foreman_maintain 1.4.0 → 1.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a8e76b84acb5103032daf0a4207f4c53a7d425fffe2fbfce49273200e3f5a732
-  data.tar.gz: a91160e10024846b1b931515e55c6461aba0c2c3b5209a966fb9c43685b3eea5
+  metadata.gz: a742f6c45bf5c57c814ba78f83ff3fb72863de35005f0e8f34a6f823de766ba5
+  data.tar.gz: be8eb54fe3eb4d9a05d59f64ad34fc314ae97fc4be47c1aeaf4cde3b0d46b979
 SHA512:
-  metadata.gz: 005d201ea441c1e1ecdd51838f76f9157357a332cb025ba6ea9fe835bff604d601b259ca374d8cf32118ab12203bea2dfc490d959127dee1f92768a684fb0e0f
-  data.tar.gz: f51b31aa841554becdf0e3904c1a9d5259bd0d7691a83240b99f731320335ad20ee5428fc5c02267bf41ec50bd4f0e87bce2e7fcb9cec0f068ea4c03b04e1cac
+  metadata.gz: 4cb48844ead00af99f66d37ee2a215fe9c397f14b544774580ad5df3dc09598231f5a8a7978fbc2111bb104daa951f1d3c6a1dc2426c2f635e319ded93117e6f
+  data.tar.gz: 7c0cea08c66ea928e2fa6659dd051d55c4ab0e9afabba61c18ad9934b1a21fd1b177d7f765e58a2885927103daf92ba8d05513d2fc0f386ec2900e546afa3cbc

data/README.md

@@ -1,4 +1,4 @@
-# Foreman Maintain [![Build Status](https://github.com/theforeman/foreman_maintain/workflows/Ruby%20Tests/badge.svg?event=pull_request)](https://github.com/theforeman/foreman_maintain/workflows/Ruby%20Tests/badge.svg?event=pull_request) <a href="https://codeclimate.com/github/theforeman/foreman_maintain"><img src="https://codeclimate.com/github/theforeman/foreman_maintain/badges/gpa.svg" /></a>
+# Foreman Maintain [![Ruby Tests](https://github.com/theforeman/foreman_maintain/actions/workflows/ruby_tests.yml/badge.svg)](https://github.com/theforeman/foreman_maintain/actions/workflows/ruby_tests.yml) <a href="https://codeclimate.com/github/theforeman/foreman_maintain"><img src="https://codeclimate.com/github/theforeman/foreman_maintain/badges/gpa.svg" /></a>
 
 The `foreman_maintain` aims to provide various features that helps keep the
 Foreman/Satellite up and running. It supports multiple versions and subparts

data/definitions/checks/check_hotfix_installed.rb

@@ -4,8 +4,7 @@ class Checks::CheckHotfixInstalled < ForemanMaintain::Check
     description 'Check to verify if any hotfix installed on system'
     tags :pre_upgrade
     preparation_steps do
-      [Checks::Repositories::CheckNonRhRepository.new,
-       Procedures::Packages::Install.new(:packages => %w[yum-utils])]
+      [Checks::Repositories::CheckNonRhRepository.new]
     end
 
     confine do
@@ -45,7 +44,7 @@ class Checks::CheckHotfixInstalled < ForemanMaintain::Check
 
   def installed_packages
     packages = []
-    IO.popen(['repoquery', '-a', '--installed', '--qf', query_format]) do |io|
+    IO.popen(['dnf', 'repoquery', '-a', '--installed', '--qf', query_format]) do |io|
       io.each do |line|
         repo, pkg = line.chomp.split
         next if repo.nil? || pkg.nil?

data/definitions/checks/disk/performance.rb

@@ -30,8 +30,7 @@ module Checks
           puts "\n"
           puts stats.stdout
 
-          current_downstream_feature = feature(:instance).downstream
-          if current_downstream_feature&.at_least_version?('6.3')
+          if feature(:instance).downstream
             assert(success, io_obj.slow_disk_error_msg + warning_message, :warn => true)
           else
             assert(success, io_obj.slow_disk_error_msg)

data/definitions/checks/package_manager/{yum/validate_yum_config.rb → dnf/validate_dnf_config.rb}

@@ -1,9 +1,9 @@
 module Checks::PackageManager
-  module Yum
-    class ValidateYumConfig < ForemanMaintain::Check
+  module Dnf
+    class ValidateDnfConfig < ForemanMaintain::Check
       metadata do
-        label :validate_yum_config
-        description 'Check to validate yum configuration before upgrade'
+        label :validate_dnf_config
+        description 'Check to validate dnf configuration before upgrade'
         tags :pre_upgrade
       end
 
@@ -17,30 +17,32 @@ module Checks::PackageManager
 
       private
 
+      # rubocop:disable Metrics/LineLength
       def failure_message(final_result)
         verb_string = final_result[:matched_keys].length > 1 ? 'are' : 'is'
 
-        "#{final_result[:matched_keys].join(',')} #{verb_string} set in /etc/yum.conf as below:"\
+        "#{final_result[:matched_keys].join(',')} #{verb_string} set in /etc/dnf/dnf.conf as below:"\
         "\n#{final_result[:grep_output]}"\
-        "\nUnset this configuration as it is risky while yum update or upgrade!"
+        "\nUnset this configuration as it is risky while dnf update or upgrade!"
       end
+      # rubocop:enable Metrics/LineLength
 
       def verify_config_options
         result = {}
-        combined_regex = yum_config_options.values.join('|')
+        combined_regex = dnf_config_options.values.join('|')
         result[:grep_output] = execute_grep_cmd(combined_regex)
-        result[:matched_keys] = yum_config_options.keys.select do |key|
+        result[:matched_keys] = dnf_config_options.keys.select do |key|
           result[:grep_output].include?(key)
         end
         result
       end
 
       def execute_grep_cmd(regex_string)
-        execute_with_status("grep -iE '#{regex_string}' /etc/yum.conf")[1]
+        execute_with_status("grep -iE '#{regex_string}' /etc/dnf/dnf.conf")[1]
       end
 
