foreman_maintain 1.4.0 → 1.4.2

data/lib/foreman_maintain/config.rb

@@ -64,7 +64,11 @@ module ForemanMaintain
     end
 
     def config_file_path
-      File.exist?(CONFIG_FILE) ? CONFIG_FILE : File.join(source_path, 'config/foreman_maintain.yml')
+      if defined?(CONFIG_FILE) && File.exist?(CONFIG_FILE)
+        CONFIG_FILE
+      else
+        File.join(source_path, 'config/foreman_maintain.yml')
+      end
     end
 
     def source_path

data/lib/foreman_maintain/package_manager/dnf.rb

@@ -1,14 +1,100 @@
 module ForemanMaintain::PackageManager
-  class Dnf < Yum
-    def clean_cache(assumeyes: false)
-      dnf_action('clean', 'all', :assumeyes => assumeyes)
-      super
+  class Dnf < Base
+    PROTECTOR_CONFIG_FILE = '/etc/dnf/plugins/foreman-protector.conf'.freeze
+    PROTECTOR_WHITELIST_FILE = '/etc/dnf/plugins/foreman-protector.whitelist'.freeze
+
+    def self.parse_envra(envra)
+      # envra format: 0:foreman-1.20.1.10-1.el7sat.noarch
+      parsed = envra.match(/\d*:?(?<name>.*)-[^-]+-[^-]+\.[^.]+/)
+      parsed ? Hash[parsed.names.map(&:to_sym).zip(parsed.captures)].merge(:envra => envra) : nil
+    end
+
+    def lock_versions
+      enable_protector
+    end
+
+    def unlock_versions
+      disable_protector
+    end
+
+    def versions_locked?
+      !!(protector_config =~ /^\s*enabled\s*=\s*1/) &&
+        protector_whitelist_file_nonzero?
+    end
+
+    def protector_whitelist_file_nonzero?
+      File.exist?(PROTECTOR_WHITELIST_FILE) &&
+        !File.zero?(PROTECTOR_WHITELIST_FILE)
     end
 
     def version_locking_supported?
       true
     end
 
+    def installed?(packages)
+      packages_list = [packages].flatten(1).map { |pkg| "'#{pkg}'" }.join(' ')
+      sys.execute?(%(rpm -q #{packages_list}))
+    end
+
+    def find_installed_package(name, queryformat = '')
+      rpm_cmd = "rpm -q '#{name}'"
+      unless queryformat.empty?
+        rpm_cmd += " --qf '#{queryformat}'"
+      end
+      status, result = sys.execute_with_status(rpm_cmd, interactive: false)
+      if status == 0
+        result
+      end
+    end
+
+    def install(packages, assumeyes: false)
+      dnf_action('install', packages, assumeyes: assumeyes)
+    end
+
+    def reinstall(packages, assumeyes: false)
+      dnf_action('reinstall', packages, assumeyes: assumeyes)
+    end
+
+    def remove(packages, assumeyes: false)
+      dnf_action('remove', packages, assumeyes: assumeyes)
+    end
+
+    def update(packages = [], assumeyes: false, dnf_options: [])
+      dnf_action('update', packages, assumeyes: assumeyes, dnf_options: dnf_options)
+    end
+
+    def check_update(packages: nil, with_status: false)
+      dnf_action(
+        'check-update',
+        packages,
+        assumeyes: true,
+        valid_exit_statuses: [0, 100],
+        with_status: with_status
+      )
+    end
+
+    def update_available?(package)
+      cmd_output = dnf_action('check-update -q', package, with_status: true, assumeyes: false)
+      cmd_output[0] == 100
+    end
+
+    def files_not_owned_by_package(directory)
+      find_cmd = "find #{directory} -exec /bin/sh -c 'rpm -qf {} &> /dev/null || echo {}' \\;"
+      sys.execute(find_cmd).split("\n")
+    end
+
+    def list_installed_packages(queryformat = '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n')
+      # The queryformat should only include valid tag(s) as per `rpm --querytags` list.
+      # If any special formatting is required with querytag then it should be provided with tag i.e,
+      # "--%{VENDOR}"
+      # The queryformat string must end with '\n'
+      sys.execute!("rpm -qa --qf '#{queryformat}'").split("\n")
+    end
+
+    def clean_cache(assumeyes: false)
+      dnf_action('clean', 'all', :assumeyes => assumeyes)
+    end
+
     def module_enabled?(name)
       _status, result = info(name)
       result.match?(/Stream.+\[e\].+/)
@@ -29,18 +115,59 @@ module ForemanMaintain::PackageManager
 
