintenanceMode,
         Procedures::Crond::Stop,
+        Procedures::Timer::Stop,
         Procedures::SyncPlans::Disable,
       )
     end
@@ -97,6 +98,7 @@ module Scenarios::Satellite
           :assumeyes => true,
           :download_only => true
         ),
+        Procedures::Iop::Update.new(:version => target_version),
         Procedures::Service::Stop,
         Procedures::Packages::Update.new(:assumeyes => true, :clean_cache => false),
       )
@@ -116,8 +118,10 @@ module Scenarios::Satellite
         Procedures::RefreshFeatures,
         Procedures::Service::Start,
         Procedures::Crond::Start,
+        Procedures::Timer::Start,
         Procedures::SyncPlans::Enable,
         Procedures::MaintenanceMode::DisableMaintenanceMode,
+        Procedures::Iop::ImagePrune,
       )
     end
   end

data/definitions/scenarios/update.rb

@@ -69,8 +69,10 @@ module Scenarios::Update
           :assumeyes => true,
           :download_only => true
         ),
+        Procedures::Iop::Update.new(:version => feature(:instance).current_major_version),
         Procedures::MaintenanceMode::EnableMaintenanceMode,
         Procedures::Crond::Stop,
+        Procedures::Timer::Stop,
         Procedures::SyncPlans::Disable
       )
     end
@@ -104,8 +106,10 @@ module Scenarios::Update
         Procedures::RefreshFeatures,
         Procedures::Service::Start,
         Procedures::Crond::Start,
+        Procedures::Timer::Start,
         Procedures::SyncPlans::Enable,
-        Procedures::MaintenanceMode::DisableMaintenanceMode
+        Procedures::MaintenanceMode::DisableMaintenanceMode,
+        Procedures::Iop::ImagePrune,
       )
     end
   end

data/lib/foreman_maintain/cli/base.rb

@@ -137,7 +137,7 @@ module ForemanMaintain
         option '--label', 'label',
           'Run only a specific check with a label. ' \
             '(Use "list" command to see available labels)' do |label|
-          raise ArgumentError, 'value not specified' if label.nil? || label.empty?
+          raise ArgumentError, 'no value provided' if label.nil? || label.empty?
           underscorize(label).to_sym
         end
       end
@@ -147,7 +147,7 @@ module ForemanMaintain
           'Run only those with all specific set of tags. ' \
             '(Use list-tags command to see available tags)',
           :multivalued => true) do |tags|
-          raise ArgumentError, 'value not specified' if tags.nil? || tags.empty?
+          raise ArgumentError, 'no value provided' if tags.nil? || tags.empty?
           tags.map { |tag| underscorize(tag).to_sym }
         end
       end
@@ -166,7 +166,7 @@ module ForemanMaintain
         if opts.include?('whitelist')
           option(['-w', '--whitelist'], 'whitelist',
             'Comma-separated list of labels of steps to be skipped') do |whitelist|
-            raise ArgumentError, 'value not specified' if whitelist.nil? || whitelist.empty?
+            raise ArgumentError, 'no value provided' if whitelist.nil? || whitelist.empty?
             whitelist.split(',').map(&:strip)
           end
         end

data/lib/foreman_maintain/concerns/systemd.rb

@@ -0,0 +1,50 @@
+module ForemanMaintain
+  module Concerns
+    module Systemd
+      def action_noun(action)
+        action_word_modified(action) + 'ing'
+      end
+
+      def action_past_tense(action)
+        action_word_modified(action) + 'ed'
+      end
+
+      private
+
+      def format_status(output, exit_code, options)
+        status = ''
+        if !options[:failing] || exit_code > 0
+          if options[:brief]
+            status += format_brief_status(exit_code)
+          elsif !(output.nil? || output.empty?)
+            status += "\n" + output
+          end
+        end
+        status
+      end
+
+      def format_brief_status(exit_code)
+        result = (exit_code == 0) ? reporter.status_label(:success) : reporter.status_label(:fail)
+        padding = reporter.max_length - reporter.last_line.to_s.length - 30
+        "#{' ' * padding} #{result}"
+      end
+
+      def allowed_action?(action)
+        %w[start stop restart status enable disable].include?(action)
+      end
+
+      def action_word_modified(action)
+        case action
+        when 'status'
+          'display'
+        when 'enable', 'disable'
+          action.chomp('e')
+        when 'stop'
+          action + 'p'
+        else
+          action
+        end
+      end
+    end
+  end
+end