-      def yum_config_options
-        @yum_config_options ||= {
+      def dnf_config_options
+        @dnf_config_options ||= {
           'exclude' => '^exclude\s*=\s*\S+.*$',
         }
       end

data/definitions/checks/repositories/check_upstream_repository.rb

@@ -6,8 +6,7 @@ class Checks::CheckUpstreamRepository < ForemanMaintain::Check
     description 'Check if any upstream repositories are enabled on system'
     tags :pre_upgrade
     preparation_steps do
-      [Checks::Repositories::CheckNonRhRepository.new,
-       Procedures::Packages::Install.new(:packages => %w[yum-utils])]
+      [Checks::Repositories::CheckNonRhRepository.new]
     end
     confine do
       feature(:instance).downstream

data/definitions/features/installer.rb

@@ -3,22 +3,10 @@ class Features::Installer < ForemanMaintain::Feature
     label :installer
 
     confine do
-      find_package('foreman-installer') ||
-        find_package('katello-installer') ||
-        find_package('capsule-installer')
+      find_package('foreman-installer')
     end
   end
 
-  def initialize
-    @installer_type = if find_package('foreman-installer')
-                        :scenarios
-                      elsif find_package('katello-installer')
-                        :legacy_katello
-                      elsif find_package('capsule-installer')
-                        :legacy_capsule
-                      end
-  end
-
   def answers
     load_answers(configuration)
   end
@@ -28,39 +16,17 @@ class Features::Installer < ForemanMaintain::Feature
   end
 
   def config_file
-    case @installer_type
-    when :scenarios
-      last_scenario_config
-    when :legacy_katello
-      File.join(config_directory, 'katello-installer.yaml')
-    when :legacy_capsule
-      File.join(config_directory, 'capsule-installer.yaml')
-    end
-  end
-
-  def with_scenarios?
-    @installer_type == :scenarios
+    last_scenario_config
   end
 
   def config_directory
-    case @installer_type
-    when :scenarios
-      '/etc/foreman-installer'
-    when :legacy_katello
-      '/etc/katello-installer'
-    when :legacy_capsule
-      '/etc/capsule-installer'
-    end
+    '/etc/foreman-installer'
   end
 
   def custom_hiera_file
     @custom_hiera_file ||= File.join(config_directory, 'custom-hiera.yaml')
   end
 
-  def can_upgrade?
-    @installer_type == :scenarios || @installer_type == :legacy_katello
-  end
-
   def config_files
     Dir.glob(File.join(config_directory, '**/*')) +
       [
@@ -71,23 +37,14 @@ class Features::Installer < ForemanMaintain::Feature
   end
 
   def last_scenario
-    return nil unless with_scenarios?
-
     File.basename(last_scenario_config).split('.')[0]
   end
 
   def installer_command
-    case @installer_type
-    when :scenarios
-      if feature(:satellite)
-        'satellite-installer'
-      else
-        'foreman-installer'
-      end
-    when :legacy_katello
-      'katello-installer'
-    when :legacy_capsule
-      'capsule-installer'
+    if feature(:satellite)
+      'satellite-installer'
+    else
+      'foreman-installer'
     end
   end
 
@@ -105,22 +62,7 @@ class Features::Installer < ForemanMaintain::Feature
   end
 
   def upgrade(exec_options = {})
-    run(installer_arguments, exec_options)
-  end
-
-  def installer_arguments
-    installer_args = ''
-
-    if feature(:foreman_proxy)&.with_content? &&
-       check_max_version('foreman-installer', '3.4')
-      installer_args += ' --disable-system-checks'
-    end
-
-    if !check_min_version('foreman-installer', '2.1') && can_upgrade?
-      installer_args += ' --upgrade'
-    end
-
-    installer_args
+    run('', exec_options)
   end
 
   def initial_admin_username

data/definitions/features/instance.rb

@@ -139,12 +139,6 @@ class Features::Instance < ForemanMaintain::Feature
   end
 
   def pick_failing_components(components)
-    if feature(:katello).current_version < Gem::Version.new('3.2.0')
-      # Note that katello_ping returns an empty result against foreman_auth.
-      # https://github.com/Katello/katello/commit/95d7b9067d38f269a5ec121fb73b5c19d4422baf
-      components.reject! { |n| n.eql?('foreman_auth') }
-    end
-
     components.each_with_object([]) do |(name, data), failing|
       failing << name unless data['status'] == 'ok'
     end

data/definitions/procedures/backup/metadata.rb

@@ -64,9 +64,11 @@ module Procedures::Backup
     end
 
     def proxy_config(spinner)
-      spinner.update('Collecting proxy configuration')
-      feature(:installer).answers['foreman_proxy'].select do |key, _|
-        PROXY_CONFIG_ENTRIES.include?(key)
+      if feature(:installer)
+        spinner.update('Collecting proxy configuration')
+        feature(:installer).answers['foreman_proxy'].select do |key, _|
+          PROXY_CONFIG_ENTRIES.include?(key)
+        end
       end
     end
   end

data/definitions/procedures/packages/installer_confirmation.rb

@@ -6,7 +6,7 @@ module Procedures::Packages
 
     def run
       question = "\nWARNING: This script runs #{feature(:installer).installer_command} " \
-        "after the yum execution \n" \
+        "after the dnf execution \n" \
         "to ensure the #{feature(:instance).product_name} " \
         "is in a consistent state.\n" \
         "As a result some of your services may be restarted. \n\n" \

data/definitions/procedures/packages/update.rb

@@ -6,13 +6,13 @@ module Procedures::Packages
       param :force, 'Do not skip if package is installed', :flag => true, :default => false
       param :warn_on_errors, 'Do not interrupt scenario on failure',
         :flag => true, :default => false
-      param :yum_options, 'Extra yum options if any', :array => true, :default => []
+      param :dnf_options, 'Extra dnf options if any', :array => true, :default => []
     end
 
     def run
       assumeyes_val = @assumeyes.nil? ? assumeyes? : @assumeyes
       package_manager.clean_cache(:assumeyes => assumeyes_val)
-      opts = { :assumeyes => assumeyes_val, :yum_options => @yum_options }
+      opts = { :assumeyes => assumeyes_val, :dnf_options => @dnf_options }
       packages_action(:update, @packages, opts)
     rescue ForemanMaintain::Error::ExecutionError => e
       if @warn_on_errors
@@ -27,7 +27,7 @@ module Procedures::Packages
     end
 
     def description
-      if @yum_options.include?('--downloadonly')
+      if @dnf_options.include?('--downloadonly')
         "Download package(s) #{@packages.join(', ')}"
       else
         "Update package(s) #{@packages.join(', ')}"

data/definitions/scenarios/backup.rb

@@ -25,7 +25,7 @@ module ForemanMaintain::Scenarios
       accessibility_confirmation
       prepare_directory
       logical_volume_confirmation
-      add_step_with_context(Procedures::Backup::Metadata)
+      add_step_with_context(Procedures::Backup::Metadata, :online_backup => online_backup?)
 