     private
 
-    def dnf_action(action, packages, with_status: false, assumeyes: false)
+    # rubocop:disable Metrics/LineLength, Metrics/ParameterLists
+    def dnf_action(action, packages, with_status: false, assumeyes: false, dnf_options: [], valid_exit_statuses: [0])
       packages = [packages].flatten(1)
-      yum_options = []
-      yum_options << '-y' if assumeyes
+
+      dnf_options << '-y' if assumeyes
+      dnf_options << '--disableplugin=foreman-protector'
+
+      command = ['dnf', dnf_options.join(' '), action]
+
+      command.push(packages.join(' ')) unless packages.empty?
+      command = command.join(' ')
+
       if with_status
-        sys.execute_with_status("dnf #{yum_options.join(' ')} #{action} #{packages.join(' ')}",
-          :interactive => !assumeyes)
+        sys.execute_with_status(
+          command,
+          :interactive => !assumeyes
+        )
       else
-        sys.execute!("dnf #{yum_options.join(' ')} #{action} #{packages.join(' ')}",
-          :interactive => !assumeyes)
+        sys.execute!(
+          command,
+          :interactive => !assumeyes,
+          :valid_exit_statuses => valid_exit_statuses
+        )
+      end
+    end
+    # rubocop:enable Metrics/LineLength, Metrics/ParameterLists
 
+    def protector_config
+      File.exist?(protector_config_file) ? File.read(protector_config_file) : ''
+    end
+
+    def protector_config_file
+      PROTECTOR_CONFIG_FILE
+    end
+
+    def enable_protector
+      setup_protector(true)
+    end
+
+    def disable_protector
+      setup_protector(false)
+    end
+
+    def setup_protector(enabled)
+      config = protector_config
+      config += "\n" unless config[-1] == "\n"
+      enabled_re = /^\s*enabled\s*=.*$/
+      if enabled_re.match(config)
+        config = config.gsub(enabled_re, "enabled = #{enabled ? '1' : '0'}")
+      else
+        config += "enabled = #{enabled ? '1' : '0'}\n"
       end
+      File.open(protector_config_file, 'w') { |file| file.puts config }
     end
   end
 end

data/lib/foreman_maintain/package_manager.rb

@@ -1,5 +1,4 @@
 require 'foreman_maintain/package_manager/base'
-require 'foreman_maintain/package_manager/yum'
 require 'foreman_maintain/package_manager/dnf'
 require 'foreman_maintain/package_manager/apt'
 

data/lib/foreman_maintain/repository_manager/el.rb

@@ -72,8 +72,8 @@ module ForemanMaintain::RepositoryManager
                         entry.split(':', 2).last.strip
                       end]
 
-      # The EL7 yum repolist output includes extra info in the output,
-      # as example
+      # repolist output includes extra info in the output
+      #
       # rhel-7-server-rpms/7Server/x86_64
       # rhel-server-rhscl-7-rpms/7Server/x86_64
       # This trims anything after first '/' to get correct repo label