data/lib/foreman_maintain/feature.rb

@@ -25,6 +25,15 @@ module ForemanMaintain
       []
     end
 
+    # Override method with list of applicable timers for feature.
+    # Services have a number for priority in order to ensure
+    # they are started and stopped in the correct order.
+    # example:
+    # [ system_service('foo', 10), system_service('bar', 20) ]
+    def timers
+      []
+    end
+
     # Override to generate additional feature instances that can't be
     # autodetected directly
     def additional_features

data/lib/foreman_maintain/utils/service/systemd.rb

@@ -12,8 +12,9 @@ module ForemanMaintain::Utils
       def command(action)
         all = @options.fetch(:all, false)
         skip_enablement = @options.fetch(:skip_enablement, false)
-        if skip_enablement && %w[enable disable].include?(action)
-          return skip_enablement_message(action, @name)
+        if %w[enable disable].include?(action)
+          return skip_enablement_message(action, @name) if skip_enablement
+          return if generated?
         end
 
         cmd = "systemctl #{action} #{@name}"
@@ -59,6 +60,10 @@ module ForemanMaintain::Utils
         end
       end
 
+      def generated?
+        service_enabled_status == 'generated'
+      end
+
       def matches?(service)
         if service.is_a? String
           service == @name || File.fnmatch(service, @name)

data/lib/foreman_maintain/version.rb

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '1.12.2'.freeze
+  VERSION = '1.12.4'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 1.12.2
+  version: 1.12.4
 platform: ruby
 authors:
 - Ivan Nečas
@@ -245,6 +245,7 @@ files:
 - definitions/features/service.rb
 - definitions/features/sync_plans.rb
 - definitions/features/tar.rb
+- definitions/features/timer.rb
 - definitions/procedures/backup/accessibility_confirmation.rb
 - definitions/procedures/backup/clean.rb
 - definitions/procedures/backup/compress_data.rb
@@ -275,6 +276,8 @@ files:
 - definitions/procedures/hammer_setup.rb
 - definitions/procedures/installer/run.rb
 - definitions/procedures/installer/upgrade_rake_task.rb
+- definitions/procedures/iop/image_prune.rb
+- definitions/procedures/iop/update.rb
 - definitions/procedures/knowledge_base_article.rb
 - definitions/procedures/maintenance_mode/disable_maintenance_mode.rb
 - definitions/procedures/maintenance_mode/enable_maintenance_mode.rb
@@ -329,26 +332,34 @@ files:
 - definitions/procedures/service/stop.rb
 - definitions/procedures/sync_plans/disable.rb
 - definitions/procedures/sync_plans/enable.rb
+- definitions/procedures/timer/start.rb
+- definitions/procedures/timer/stop.rb
 - definitions/reports/advisor_on_prem_remediations.rb
 - definitions/reports/alternate_content_sources.rb
+- definitions/reports/bookmarks.rb
 - definitions/reports/compliance.rb
 - definitions/reports/content.rb
+- definitions/reports/disconnected_environment.rb
 - definitions/reports/external_auth_source.rb
 - definitions/reports/grouping.rb
 - definitions/reports/image_mode_hosts.rb
 - definitions/reports/instance.rb
 - definitions/reports/inventory.rb
 - definitions/reports/kerberos.rb
+- definitions/reports/lab_features.rb
 - definitions/reports/ldap_auth_source.rb
 - definitions/reports/networking.rb
 - definitions/reports/oidc_usage.rb
+- definitions/reports/personal_access_token.rb
 - definitions/reports/platform.rb
 - definitions/reports/provisioning.rb
 - definitions/reports/rbac.rb
 - definitions/reports/recurring_logics.rb
+- definitions/reports/selinux.rb
 - definitions/reports/template
 - definitions/reports/virt_who.rb
 - definitions/reports/vmware.rb
+- definitions/reports/webhooks.rb
 - definitions/scenarios/backup.rb
 - definitions/scenarios/foreman_upgrade.rb
 - definitions/scenarios/maintenance_mode.rb
@@ -405,6 +416,7 @@ files:
 - lib/foreman_maintain/concerns/scenario_metadata.rb
 - lib/foreman_maintain/concerns/system_helpers.rb
 - lib/foreman_maintain/concerns/system_service.rb
+- lib/foreman_maintain/concerns/systemd.rb
 - lib/foreman_maintain/concerns/upstream.rb
 - lib/foreman_maintain/concerns/versions.rb
 - lib/foreman_maintain/config.rb