       case strategy
       when :online
@@ -49,7 +49,6 @@ module ForemanMaintain::Scenarios
     # rubocop:disable  Metrics/MethodLength
     def set_context_mapping
       context.map(:backup_dir,
-        Checks::Backup::DirectoryReady => :backup_dir,
         Procedures::Backup::PrepareDirectory => :backup_dir,
         Procedures::Backup::Metadata => :backup_dir,
         Procedures::Backup::ConfigFiles => :backup_dir,
@@ -66,7 +65,6 @@ module ForemanMaintain::Scenarios
         Procedures::Backup::Snapshot::MountForemanDB => :backup_dir,
         Procedures::Backup::Snapshot::MountPulpcoreDB => :backup_dir)
       context.map(:preserve_dir,
-        Checks::Backup::DirectoryReady => :preserve_dir,
         Procedures::Backup::PrepareDirectory => :preserve_dir)
       context.map(:incremental_dir,
         Procedures::Backup::PrepareDirectory => :incremental_dir,
@@ -104,8 +102,6 @@ module ForemanMaintain::Scenarios
 
     def prepare_directory
       add_step_with_context(Procedures::Backup::PrepareDirectory)
-      add_step_with_context(Checks::Backup::DirectoryReady,
-        :postgres_access => online_backup? || include_db_dumps?)
     end
 
     def logical_volume_confirmation
@@ -199,7 +195,6 @@ module ForemanMaintain::Scenarios
         Procedures::Backup::Online::ForemanDB,
         Procedures::Backup::Online::PulpcoreDB
       )
-      add_step_with_context(Procedures::Backup::Metadata, :online_backup => true)
     end
 
     def strategy

data/definitions/scenarios/self_upgrade.rb

@@ -67,13 +67,11 @@ module ForemanMaintain::Scenarios
     def downstream_self_upgrade(pkgs_to_update)
       ForemanMaintain.enable_maintenance_module
 
-      if check_min_version('foreman', '2.5') || check_min_version('foreman-proxy', '2.5')
-        yum_options = req_repos_to_update_pkgs.map do |id|
-          "--enablerepo=#{id}"
-        end
-        add_step(Procedures::Packages::Update.new(packages: pkgs_to_update, assumeyes: true,
-          yum_options: yum_options))
+      dnf_options = req_repos_to_update_pkgs.map do |id|
+        "--enablerepo=#{id}"
       end
+      add_step(Procedures::Packages::Update.new(packages: pkgs_to_update, assumeyes: true,
+        dnf_options: dnf_options))
     end
 
     def upstream_self_upgrade(pkgs_to_update)

data/definitions/scenarios/upgrade_to_capsule_6_15.rb

@@ -27,7 +27,6 @@ module Scenarios::Capsule_6_15
     def compose
       add_steps(find_checks(:default))
       add_steps(find_checks(:pre_upgrade))
-      add_step(Checks::Foreman::CheckpointSegments)
       add_step(Checks::Repositories::Validate.new(:version => '6.15'))
     end
   end
@@ -58,7 +57,7 @@ module Scenarios::Capsule_6_15
       modules_to_enable = ["satellite-capsule:#{el_short_name}"]
       add_step(Procedures::Packages::EnableModules.new(:module_names => modules_to_enable))
       add_step(Procedures::Packages::Update.new(:assumeyes => true,
-        :yum_options => ['--downloadonly']))
+        :dnf_options => ['--downloadonly']))
       add_step(Procedures::Service::Stop.new)
       add_step(Procedures::Packages::Update.new(:assumeyes => true))
       add_step_with_context(Procedures::Installer::Upgrade)

data/definitions/scenarios/upgrade_to_capsule_6_15_z.rb

@@ -27,7 +27,6 @@ module Scenarios::Capsule_6_15_z
     def compose
       add_steps(find_checks(:default))
       add_steps(find_checks(:pre_upgrade))
-      add_step(Checks::Foreman::CheckpointSegments)
       add_step(Checks::Repositories::Validate.new(:version => '6.15'))
     end
   end
@@ -58,7 +57,7 @@ module Scenarios::Capsule_6_15_z
       modules_to_enable = ["satellite-capsule:#{el_short_name}"]
       add_step(Procedures::Packages::EnableModules.new(:module_names => modules_to_enable))
       add_step(Procedures::Packages::Update.new(:assumeyes => true,
-        :yum_options => ['--downloadonly']))
+        :dnf_options => ['--downloadonly']))
       add_step(Procedures::Service::Stop.new)
       add_step(Procedures::Packages::Update.new(:assumeyes => true))
       add_step_with_context(Procedures::Installer::Upgrade)

data/definitions/scenarios/upgrade_to_katello_nightly.rb

@@ -55,7 +55,7 @@ module Scenarios::Katello_Nightly
       modules_to_enable = ["katello:#{el_short_name}", "pulpcore:#{el_short_name}"]
       add_step(Procedures::Packages::EnableModules.new(:module_names => modules_to_enable))
       add_step(Procedures::Packages::Update.new(:assumeyes => true,
-        :yum_options => ['--downloadonly']))
+        :dnf_options => ['--downloadonly']))
       add_step(Procedures::Service::Stop.new)
       add_step(Procedures::Packages::Update.new(:assumeyes => true))
       add_step_with_context(Procedures::Installer::Upgrade)

data/definitions/scenarios/upgrade_to_satellite_6_15.rb

@@ -27,7 +27,6 @@ module Scenarios::Satellite_6_15
     def compose
       add_steps(find_checks(:default))
       add_steps(find_checks(:pre_upgrade))
-      add_step(Checks::Foreman::CheckpointSegments)
       add_step(Checks::Repositories::Validate.new(:version => '6.15'))
     end
   end
@@ -59,7 +58,7 @@ module Scenarios::Satellite_6_15
       modules_to_enable = ["satellite:#{el_short_name}"]
       add_step(Procedures::Packages::EnableModules.new(:module_names => modules_to_enable))
       add_step(Procedures::Packages::Update.new(:assumeyes => true,
-        :yum_options => ['--downloadonly']))
+        :dnf_options => ['--downloadonly']))
       add_step(Procedures::Service::Stop.new)
       add_step(Procedures::Packages::Update.new(:assumeyes => true))
       add_step_with_context(Procedures::Installer::Upgrade)