data/lib/foreman_maintain/version.rb

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '1.4.0'.freeze
+  VERSION = '1.4.2'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.4.2
 platform: ruby
 authors:
 - Ivan Nečas
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-09-06 00:00:00.000000000 Z
+date: 2023-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -158,9 +158,7 @@ files:
 - config/foreman_maintain.yml.packaging
 - config/hammer.yml.example
 - definitions/checks/backup/certs_tar_exist.rb
-- definitions/checks/backup/directory_ready.rb
 - definitions/checks/candlepin/db_up.rb
-- definitions/checks/check_for_newer_packages.rb
 - definitions/checks/check_hotfix_installed.rb
 - definitions/checks/check_tmout.rb
 - definitions/checks/disk/available_space.rb
@@ -168,15 +166,12 @@ files:
 - definitions/checks/disk/available_space_postgresql12.rb
 - definitions/checks/disk/performance.rb
 - definitions/checks/env_proxy.rb
-- definitions/checks/foreman/check_checkpoint_segments.rb
 - definitions/checks/foreman/check_corrupted_roles.rb
 - definitions/checks/foreman/check_duplicate_permission.rb
-- definitions/checks/foreman/check_duplicate_roles.rb
 - definitions/checks/foreman/check_puppet_capsules.rb
 - definitions/checks/foreman/check_tuning_requirements.rb
 - definitions/checks/foreman/db_up.rb
 - definitions/checks/foreman/facts_names.rb
-- definitions/checks/foreman/puppet_class_duplicates.rb
 - definitions/checks/foreman/validate_external_db_version.rb
 - definitions/checks/foreman_openscap/invalid_report_associations.rb
 - definitions/checks/foreman_proxy/check_tftp_storage.rb
@@ -188,8 +183,7 @@ files:
 - definitions/checks/foreman_tasks/not_running.rb
 - definitions/checks/maintenance_mode/check_consistency.rb
 - definitions/checks/non_rh_packages.rb
-- definitions/checks/original_assets.rb
-- definitions/checks/package_manager/yum/validate_yum_config.rb
+- definitions/checks/package_manager/dnf/validate_dnf_config.rb
 - definitions/checks/pulpcore/db_up.rb
 - definitions/checks/puppet/verify_no_empty_cacert_requests.rb
 - definitions/checks/repositories/check_non_rh_repository.rb
@@ -256,14 +250,13 @@ files:
 - definitions/procedures/backup/snapshot/mount_pulp.rb
 - definitions/procedures/backup/snapshot/mount_pulpcore_db.rb
 - definitions/procedures/backup/snapshot/prepare_mount.rb
+- definitions/procedures/backup/snapshot/snapshot_deprecation_message.rb
 - definitions/procedures/crond/start.rb
 - definitions/procedures/crond/stop.rb
 - definitions/procedures/files/remove.rb
-- definitions/procedures/foreman/apipie_cache.rb
 - definitions/procedures/foreman/fix_corrupted_roles.rb
 - definitions/procedures/foreman/remove_duplicate_obsolete_roles.rb
 - definitions/procedures/foreman/remove_duplicate_permissions.rb
-- definitions/procedures/foreman_docker/remove_foreman_docker.rb
 - definitions/procedures/foreman_maintain_features.rb
 - definitions/procedures/foreman_openscap/invalid_report_associations.rb
 - definitions/procedures/foreman_proxy/features.rb
@@ -280,6 +273,7 @@ files:
 - definitions/procedures/maintenance_mode/disable_maintenance_mode.rb
 - definitions/procedures/maintenance_mode/enable_maintenance_mode.rb
 - definitions/procedures/maintenance_mode/is_enabled.rb
+- definitions/procedures/packages/check_for_reboot.rb
 - definitions/procedures/packages/check_update.rb
 - definitions/procedures/packages/enable_modules.rb
 - definitions/procedures/packages/install.rb
@@ -342,7 +336,6 @@ files:
 - extras/foreman_protector/dnf/foreman-protector.py
 - extras/foreman_protector/foreman-protector.conf
 - extras/foreman_protector/foreman-protector.whitelist
-- extras/foreman_protector/yum/foreman-protector.py
 - lib/foreman_maintain.rb
 - lib/foreman_maintain/check.rb
 - lib/foreman_maintain/cli.rb
@@ -397,7 +390,6 @@ files:
 - lib/foreman_maintain/package_manager/apt.rb
 - lib/foreman_maintain/package_manager/base.rb
 - lib/foreman_maintain/package_manager/dnf.rb
-- lib/foreman_maintain/package_manager/yum.rb
 - lib/foreman_maintain/param.rb
 - lib/foreman_maintain/procedure.rb
 - lib/foreman_maintain/reporter.rb
@@ -433,7 +425,7 @@ homepage: https://github.com/theforeman/foreman_maintain
 licenses:
 - GPL-3.0
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -451,8 +443,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
-signing_key:
+rubygems_version: 3.3.26
+signing_key: 
 specification_version: 4
 summary: Foreman maintenance tool belt
 test_files: []

