foreman_maintain 1.3.5 → 1.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/definitions/checks/check_hotfix_installed.rb +2 -3
- data/definitions/checks/disk/performance.rb +1 -2
- data/definitions/checks/package_manager/{yum/validate_yum_config.rb → dnf/validate_dnf_config.rb} +13 -11
- data/definitions/checks/repositories/check_upstream_repository.rb +1 -2
- data/definitions/features/installer.rb +8 -66
- data/definitions/features/instance.rb +0 -6
- data/definitions/procedures/backup/metadata.rb +5 -3
- data/definitions/procedures/packages/installer_confirmation.rb +1 -1
- data/definitions/procedures/packages/update.rb +3 -3
- data/definitions/scenarios/backup.rb +1 -6
- data/definitions/scenarios/self_upgrade.rb +4 -6
- data/definitions/scenarios/{upgrade_to_capsule_6_14_z.rb → upgrade_to_capsule_6_15.rb} +11 -12
- data/definitions/scenarios/{upgrade_to_capsule_6_14.rb → upgrade_to_capsule_6_15_z.rb} +12 -13
- data/definitions/scenarios/upgrade_to_katello_nightly.rb +1 -1
- data/definitions/scenarios/{upgrade_to_satellite_6_14_z.rb → upgrade_to_satellite_6_15.rb} +12 -12
- data/definitions/scenarios/{upgrade_to_satellite_6_14.rb → upgrade_to_satellite_6_15_z.rb} +12 -14
- data/extras/foreman_protector/foreman-protector.conf +1 -1
- data/lib/foreman_maintain/concerns/base_database.rb +0 -41
- data/lib/foreman_maintain/concerns/system_helpers.rb +2 -2
- data/lib/foreman_maintain/config.rb +5 -1
- data/lib/foreman_maintain/package_manager/dnf.rb +138 -11
- data/lib/foreman_maintain/package_manager.rb +0 -1
- data/lib/foreman_maintain/repository_manager/el.rb +2 -2
- data/lib/foreman_maintain/version.rb +1 -1
- metadata +11 -20
- data/definitions/checks/backup/directory_ready.rb +0 -23
- data/definitions/checks/foreman/check_checkpoint_segments.rb +0 -59
- data/definitions/checks/foreman/check_duplicate_roles.rb +0 -42
- data/definitions/checks/foreman/puppet_class_duplicates.rb +0 -48
- data/definitions/checks/original_assets.rb +0 -23
- data/definitions/procedures/foreman/apipie_cache.rb +0 -12
- data/definitions/procedures/foreman_docker/remove_foreman_docker.rb +0 -16
- data/extras/foreman_protector/yum/foreman-protector.py +0 -86
- data/lib/foreman_maintain/package_manager/yum.rb +0 -142
@@ -1,23 +0,0 @@
|
|
1
|
-
class Checks::OriginalAssets < ForemanMaintain::Check
|
2
|
-
metadata do
|
3
|
-
description 'Check if only installed assets are present on the system'
|
4
|
-
tags :post_upgrade
|
5
|
-
for_feature :foreman_server
|
6
|
-
end
|
7
|
-
|
8
|
-
ASSETS_DIR = '/var/lib/foreman/public/assets'.freeze
|
9
|
-
|
10
|
-
def run
|
11
|
-
custom_assets = []
|
12
|
-
product_name = feature(:instance).product_name
|
13
|
-
with_spinner('Checking for presence of non-original assets...') do
|
14
|
-
custom_assets = package_manager.files_not_owned_by_package(ASSETS_DIR)
|
15
|
-
logger.info("Non-original assets detected:\n" + custom_assets.join("\n"))
|
16
|
-
end
|
17
|
-