data/definitions/scenarios/upgrade_to_satellite_6_15_z.rb

@@ -27,7 +27,6 @@ module Scenarios::Satellite_6_15_z
     def compose
       add_steps(find_checks(:default))
       add_steps(find_checks(:pre_upgrade))
-      add_step(Checks::Foreman::CheckpointSegments)
       add_step(Checks::Repositories::Validate.new(:version => '6.15'))
     end
   end
@@ -58,7 +57,7 @@ module Scenarios::Satellite_6_15_z
       modules_to_enable = ["satellite:#{el_short_name}"]
       add_step(Procedures::Packages::EnableModules.new(:module_names => modules_to_enable))
       add_step(Procedures::Packages::Update.new(:assumeyes => true,
-        :yum_options => ['--downloadonly']))
+        :dnf_options => ['--downloadonly']))
       add_step(Procedures::Service::Stop.new)
       add_step(Procedures::Packages::Update.new(:assumeyes => true))
       add_step_with_context(Procedures::Installer::Upgrade)

data/extras/foreman_protector/foreman-protector.conf

@@ -1,3 +1,3 @@
 [main]
 enabled = 0
-whitelist = /etc/yum/pluginconf.d/foreman-protector.whitelist
+whitelist = /etc/dnf/plugins/foreman-protector.whitelist

data/lib/foreman_maintain/concerns/base_database.rb

@@ -75,11 +75,6 @@ module ForemanMaintain
           :hidden_patterns => [config['password']])
       end
 
-      def backup_file_path(config = configuration)
-        dump_file_name = "#{config['database']}_#{Time.now.strftime('%Y-%m-%d_%H-%M-%S')}.dump"
-        "#{backup_dir}/#{dump_file_name}.bz2"
-      end
-
       def dump_db(file, config = configuration)
         execute!(dump_command(config) + " > #{file}", :hidden_patterns => [config['password']])
       end
@@ -115,47 +110,11 @@ module ForemanMaintain
         end
       end
 
-      # TODO: refactor to use dump_db
-      def backup_db_command(file_path, config = configuration)
-        pg_dump_cmd = "pg_dump -Fc #{config['database']}"
-        "runuser - postgres -c '#{pg_dump_cmd}' | bzip2 -9 > #{file_path}"
-      end
-
       # TODO: remove the backup file path tools from here. Lib Utils::Backup?
       def backup_dir
         @backup_dir ||= File.expand_path(ForemanMaintain.config.db_backup_dir)
       end
 
-      def perform_backup(config = configuration)
-        file_path = backup_file_path(config)
-        backup_cmd = backup_db_command(file_path, config)
-        execute!(backup_cmd, :hidden_patterns => [config['password']])
-        puts "\n Note: Database backup file path - #{file_path}"
-        puts "\n In case of any exception, use above dump file to restore DB."
-      end
-
-      def table_exist?(table_name)
-        sql = <<-SQL
-          SELECT EXISTS ( SELECT *
-          FROM information_schema.tables WHERE table_name =  '#{table_name}' )
-        SQL
-        result = query(sql)
-        return false if result.nil? || (result && result.empty?)
-
-        result.first['exists'].eql?('t')
-      end
-
-      def delete_records_by_ids(tbl_name, rec_ids)
-        quotize_rec_ids = rec_ids.map { |el| "'#{el}'" }.join(',')
-        unless quotize_rec_ids.empty?
-          psql(<<-SQL)
-            BEGIN;
-             DELETE FROM #{tbl_name} WHERE id IN (#{quotize_rec_ids});
-            COMMIT;
-          SQL
-        end
-      end
-
       def find_base_directory(directory)
         find_dir_containing_file(directory, 'postgresql.conf')
       end

data/lib/foreman_maintain/concerns/system_helpers.rb

@@ -100,13 +100,13 @@ module ForemanMaintain
       end
 
       def packages_action(action, packages, options = {})
-        options.validate_options!(:assumeyes, :yum_options)
+        options.validate_options!(:assumeyes, :dnf_options)
         case action
         when :install
           package_manager.install(packages, :assumeyes => options[:assumeyes])
         when :update
           package_manager.update(packages, :assumeyes => options[:assumeyes],
-                                           :yum_options => options[:yum_options])
+                                           :dnf_options => options[:dnf_options])
         when :remove
           package_manager.remove(packages, :assumeyes => options[:assumeyes])
         else

data/lib/foreman_maintain/config.rb

@@ -64,7 +64,11 @@ module ForemanMaintain
     end
 
     def config_file_path
-      File.exist?(CONFIG_FILE) ? CONFIG_FILE : File.join(source_path, 'config/foreman_maintain.yml')
+      if defined?(CONFIG_FILE) && File.exist?(CONFIG_FILE)
+        CONFIG_FILE
+      else
+        File.join(source_path, 'config/foreman_maintain.yml')
+      end
     end
 
     def source_path

data/lib/foreman_maintain/package_manager/dnf.rb

@@ -1,14 +1,100 @@
 module ForemanMaintain::PackageManager
-  class Dnf < Yum
-    def clean_cache(assumeyes: false)
-      dnf_action('clean', 'all', :assumeyes => assumeyes)
-      super
+  class Dnf < Base
+    PROTECTOR_CONFIG_FILE = '/etc/dnf/plugins/foreman-protector.conf'.freeze
+    PROTECTOR_WHITELIST_FILE = '/etc/dnf/plugins/foreman-protector.whitelist'.freeze
+
+    def self.parse_envra(envra)
+      # envra format: 0:foreman-1.20.1.10-1.el7sat.noarch
+      parsed = envra.match(/\d*:?(?<name>.*)-[^-]+-[^-]+\.[^.]+/)
+      parsed ? Hash[parsed.names.map(&:to_sym).zip(parsed.captures)].merge(:envra => envra) : nil
+    end
+
+    def lock_versions
+      enable_protector
+    end
+
+    def unlock_versions
+      disable_protector
+    end
+
+    def versions_locked?
+      !!(protector_config =~ /^\s*enabled\s*=\s*1/) &&
+        protector_whitelist_file_nonzero?
+    end
+
+    def protector_whitelist_file_nonzero?
+      File.exist?(PROTECTOR_WHITELIST_FILE) &&
+        !File.zero?(PROTECTOR_WHITELIST_FILE)
     end
 