data/definitions/checks/backup/directory_ready.rb

@@ -1,23 +0,0 @@
-module Checks::Backup
-  class DirectoryReady < ForemanMaintain::Check
-    metadata do
-      description 'Check if the directory exists and is writable'
-      tags :backup
-      manual_detection
-      param :backup_dir, 'Directory where to backup to', :required => true
-      param :preserve_dir, 'Directory where to backup to', :flag => true, :default => false
-      param :postgres_access, 'Whether the postgres user needs access', :flag => true,
-        :default => false
-    end
-
-    def run
-      assert(File.directory?(@backup_dir), "Backup directory (#{@backup_dir}) does not exist.")
-      if feature(:instance).postgresql_local? && @postgres_access
-        result = system("runuser - postgres -c 'test -w #{@backup_dir}'")
-        assert(result, "Postgres user needs write access to the backup directory \n" \
-          "Please allow the postgres user write access to #{@backup_dir}" \
-          ' or choose another directory.')
-      end
-    end
-  end
-end

data/definitions/checks/check_for_newer_packages.rb

@@ -1,67 +0,0 @@
-class Checks::CheckForNewerPackages < ForemanMaintain::Check
-  metadata do
-    label :check_for_newer_packages
-    description 'Check for newer packages and optionally ask for confirmation if not found.'
-
-    param :packages,
-      'package names to validate',
-      :required => true
-    param :manual_confirmation_version,
-      'Version of satellite to ask the user if they are on the latest minor release of.',
-      :required => false
-    manual_detection
-  end
-
-  def run
-    check_for_package_update
-    if @manual_confirmation_version
-      question = 'Confirm that you are running the latest minor release of Satellite '\
-                "#{@manual_confirmation_version}"
-      answer = ask_decision(question, actions_msg: 'y(yes), q(quit)')
-      abort! if answer != :yes
-    end
-  end
-
-  def check_for_package_update
-    exit_status, output = ForemanMaintain.package_manager.check_update(packages: @packages,
-      with_status: true)
-    packages_with_updates = []
-    if exit_status == 100
-      packages_with_updates = compare_pkg_versions(output).select do |_, result|
-        result == -1
-      end.keys
-    end
-
-    unless packages_with_updates.empty?
-      command = ForemanMaintain.pkg_and_cmd_name[1]
-      fail! 'Required updates for some packages detected.'\
-        "\nPlease update to the latest #{@manual_confirmation_version}.z release "\
-        'before proceeding, using:'\
-        "\n# #{command} upgrade run --target-version #{@manual_confirmation_version}.z"
-    end
-  end
-
-  def packages_and_versions(output)
-    pkgs_versions = {}
-    pkg_details = output.split("\n\n")[1].split
-    @packages.each do |pkg|
-      pkg_details.each_with_index do |ele, index|
-        next unless ele.start_with?(pkg)
-        pkgs_versions[pkg] = version(pkg_details[index + 1].split('-').first)
-        break
-      end
-    end
-    pkgs_versions
-  end
-
-  def compare_pkg_versions(output)
-    compare_pkg_versions = {}
-    packages_and_versions = packages_and_versions(output)
-    pkg_versions610 = { 'python3-pulp-2to3-migration' => version('0.12'),
-                        'tfm-rubygem-katello' => version('4.1') }
-    packages_and_versions.each do |name, version|
-      compare_pkg_versions[name] = version.<=>(pkg_versions610[name])
-    end
-    compare_pkg_versions
-  end
-end