remove_files = Procedures::Files::Remove.new(:files => custom_assets, :assumeyes => true)
|
18
|
-
assert(custom_assets.empty?,
|
19
|
-
"Some assets not owned by #{product_name} were detected on the system.\n" \
|
20
|
-
'Possible conflicting versions can affect operation of the Web UI.',
|
21
|
-
:next_steps => remove_files)
|
22
|
-
end
|
23
|
-
end
|
@@ -1,16 +0,0 @@
|
|
1
|
-
module Procedures::ForemanDocker
|
2
|
-
class RemoveForemanDocker < ForemanMaintain::Procedure
|
3
|
-
metadata do
|
4
|
-
advanced_run false
|
5
|
-
description 'Drop foreman_docker plugin'
|
6
|
-
confine do
|
7
|
-
find_package(foreman_plugin_name('foreman_docker'))
|
8
|
-
end
|
9
|
-
end
|
10
|
-
|
11
|
-
def run
|
12
|
-
execute!('foreman-rake foreman_docker:cleanup')
|
13
|
-
packages_action(:remove, foreman_plugin_name('foreman_docker'), :assumeyes => true)
|
14
|
-
end
|
15
|
-
end
|
16
|
-
end
|
@@ -1,86 +0,0 @@
|
|
1
|
-
from yum.plugins import PluginYumExit
|
2
|
-
from yum.plugins import TYPE_CORE
|
3
|
-
from rpmUtils.miscutils import splitFilename
|
4
|
-
from yum.packageSack import packagesNewestByName
|
5
|
-
|
6
|
-
import urlgrabber
|
7
|
-
import urlgrabber.grabber
|
8
|
-
|
9
|
-
import os
|
10
|
-
import fnmatch
|
11
|
-
import tempfile
|
12
|
-
import time
|
13
|
-
|
14
|
-
requires_api_version = '2.1'
|
15
|
-
plugin_type = (TYPE_CORE,)
|
16
|
-
|
17
|
-
_package_whitelist = set()
|
18
|
-
fileurl = None
|
19
|
-
|
20
|
-
def _load_whitelist():
|
21
|
-
try:
|
22
|
-
if fileurl:
|
23
|
-
llfile = urlgrabber.urlopen(fileurl)
|
24
|
-
for line in llfile.readlines():
|
25
|
-
if line.startswith('#') or line.strip() == '':
|
26
|
-
continue
|
27
|
-
_package_whitelist.add(line.rstrip().lower())
|
28
|
-
llfile.close()
|
29
|
-
except urlgrabber.grabber.URLGrabError as e:
|
30
|
-
raise PluginYumExit('Unable to read Foreman protector"s configuration: %s' % e)
|
31
|
-
|
32
|
-
def _add_obsoletes(conduit):
|
33
|
-
if _package_whitelist:
|
34
|
-
# If anything obsoletes something that we have whitelisted ... then
|
35
|
-
# whitelist that too.
|
36
|
-
for (pkgtup, instTup) in conduit._base.up.getObsoletesTuples():
|
37
|
-
if instTup[0] not in _package_whitelist:
|
38
|
-
continue
|
39
|
-
_package_whitelist.add(pkgtup[0].lower())
|
40
|
-
|
41
|
-
def _get_updates(base):
|
42
|
-
updates = {}
|
43
|
-
|
44
|
-
for p in base.pkgSack.returnNewestByName():
|
45
|
-
if p.name in _package_whitelist:
|
46
|
-
# This one is whitelisted, skip
|
47
|
-
continue
|
48
|
-
updates[p.name] = p
|
49
|
-
|
50
|
-
return updates
|
51
|
-
|
52
|
-
def config_hook(conduit):
|
53
|
-
global fileurl
|
54
|
-
|
55
|
-
fileurl = conduit.confString('main', 'whitelist')
|
56
|
-
|
57
|
-
def _add_package_whitelist_excluders(conduit):
|
58
|
-
if hasattr(conduit, 'registerPackageName'):
|
59
|
-
conduit.registerPackageName("yum-plugin-foreman-protector")
|
60
|
-
ape = conduit._base.pkgSack.addPackageExcluder
|
61
|
-
exid = 'foreman-protector.W.'