     def version_locking_supported?
       true
     end
 
+    def installed?(packages)
+      packages_list = [packages].flatten(1).map { |pkg| "'#{pkg}'" }.join(' ')
+      sys.execute?(%(rpm -q #{packages_list}))
+    end
+
+    def find_installed_package(name, queryformat = '')
+      rpm_cmd = "rpm -q '#{name}'"
+      unless queryformat.empty?
+        rpm_cmd += " --qf '#{queryformat}'"
+      end
+      status, result = sys.execute_with_status(rpm_cmd, interactive: false)
+      if status == 0
+        result
+      end
+    end
+
+    def install(packages, assumeyes: false)
+      dnf_action('install', packages, assumeyes: assumeyes)
+    end
+
+    def reinstall(packages, assumeyes: false)
+      dnf_action('reinstall', packages, assumeyes: assumeyes)
+    end
+
+    def remove(packages, assumeyes: false)
+      dnf_action('remove', packages, assumeyes: assumeyes)
+    end
+
+    def update(packages = [], assumeyes: false, dnf_options: [])
+      dnf_action('update', packages, assumeyes: assumeyes, dnf_options: dnf_options)
+    end
+
+    def check_update(packages: nil, with_status: false)
+      dnf_action(
+        'check-update',
+        packages,
+        assumeyes: true,
+        valid_exit_statuses: [0, 100],
+        with_status: with_status
+      )
+    end
+
+    def update_available?(package)
+      cmd_output = dnf_action('check-update -q', package, with_status: true, assumeyes: false)
+      cmd_output[0] == 100
+    end
+
+    def files_not_owned_by_package(directory)
+      find_cmd = "find #{directory} -exec /bin/sh -c 'rpm -qf {} &> /dev/null || echo {}' \\;"
+      sys.execute(find_cmd).split("\n")
+    end
+
+    def list_installed_packages(queryformat = '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n')
+      # The queryformat should only include valid tag(s) as per `rpm --querytags` list.
+      # If any special formatting is required with querytag then it should be provided with tag i.e,
+      # "--%{VENDOR}"
+      # The queryformat string must end with '\n'
+      sys.execute!("rpm -qa --qf '#{queryformat}'").split("\n")
+    end
+
+    def clean_cache(assumeyes: false)
+      dnf_action('clean', 'all', :assumeyes => assumeyes)
+    end
+
     def module_enabled?(name)
       _status, result = info(name)
       result.match?(/Stream.+\[e\].+/)
@@ -29,18 +115,59 @@ module ForemanMaintain::PackageManager
 
     private
 
-    def dnf_action(action, packages, with_status: false, assumeyes: false)
+    # rubocop:disable Metrics/LineLength, Metrics/ParameterLists
+    def dnf_action(action, packages, with_status: false, assumeyes: false, dnf_options: [], valid_exit_statuses: [0])
       packages = [packages].flatten(1)
-      yum_options = []
-      yum_options << '-y' if assumeyes
+
+      dnf_options << '-y' if assumeyes
+      dnf_options << '--disableplugin=foreman-protector'
+
+      command = ['dnf', dnf_options.join(' '), action]
+
+      command.push(packages.join(' ')) unless packages.empty?
+      command = command.join(' ')
+
       if with_status
-        sys.execute_with_status("dnf #{yum_options.join(' ')} #{action} #{packages.join(' ')}",
-          :interactive => !assumeyes)
+        sys.execute_with_status(
+          command,
+          :interactive => !assumeyes
+        )
       else
-        sys.execute!("dnf #{yum_options.join(' ')} #{action} #{packages.join(' ')}",
-          :interactive => !assumeyes)
+        sys.execute!(
+          command,
+          :interactive => !assumeyes,
+          :valid_exit_statuses => valid_exit_statuses
+        )
+      end
+    end
+    # rubocop:enable Metrics/LineLength, Metrics/ParameterLists
 
+    def protector_config
+      File.exist?(protector_config_file) ? File.read(protector_config_file) : ''
+    end
+
+    def protector_config_file
+      PROTECTOR_CONFIG_FILE
+    end
+
+    def enable_protector
+      setup_protector(true)
+    end
+
+    def disable_protector
+      setup_protector(false)
+    end
+
+    def setup_protector(enabled)
+      config = protector_config
+      config += "\n" unless config[-1] == "\n"
+      enabled_re = /^\s*enabled\s*=.*$/
+      if enabled_re.match(config)
+        config = config.gsub(enabled_re, "enabled = #{enabled ? '1' : '0'}")
+      else
+        config += "enabled = #{enabled ? '1' : '0'}\n"
       end
+      File.open(protector_config_file, 'w') { |file| file.puts config }
     end
   end
 end

data/lib/foreman_maintain/package_manager.rb

@@ -1,5 +1,4 @@
 require 'foreman_maintain/package_manager/base'
-require 'foreman_maintain/package_manager/yum'
 require 'foreman_maintain/package_manager/dnf'
 require 'foreman_maintain/package_manager/apt'
 

data/lib/foreman_maintain/repository_manager/el.rb

@@ -72,8 +72,8 @@ module ForemanMaintain::RepositoryManager
                         entry.split(':', 2).last.strip
                       end]
 
-      # The EL7 yum repolist output includes extra info in the output,
-      # as example
+      # repolist output includes extra info in the output
+      #
       # rhel-7-server-rpms/7Server/x86_64
       # rhel-server-rhscl-7-rpms/7Server/x86_64
       # This trims anything after first '/' to get correct repo label