data/definitions/checks/foreman/check_checkpoint_segments.rb

@@ -1,59 +0,0 @@
-module Checks
-  module Foreman
-    class CheckpointSegments < ForemanMaintain::Check
-      metadata do
-        label :check_postgresql_checkpoint_segments
-        description 'Check if checkpoint_segments configuration exists on the system'
-        confine do
-          feature(:foreman) && feature(:installer) &&
-            File.exist?(feature(:installer).custom_hiera_file)
-        end
-      end
-
-      def run
-        failure_message = check_custom_hiera
-        fail! failure_message if failure_message
-      end
-
-      # rubocop:disable Metrics/MethodLength
-      def check_custom_hiera
-        hiera_file = feature(:installer).custom_hiera_file
-        begin
-          config = YAML.load_file(hiera_file)
-          if config.is_a?(Hash) && config.key?('postgresql::server::config_entries')
-            if config['postgresql::server::config_entries'].nil?
-              return <<-MESSAGE.strip_heredoc
-              ERROR: 'postgresql::server::config_entries' cannot be null.
-              Please remove it from following file and re-run the command.
-              - #{hiera_file}
-              MESSAGE
-            elsif config['postgresql::server::config_entries'].key?('checkpoint_segments')
-              message = <<-MESSAGE.strip_heredoc
-              ERROR: Tuning option 'checkpoint_segments' found.
-              This option is no longer valid for PostgreSQL 9.5 or newer.
-              Please remove it from following file and re-run the command.
-              - #{hiera_file}
-              MESSAGE
-              if feature(:katello)
-                message += <<-MESSAGE.strip_heredoc
-                The presence of checkpoint_segments in #{hiera_file} indicates manual tuning.
-                Manual tuning can override values provided by the --tuning parameter.
-                Review #{hiera_file} for values that are already provided by the built in tuning profiles.
-                Built in tuning profiles also provide a supported upgrade path.
-                MESSAGE
-              end
-              return message
-            end
-          elsif config.is_a?(String)
-            fail! "Error: File #{hiera_file} is not a yaml file."
-            exit 1
-          end
-        rescue Psych::SyntaxError
-          fail! "Found syntax error in file: #{hiera_file}"
-          exit 1
-        end
-      end
-      # rubocop:enable Metrics/MethodLength
-    end
-  end
-end

data/definitions/checks/foreman/check_duplicate_roles.rb

@@ -1,42 +0,0 @@
-module Checks
-  module Foreman
-    class CheckDuplicateRoles < ForemanMaintain::Check
-      metadata do
-        label :duplicate_roles
-        for_feature :foreman_database
-        description 'Check for duplicate roles from DB'
-        tags :pre_upgrade
-        confine do
-          check_max_version('foreman', '1.20')
-        end
-      end
-
-      def run
-        duplicate_roles = find_duplicate_roles
-        roles_names = duplicate_roles.map { |r| r['name'] }.uniq
-        assert(
-          duplicate_roles.empty?,
-          "Duplicate entries found for role(s) - #{roles_names.join(', ')} in your DB",
-          :next_steps => [
-            Procedures::Foreman::RemoveDuplicateObsoleteRoles.new,
-            Procedures::KnowledgeBaseArticle.new(
-              :doc => 'fix_db_migrate_failure_on_duplicate_roles'
-            ),
-          ]
-        )
-      end
-
-      def find_duplicate_roles
-        feature(:foreman_database).query(self.class.query_to_get_duplicate_roles)
-      end
-
-      def self.query_to_get_duplicate_roles
-        <<-SQL
-          SELECT r.id, r.name FROM roles r JOIN (
-            SELECT name, COUNT(*) FROM roles GROUP BY name HAVING count(*) > 1
-          ) dr ON r.name = dr.name ORDER BY r.name
-        SQL
-      end
-    end
-  end
-end