|
62
|
-
ape(None, exid + str(1), 'mark.washed')
|
63
|
-
ape(None, exid + str(2), 'wash.name.in', _package_whitelist)
|
64
|
-
ape(None, exid + str(3), 'exclude.marked')
|
65
|
-
|
66
|
-
def exclude_hook(conduit):
|
67
|
-
conduit.info(3, 'Reading Foreman protector configuration')
|
68
|
-
|
69
|
-
_load_whitelist()
|
70
|
-
_add_obsoletes(conduit)
|
71
|
-
|
72
|
-
total = len(_get_updates(conduit._base))
|
73
|
-
conduit.info(3, '*** Excluded total: %s' % total)
|
74
|
-
if total:
|
75
|
-
if total > 1:
|
76
|
-
suffix = 's'
|
77
|
-
else:
|
78
|
-
suffix = ''
|
79
|
-
conduit.info(1, '\n'
|
80
|
-
'WARNING: Excluding %d package%s due to foreman-protector. \n'
|
81
|
-
'Use foreman-maintain packages install/update <package> \n'
|
82
|
-
'to safely install packages without restrictions.\n'
|
83
|
-
'Use foreman-maintain upgrade run for full upgrade.\n'
|
84
|
-
% (total, suffix))
|
85
|
-
|
86
|
-
_add_package_whitelist_excluders(conduit)
|
@@ -1,142 +0,0 @@
|
|
1
|
-
module ForemanMaintain::PackageManager
|
2
|
-
class Yum < Base
|
3
|
-
PROTECTOR_CONFIG_FILE = '/etc/yum/pluginconf.d/foreman-protector.conf'.freeze
|
4
|
-
PROTECTOR_WHITELIST_FILE = '/etc/yum/pluginconf.d/foreman-protector.whitelist'.freeze
|
5
|
-
|
6
|
-
def self.parse_envra(envra)
|
7
|
-
# envra format: 0:foreman-1.20.1.10-1.el7sat.noarch
|
8
|
-
parsed = envra.match(/\d*:?(?<name>.*)-[^-]+-[^-]+\.[^.]+/)
|
9
|
-
parsed ? Hash[parsed.names.map(&:to_sym).zip(parsed.captures)].merge(:envra => envra) : nil
|
10
|
-
end
|
11
|
-
|
12
|
-
def lock_versions
|
13
|
-
enable_protector
|
14
|
-
end
|
15
|
-
|
16
|
-
def unlock_versions
|
17
|
-
disable_protector
|
18
|
-
end
|
19
|
-
|
20
|
-
def versions_locked?
|
21
|
-
!!(protector_config =~ /^\s*enabled\s*=\s*1/) &&
|
22
|
-
protector_whitelist_file_nonzero?
|
23
|
-
end
|
24
|
-
|
25
|
-
def protector_whitelist_file_nonzero?
|
26
|
-
File.exist?(PROTECTOR_WHITELIST_FILE) &&
|
27
|
-
!File.zero?(PROTECTOR_WHITELIST_FILE)
|
28
|
-
end
|
29
|
-
|
30
|
-
def version_locking_supported?
|
31
|
-
true
|
32
|
-
end
|
33
|
-
|
34
|
-
def installed?(packages)
|
35
|
-
packages_list = [packages].flatten(1).map { |pkg| "'#{pkg}'" }.join(' ')
|
36
|
-
sys.execute?(%(rpm -q #{packages_list}))
|
37
|
-
end
|
38
|
-
|
39
|
-
def find_installed_package(name, queryformat = '')
|
40
|
-
rpm_cmd = "rpm -q '#{name}'"
|
41
|
-
unless queryformat.empty?