data/lib/foreman_maintain/version.rb

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '1.4.0'.freeze
+  VERSION = '1.4.1'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.4.1
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-06 00:00:00.000000000 Z
+date: 2023-10-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -158,7 +158,6 @@ files:
 - config/foreman_maintain.yml.packaging
 - config/hammer.yml.example
 - definitions/checks/backup/certs_tar_exist.rb
-- definitions/checks/backup/directory_ready.rb
 - definitions/checks/candlepin/db_up.rb
 - definitions/checks/check_for_newer_packages.rb
 - definitions/checks/check_hotfix_installed.rb
@@ -168,15 +167,12 @@ files:
 - definitions/checks/disk/available_space_postgresql12.rb
 - definitions/checks/disk/performance.rb
 - definitions/checks/env_proxy.rb
-- definitions/checks/foreman/check_checkpoint_segments.rb
 - definitions/checks/foreman/check_corrupted_roles.rb
 - definitions/checks/foreman/check_duplicate_permission.rb
-- definitions/checks/foreman/check_duplicate_roles.rb
 - definitions/checks/foreman/check_puppet_capsules.rb
 - definitions/checks/foreman/check_tuning_requirements.rb
 - definitions/checks/foreman/db_up.rb
 - definitions/checks/foreman/facts_names.rb
-- definitions/checks/foreman/puppet_class_duplicates.rb
 - definitions/checks/foreman/validate_external_db_version.rb
 - definitions/checks/foreman_openscap/invalid_report_associations.rb
 - definitions/checks/foreman_proxy/check_tftp_storage.rb
@@ -188,8 +184,7 @@ files:
 - definitions/checks/foreman_tasks/not_running.rb
 - definitions/checks/maintenance_mode/check_consistency.rb
 - definitions/checks/non_rh_packages.rb
-- definitions/checks/original_assets.rb
-- definitions/checks/package_manager/yum/validate_yum_config.rb
+- definitions/checks/package_manager/dnf/validate_dnf_config.rb
 - definitions/checks/pulpcore/db_up.rb
 - definitions/checks/puppet/verify_no_empty_cacert_requests.rb
 - definitions/checks/repositories/check_non_rh_repository.rb
@@ -259,11 +254,9 @@ files:
 - definitions/procedures/crond/start.rb
 - definitions/procedures/crond/stop.rb
 - definitions/procedures/files/remove.rb
-- definitions/procedures/foreman/apipie_cache.rb
 - definitions/procedures/foreman/fix_corrupted_roles.rb
 - definitions/procedures/foreman/remove_duplicate_obsolete_roles.rb
 - definitions/procedures/foreman/remove_duplicate_permissions.rb
-- definitions/procedures/foreman_docker/remove_foreman_docker.rb
 - definitions/procedures/foreman_maintain_features.rb
 - definitions/procedures/foreman_openscap/invalid_report_associations.rb
 - definitions/procedures/foreman_proxy/features.rb
@@ -342,7 +335,6 @@ files:
 - extras/foreman_protector/dnf/foreman-protector.py
 - extras/foreman_protector/foreman-protector.conf
 - extras/foreman_protector/foreman-protector.whitelist
-- extras/foreman_protector/yum/foreman-protector.py
 - lib/foreman_maintain.rb
 - lib/foreman_maintain/check.rb
 - lib/foreman_maintain/cli.rb
@@ -397,7 +389,6 @@ files:
 - lib/foreman_maintain/package_manager/apt.rb
 - lib/foreman_maintain/package_manager/base.rb
 - lib/foreman_maintain/package_manager/dnf.rb
-- lib/foreman_maintain/package_manager/yum.rb
 - lib/foreman_maintain/param.rb
 - lib/foreman_maintain/procedure.rb
 - lib/foreman_maintain/reporter.rb

data/definitions/checks/backup/directory_ready.rb

@@ -1,23 +0,0 @@
-module Checks::Backup
-  class DirectoryReady < ForemanMaintain::Check
-    metadata do
-      description 'Check if the directory exists and is writable'
-      tags :backup
-      manual_detection
-      param :backup_dir, 'Directory where to backup to', :required => true
-      param :preserve_dir, 'Directory where to backup to', :flag => true, :default => false
-      param :postgres_access, 'Whether the postgres user needs access', :flag => true,
-        :default => false
-    end
-
-    def run
-      assert(File.directory?(@backup_dir), "Backup directory (#{@backup_dir}) does not exist.")
-      if feature(:instance).postgresql_local? && @postgres_access
-        result = system("runuser - postgres -c 'test -w #{@backup_dir}'")
-        assert(result, "Postgres user needs write access to the backup directory \n" \
-          "Please allow the postgres user write access to #{@backup_dir}" \
-          ' or choose another directory.')
-      end
-    end
-  end
-end

data/definitions/checks/foreman/check_checkpoint_segments.rb

@@ -1,59 +0,0 @@
-module Checks
-  module Foreman
-    class CheckpointSegments < ForemanMaintain::Check
-      metadata do
-        label :check_postgresql_checkpoint_segments
-        description 'Check if checkpoint_segments configuration exists on the system'
-        confine do
-          feature(:foreman) && feature(:installer) &&
-            File.exist?(feature(:installer).custom_hiera_file)
-        end
-      end
-
-      def run
-        failure_message = check_custom_hiera
-        fail! failure_message if failure_message
-      end
-
-      # rubocop:disable Metrics/MethodLength
-      def check_custom_hiera
-        hiera_file = feature(:installer).custom_hiera_file
-        begin
-          config = YAML.load_file(hiera_file)
-          if config.is_a?(Hash) && config.key?('postgresql::server::config_entries')
-            if config['postgresql::server::config_entries'].nil?
-              return <<-MESSAGE.strip_heredoc
-              ERROR: 'postgresql::server::config_entries' cannot be null.
-              Please remove it from following file and re-run the command.
-              - #{hiera_file}
-              MESSAGE
-            elsif config['postgresql::server::config_entries'].key?('checkpoint_segments')
-              message = <<-MESSAGE.strip_heredoc
-              ERROR: Tuning option 'checkpoint_segments' found.
-              This option is no longer valid for PostgreSQL 9.5 or newer.
-              Please remove it from following file and re-run the command.
-              - #{hiera_file}
-              MESSAGE
-              if feature(:katello)
-                message += <<-MESSAGE.strip_heredoc
-                The presence of checkpoint_segments in #{hiera_file} indicates manual tuning.
-                Manual tuning can override values provided by the --tuning parameter.
-                Review #{hiera_file} for values that are already provided by the built in tuning profiles.
-                Built in tuning profiles also provide a supported upgrade path.
-                MESSAGE
-              end
-              return message
-            end
-          elsif config.is_a?(String)
-            fail! "Error: File #{hiera_file} is not a yaml file."
-            exit 1
-          end
-        rescue Psych::SyntaxError
-          fail! "Found syntax error in file: #{hiera_file}"
-          exit 1
-        end
-      end
-      # rubocop:enable Metrics/MethodLength
-    end
-  end
-end