data/definitions/checks/foreman/puppet_class_duplicates.rb

@@ -1,48 +0,0 @@
-module Checks
-  module Foreman
-    class PuppetClassDuplicates < ForemanMaintain::Check
-      metadata do
-        label :puppet_class_duplicates
-        for_feature :foreman_database
-        description 'Check for duplicate Puppet class records'
-        tags :pre_upgrade
-        confine do
-          check_max_version('foreman', '1.20')
-        end
-      end
-
-      def run
-        duplicate_names = find_duplicate_names
-        assert(duplicate_names.empty?, duplicate_msg(duplicate_names))
-      end
-
-      private
-
-      def duplicate_msg(duplicate_names)
-        msg = "There are #{duplicate_names.count} Puppet classes with duplicities:\n"
-        classes_list = duplicate_names.reduce('') do |memo, hash|
-          memo.tap { |acc| acc << "#{hash['name']} - #{hash['name_count']}\n" }
-        end
-        help_msg = 'Please head over to Configure -> Classes'
-        help_msg << " and make sure there is only 1 Puppet class record for each name.\n"
-        [msg, classes_list, help_msg].join('')
-      end
-
-      def find_duplicate_names
-        feature(:foreman_database).query(duplicate_names_query)
-      end
-
-      def duplicate_names_query
-        <<-SQL
-          SELECT name, name_count
-          FROM (
-            SELECT name, count(name) AS name_count
-            FROM puppetclasses
-            GROUP BY name
-          ) AS puppetclass_counts
-          WHERE name_count > 1
-        SQL
-      end
-    end
-  end
-end

data/definitions/checks/original_assets.rb

@@ -1,23 +0,0 @@
-class Checks::OriginalAssets < ForemanMaintain::Check
-  metadata do
-    description 'Check if only installed assets are present on the system'
-    tags :post_upgrade
-    for_feature :foreman_server
-  end
-
-  ASSETS_DIR = '/var/lib/foreman/public/assets'.freeze
-
-  def run
-    custom_assets = []
-    product_name = feature(:instance).product_name
-    with_spinner('Checking for presence of non-original assets...') do
-      custom_assets = package_manager.files_not_owned_by_package(ASSETS_DIR)
-      logger.info("Non-original assets detected:\n" + custom_assets.join("\n"))
-    end
-    remove_files = Procedures::Files::Remove.new(:files => custom_assets, :assumeyes => true)
-    assert(custom_assets.empty?,
-      "Some assets not owned by #{product_name} were detected on the system.\n" \
-        'Possible conflicting versions can affect operation of the Web UI.',
-      :next_steps => remove_files)
-  end
-end

data/definitions/procedures/foreman/apipie_cache.rb

@@ -1,12 +0,0 @@
-module Procedures::Foreman
-  class ApipieCache < ForemanMaintain::Procedure
-    metadata do
-      advanced_run false
-      description 'Regenerate Apipie cache'
-    end
-
-    def run
-      execute!('FOREMAN_APIPIE_LANGS=en foreman-rake apipie:cache')
-    end
-  end
-end

data/definitions/procedures/foreman_docker/remove_foreman_docker.rb

@@ -1,16 +0,0 @@
-module Procedures::ForemanDocker
-  class RemoveForemanDocker < ForemanMaintain::Procedure
-    metadata do
-      advanced_run false
-      description 'Drop foreman_docker plugin'
-      confine do
-        find_package(foreman_plugin_name('foreman_docker'))
-      end
-    end
-
-    def run
-      execute!('foreman-rake foreman_docker:cleanup')
-      packages_action(:remove, foreman_plugin_name('foreman_docker'), :assumeyes => true)
-    end
-  end
-end