|
42
|
-
rpm_cmd += " --qf '#{queryformat}'"
|
43
|
-
end
|
44
|
-
status, result = sys.execute_with_status(rpm_cmd)
|
45
|
-
if status == 0
|
46
|
-
result
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
def install(packages, assumeyes: false)
|
51
|
-
yum_action('install', packages, :assumeyes => assumeyes)
|
52
|
-
end
|
53
|
-
|
54
|
-
def reinstall(packages, assumeyes: false)
|
55
|
-
yum_action('reinstall', packages, :assumeyes => assumeyes)
|
56
|
-
end
|
57
|
-
|
58
|
-
def remove(packages, assumeyes: false)
|
59
|
-
yum_action('remove', packages, :assumeyes => assumeyes)
|
60
|
-
end
|
61
|
-
|
62
|
-
def update(packages = [], assumeyes: false, yum_options: [])
|
63
|
-
yum_action('update', packages, :assumeyes => assumeyes, :yum_options => yum_options)
|
64
|
-
end
|
65
|
-
|
66
|
-
def clean_cache(assumeyes: false)
|
67
|
-
yum_action('clean', 'all', :assumeyes => assumeyes)
|
68
|
-
end
|
69
|
-
|
70
|
-
def check_update(packages: nil, with_status: false)
|
71
|
-
yum_action('check-update', packages, :assumeyes => true, :valid_exit_statuses => [0, 100],
|
72
|
-
:with_status => with_status)
|
73
|
-
end
|
74
|
-
|
75
|
-
def update_available?(package)
|
76
|
-
cmd_output = yum_action('check-update -q', package, :with_status => true, :assumeyes => false)
|
77
|
-
cmd_output[0] == 100
|
78
|
-
end
|
79
|
-
|
80
|
-
def files_not_owned_by_package(directory)
|
81
|
-
find_cmd = "find #{directory} -exec /bin/sh -c 'rpm -qf {} &> /dev/null || echo {}' \\;"
|
82
|
-
sys.execute(find_cmd).split("\n")
|
83
|
-
end
|
84
|
-
|
85
|
-
def list_installed_packages(queryformat = '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n')
|
86
|
-
# The queryformat should only include valid tag(s) as per `rpm --querytags` list.
|
87
|
-
# If any special formatting is required with querytag then it should be provided with tag i.e,
|
88
|
-
# "--%{VENDOR}"
|
89
|
-
# The queryformat string must end with '\n'
|
90
|
-
sys.execute!("rpm -qa --qf '#{queryformat}'").split("\n")
|
91
|
-
end
|
92
|
-
|
93
|
-
private
|
94
|
-
|
95
|
-
def protector_config
|
96
|
-
File.exist?(protector_config_file) ? File.read(protector_config_file) : ''
|
97
|
-
end
|
98
|
-
|
99
|
-
def protector_config_file
|
100
|
-
PROTECTOR_CONFIG_FILE
|
101
|
-
end
|
102
|
-
|
103
|
-
def enable_protector
|
104
|
-
setup_protector(true)
|
105
|
-
end
|
106
|
-
|
107
|
-
def disable_protector
|
108
|
-
setup_protector(false)
|
109
|
-
end
|
110
|
-
|
111
|
-
def setup_protector(enabled)
|
112
|
-
config = protector_config
|
113
|
-
config += "\n" unless config[-1] == "\n"
|
114
|
-
enabled_re = /^\s*enabled\s*=.*$/
|
115
|
-
if enabled_re.match(config)
|
116
|
-
config = config.gsub(enabled_re, "enabled = #{enabled ? '1' : '0'}")
|
117
|
-
else
|
118
|
-
config += "enabled = #{enabled ? '1' : '0'}\n"
|
119
|
-
end
|
120
|
-
File.open(protector_config_file, 'w') { |file| file.puts config }
|
121
|
-
end
|
122
|
-
|
123
|
-
def yum_action(action, packages, options)
|
124
|
-
with_status = options.fetch(:with_status, false)
|
125
|
-
assumeyes = options.fetch(:assumeyes, false)
|
126
|
-
valid_exit_statuses = options.fetch(:valid_exit_statuses, [0])
|
127
|
-
yum_options = options.fetch(:yum_options, [])
|
128
|
-
packages = [packages].flatten(1)
|
129
|
-
yum_options << '-y' if assumeyes
|
130
|
-
yum_options << '--disableplugin=foreman-protector'
|
131
|
-
yum_options_s = yum_options.empty? ? '' : ' ' + yum_options.join(' ')
|
132
|
-
packages_s = packages.empty? ? '' : ' ' + packages.join(' ')
|
133
|
-
if with_status
|
134
|
-
sys.execute_with_status("yum#{yum_options_s} #{action}#{packages_s}",
|
135
|
-
:interactive => !assumeyes)
|
136
|
-
else
|
137
|
-
sys.execute!("yum#{yum_options_s} #{action}#{packages_s}",
|
138
|
-
:interactive => !assumeyes, :valid_exit_statuses => valid_exit_statuses)
|
139
|
-
end
|
140
|
-
end
|
141
|
-
end
|
142
|
-
end
|