data/definitions/checks/foreman/check_duplicate_roles.rb

@@ -1,42 +0,0 @@
-module Checks
-  module Foreman
-    class CheckDuplicateRoles < ForemanMaintain::Check
-      metadata do
-        label :duplicate_roles
-        for_feature :foreman_database
-        description 'Check for duplicate roles from DB'
-        tags :pre_upgrade
-        confine do
-          check_max_version('foreman', '1.20')
-        end
-      end
-
-      def run
-        duplicate_roles = find_duplicate_roles
-        roles_names = duplicate_roles.map { |r| r['name'] }.uniq
-        assert(
-          duplicate_roles.empty?,
-          "Duplicate entries found for role(s) - #{roles_names.join(', ')} in your DB",
-          :next_steps => [
-            Procedures::Foreman::RemoveDuplicateObsoleteRoles.new,
-            Procedures::KnowledgeBaseArticle.new(
-              :doc => 'fix_db_migrate_failure_on_duplicate_roles'
-            ),
-          ]
-        )
-      end
-
-      def find_duplicate_roles
-        feature(:foreman_database).query(self.class.query_to_get_duplicate_roles)
-      end
-
-      def self.query_to_get_duplicate_roles
-        <<-SQL
-          SELECT r.id, r.name FROM roles r JOIN (
-            SELECT name, COUNT(*) FROM roles GROUP BY name HAVING count(*) > 1
-          ) dr ON r.name = dr.name ORDER BY r.name
-        SQL
-      end
-    end
-  end
-end

data/definitions/checks/foreman/puppet_class_duplicates.rb

@@ -1,48 +0,0 @@
-module Checks
-  module Foreman
-    class PuppetClassDuplicates < ForemanMaintain::Check
-      metadata do
-        label :puppet_class_duplicates
-        for_feature :foreman_database
-        description 'Check for duplicate Puppet class records'
-        tags :pre_upgrade
-        confine do
-          check_max_version('foreman', '1.20')
-        end
-      end
-
-      def run
-        duplicate_names = find_duplicate_names
-        assert(duplicate_names.empty?, duplicate_msg(duplicate_names))
-      end
-
-      private
-
-      def duplicate_msg(duplicate_names)
-        msg = "There are #{duplicate_names.count} Puppet classes with duplicities:\n"
-        classes_list = duplicate_names.reduce('') do |memo, hash|
-          memo.tap { |acc| acc << "#{hash['name']} - #{hash['name_count']}\n" }
-        end
-        help_msg = 'Please head over to Configure -> Classes'
-        help_msg << " and make sure there is only 1 Puppet class record for each name.\n"
-        [msg, classes_list, help_msg].join('')
-      end
-
-      def find_duplicate_names
-        feature(:foreman_database).query(duplicate_names_query)
-      end
-
-      def duplicate_names_query
-        <<-SQL
-          SELECT name, name_count
-          FROM (
-            SELECT name, count(name) AS name_count
-            FROM puppetclasses
-            GROUP BY name
-          ) AS puppetclass_counts
-          WHERE name_count > 1
-        SQL
-      end
-    end
-  end
-end

data/definitions/checks/original_assets.rb

@@ -1,23 +0,0 @@
-class Checks::OriginalAssets < ForemanMaintain::Check
-  metadata do
-    description 'Check if only installed assets are present on the system'
-    tags :post_upgrade
-    for_feature :foreman_server
-  end
-
-  ASSETS_DIR = '/var/lib/foreman/public/assets'.freeze
-
-  def run
-    custom_assets = []
-    product_name = feature(:instance).product_name
-    with_spinner('Checking for presence of non-original assets...') do
-      custom_assets = package_manager.files_not_owned_by_package(ASSETS_DIR)
-      logger.info("Non-original assets detected:\n" + custom_assets.join("\n"))
-    end
-    remove_files = Procedures::Files::Remove.new(:files => custom_assets, :assumeyes => true)
-    assert(custom_assets.empty?,
-      "Some assets not owned by #{product_name} were detected on the system.\n" \
-        'Possible conflicting versions can affect operation of the Web UI.',
-      :next_steps => remove_files)
-  end
-end

data/definitions/procedures/foreman/apipie_cache.rb

@@ -1,12 +0,0 @@
-module Procedures::Foreman
-  class ApipieCache < ForemanMaintain::Procedure
-    metadata do
-      advanced_run false
-      description 'Regenerate Apipie cache'
-    end
-
-    def run
-      execute!('FOREMAN_APIPIE_LANGS=en foreman-rake apipie:cache')
-    end
-  end
-end

data/definitions/procedures/foreman_docker/remove_foreman_docker.rb

@@ -1,16 +0,0 @@
-module Procedures::ForemanDocker
-  class RemoveForemanDocker < ForemanMaintain::Procedure
-    metadata do
-      advanced_run false
-      description 'Drop foreman_docker plugin'
-      confine do
-        find_package(foreman_plugin_name('foreman_docker'))
-      end
-    end
-
-    def run
-      execute!('foreman-rake foreman_docker:cleanup')
-      packages_action(:remove, foreman_plugin_name('foreman_docker'), :assumeyes => true)
-    end
-  end
-end

data/extras/foreman_protector/yum/foreman-protector.py

@@ -1,86 +0,0 @@
-from yum.plugins import PluginYumExit
-from yum.plugins import TYPE_CORE
-from rpmUtils.miscutils import splitFilename
-from yum.packageSack import packagesNewestByName
-
-import urlgrabber
-import urlgrabber.grabber
-
-import os
-import fnmatch
-import tempfile
-import time
-
-requires_api_version = '2.1'
-plugin_type = (TYPE_CORE,)
-
-_package_whitelist = set()
-fileurl = None
-
-def _load_whitelist():
-    try:
-      if fileurl:
-        llfile = urlgrabber.urlopen(fileurl)
-        for line in llfile.readlines():
-            if line.startswith('#') or line.strip() == '':
-                continue
-            _package_whitelist.add(line.rstrip().lower())
-        llfile.close()
-    except urlgrabber.grabber.URLGrabError as e:
-        raise PluginYumExit('Unable to read Foreman protector"s configuration: %s' % e)
-
-def _add_obsoletes(conduit):
-    if _package_whitelist:
-        #  If anything obsoletes something that we have whitelisted ... then
-        # whitelist that too.
-        for (pkgtup, instTup) in conduit._base.up.getObsoletesTuples():
-            if instTup[0] not in _package_whitelist:
-                continue
-            _package_whitelist.add(pkgtup[0].lower())
-
-def _get_updates(base):
-    updates = {}
-
-    for p in base.pkgSack.returnNewestByName():
-        if p.name in _package_whitelist:
-            # This one is whitelisted, skip
-            continue
-        updates[p.name] = p
-
-    return updates
-
-def config_hook(conduit):
-    global fileurl
-
-    fileurl = conduit.confString('main', 'whitelist')
-
-def _add_package_whitelist_excluders(conduit):
-    if hasattr(conduit, 'registerPackageName'):
-        conduit.registerPackageName("yum-plugin-foreman-protector")
-    ape = conduit._base.pkgSack.addPackageExcluder
-    exid = 'foreman-protector.W.'
-    ape(None, exid + str(1), 'mark.washed')
-    ape(None, exid + str(2), 'wash.name.in', _package_whitelist)
-    ape(None, exid + str(3), 'exclude.marked')
-
-def exclude_hook(conduit):
-    conduit.info(3, 'Reading Foreman protector configuration')
-
-    _load_whitelist()
-    _add_obsoletes(conduit)
-
-    total = len(_get_updates(conduit._base))
-    conduit.info(3, '*** Excluded total: %s' % total)
-    if total:
-        if total > 1:
-            suffix = 's'
-        else:
-            suffix = ''
-        conduit.info(1, '\n'
-                        'WARNING: Excluding %d package%s due to foreman-protector. \n'
-                        'Use foreman-maintain packages install/update <package> \n'
-                        'to safely install packages without restrictions.\n'
-                        'Use foreman-maintain upgrade run for full upgrade.\n'
-                        % (total, suffix))
-
-    _add_package_whitelist_excluders(conduit)

data/lib/foreman_maintain/package_manager/yum.rb

@@ -1,142 +0,0 @@
-module ForemanMaintain::PackageManager
-  class Yum < Base
-    PROTECTOR_CONFIG_FILE = '/etc/yum/pluginconf.d/foreman-protector.conf'.freeze
-    PROTECTOR_WHITELIST_FILE = '/etc/yum/pluginconf.d/foreman-protector.whitelist'.freeze
-
-    def self.parse_envra(envra)
-      # envra format: 0:foreman-1.20.1.10-1.el7sat.noarch
-      parsed = envra.match(/\d*:?(?<name>.*)-[^-]+-[^-]+\.[^.]+/)
-      parsed ? Hash[parsed.names.map(&:to_sym).zip(parsed.captures)].merge(:envra => envra) : nil
-    end
-
-    def lock_versions
-      enable_protector
-    end
-
-    def unlock_versions
-      disable_protector
-    end
-
-    def versions_locked?
-      !!(protector_config =~ /^\s*enabled\s*=\s*1/) &&
-        protector_whitelist_file_nonzero?
-    end
-
-    def protector_whitelist_file_nonzero?
-      File.exist?(PROTECTOR_WHITELIST_FILE) &&
-        !File.zero?(PROTECTOR_WHITELIST_FILE)
-    end
-
-    def version_locking_supported?
-      true
-    end
-
-    def installed?(packages)
-      packages_list = [packages].flatten(1).map { |pkg| "'#{pkg}'" }.join(' ')
-      sys.execute?(%(rpm -q #{packages_list}))
-    end
-
-    def find_installed_package(name, queryformat = '')
-      rpm_cmd = "rpm -q '#{name}'"
-      unless queryformat.empty?
-        rpm_cmd += " --qf '#{queryformat}'"
-      end
-      status, result = sys.execute_with_status(rpm_cmd)
-      if status == 0
-        result
-      end
-    end
-
-    def install(packages, assumeyes: false)
-      yum_action('install', packages, :assumeyes => assumeyes)
-    end
-
-    def reinstall(packages, assumeyes: false)
-      yum_action('reinstall', packages, :assumeyes => assumeyes)
-    end
-
-    def remove(packages, assumeyes: false)
-      yum_action('remove', packages, :assumeyes => assumeyes)
-    end
-
-    def update(packages = [], assumeyes: false, yum_options: [])
-      yum_action('update', packages, :assumeyes => assumeyes, :yum_options => yum_options)
-    end
-
-    def clean_cache(assumeyes: false)
-      yum_action('clean', 'all', :assumeyes => assumeyes)
-    end
-
-    def check_update(packages: nil, with_status: false)
-      yum_action('check-update', packages, :assumeyes => true, :valid_exit_statuses => [0, 100],
-                                           :with_status => with_status)
-    end
-
-    def update_available?(package)
-      cmd_output = yum_action('check-update -q', package, :with_status => true, :assumeyes => false)
-      cmd_output[0] == 100
-    end
-
-    def files_not_owned_by_package(directory)
-      find_cmd = "find #{directory} -exec /bin/sh -c 'rpm -qf {} &> /dev/null || echo {}' \\;"
-      sys.execute(find_cmd).split("\n")
-    end
-
-    def list_installed_packages(queryformat = '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n')
-      # The queryformat should only include valid tag(s) as per `rpm --querytags` list.
-      # If any special formatting is required with querytag then it should be provided with tag i.e,
-      # "--%{VENDOR}"
-      # The queryformat string must end with '\n'
-      sys.execute!("rpm -qa --qf '#{queryformat}'").split("\n")
-    end
-
-    private
-
-    def protector_config
-      File.exist?(protector_config_file) ? File.read(protector_config_file) : ''
-    end
-
-    def protector_config_file
-      PROTECTOR_CONFIG_FILE
-    end
-
-    def enable_protector
-      setup_protector(true)
-    end
-
-    def disable_protector
-      setup_protector(false)
-    end
-
-    def setup_protector(enabled)
-      config = protector_config
-      config += "\n" unless config[-1] == "\n"
-      enabled_re = /^\s*enabled\s*=.*$/
-      if enabled_re.match(config)
-        config = config.gsub(enabled_re, "enabled = #{enabled ? '1' : '0'}")
-      else
-        config += "enabled = #{enabled ? '1' : '0'}\n"
-      end
-      File.open(protector_config_file, 'w') { |file| file.puts config }
-    end
-
-    def yum_action(action, packages, options)
-      with_status = options.fetch(:with_status, false)
-      assumeyes = options.fetch(:assumeyes, false)
-      valid_exit_statuses = options.fetch(:valid_exit_statuses, [0])
-      yum_options = options.fetch(:yum_options, [])
-      packages = [packages].flatten(1)
-      yum_options << '-y' if assumeyes
-      yum_options << '--disableplugin=foreman-protector'
-      yum_options_s = yum_options.empty? ? '' : ' ' + yum_options.join(' ')
-      packages_s = packages.empty? ? '' : ' ' + packages.join(' ')
-      if with_status
-        sys.execute_with_status("yum#{yum_options_s} #{action}#{packages_s}",
-          :interactive => !assumeyes)
-      else
-        sys.execute!("yum#{yum_options_s} #{action}#{packages_s}",
-          :interactive => !assumeyes, :valid_exit_statuses => valid_exit_statuses)
-      end
-    end
-  end
-end