foreman_maintain 1.4.0 → 1.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/definitions/checks/check_hotfix_installed.rb +2 -3
- data/definitions/checks/disk/performance.rb +1 -2
- data/definitions/checks/package_manager/{yum/validate_yum_config.rb → dnf/validate_dnf_config.rb} +13 -11
- data/definitions/checks/repositories/check_upstream_repository.rb +1 -2
- data/definitions/features/installer.rb +8 -66
- data/definitions/features/instance.rb +0 -6
- data/definitions/procedures/backup/metadata.rb +5 -3
- data/definitions/procedures/backup/snapshot/snapshot_deprecation_message.rb +14 -0
- data/definitions/procedures/packages/check_for_reboot.rb +16 -0
- data/definitions/procedures/packages/installer_confirmation.rb +1 -1
- data/definitions/procedures/packages/update.rb +3 -3
- data/definitions/scenarios/backup.rb +10 -8
- data/definitions/scenarios/puppet.rb +0 -3
- data/definitions/scenarios/self_upgrade.rb +4 -6
- data/definitions/scenarios/upgrade_to_capsule_6_15.rb +2 -2
- data/definitions/scenarios/upgrade_to_capsule_6_15_z.rb +2 -2
- data/definitions/scenarios/upgrade_to_katello_nightly.rb +1 -1
- data/definitions/scenarios/upgrade_to_satellite_6_15.rb +2 -2
- data/definitions/scenarios/upgrade_to_satellite_6_15_z.rb +2 -2
- data/extras/foreman_protector/foreman-protector.conf +1 -1
- data/extras/foreman_protector/foreman-protector.whitelist +16 -0
- data/lib/foreman_maintain/cli/backup_command.rb +1 -1
- data/lib/foreman_maintain/concerns/base_database.rb +0 -41
- data/lib/foreman_maintain/concerns/system_helpers.rb +2 -2
- data/lib/foreman_maintain/config.rb +5 -1
- data/lib/foreman_maintain/package_manager/dnf.rb +138 -11
- data/lib/foreman_maintain/package_manager.rb +0 -1
- data/lib/foreman_maintain/repository_manager/el.rb +2 -2
- data/lib/foreman_maintain/version.rb +1 -1
- metadata +9 -17
- data/definitions/checks/backup/directory_ready.rb +0 -23
- data/definitions/checks/check_for_newer_packages.rb +0 -67
- data/definitions/checks/foreman/check_checkpoint_segments.rb +0 -59
- data/definitions/checks/foreman/check_duplicate_roles.rb +0 -42
- data/definitions/checks/foreman/puppet_class_duplicates.rb +0 -48
- data/definitions/checks/original_assets.rb +0 -23
- data/definitions/procedures/foreman/apipie_cache.rb +0 -12
- data/definitions/procedures/foreman_docker/remove_foreman_docker.rb +0 -16
- data/extras/foreman_protector/yum/foreman-protector.py +0 -86
- data/lib/foreman_maintain/package_manager/yum.rb +0 -142
|
@@ -1,86 +0,0 @@
|
|
|
1
|
-
from yum.plugins import PluginYumExit
|
|
2
|
-
from yum.plugins import TYPE_CORE
|
|
3
|
-
from rpmUtils.miscutils import splitFilename
|
|
4
|
-
from yum.packageSack import packagesNewestByName
|
|
5
|
-
|
|
6
|
-
import urlgrabber
|
|
7
|
-
import urlgrabber.grabber
|
|
8
|
-
|
|
9
|
-
import os
|
|
10
|
-
import fnmatch
|
|
11
|
-
import tempfile
|
|
12
|
-
import time
|
|
13
|
-
|
|
14
|
-
requires_api_version = '2.1'
|
|
15
|
-
plugin_type = (TYPE_CORE,)
|
|
16
|
-
|
|
17
|
-
_package_whitelist = set()
|
|
18
|
-
fileurl = None
|
|
19
|
-
|
|
20
|
-
def _load_whitelist():
|
|
21
|
-
try:
|
|
22
|
-
if fileurl:
|
|
23
|
-
llfile = urlgrabber.urlopen(fileurl)
|
|
24
|
-
for line in llfile.readlines():
|
|
25
|
-
if line.startswith('#') or line.strip() == '':
|
|
26
|
-
continue
|
|
27
|
-
_package_whitelist.add(line.rstrip().lower())
|
|
28
|
-
llfile.close()
|
|
29
|
-
except urlgrabber.grabber.URLGrabError as e:
|
|
30
|
-
raise PluginYumExit('Unable to read Foreman protector"s configuration: %s' % e)
|
|
31
|
-
|
|
32
|
-
def _add_obsoletes(conduit):
|
|
33
|
-
if _package_whitelist:
|
|
34
|
-
# If anything obsoletes something that we have whitelisted ... then
|
|
35
|
-
# whitelist that too.
|
|
36
|
-
for (pkgtup, instTup) in conduit._base.up.getObsoletesTuples():
|
|
37
|
-
if instTup[0] not in _package_whitelist:
|
|
38
|
-
continue
|
|
39
|
-
_package_whitelist.add(pkgtup[0].lower())
|
|
40
|
-
|
|
41
|
-
def _get_updates(base):
|
|
42
|
-
updates = {}
|
|
43
|
-
|
|
44
|
-
for p in base.pkgSack.returnNewestByName():
|
|
45
|
-
if p.name in _package_whitelist:
|
|
46
|
-
# This one is whitelisted, skip
|
|
47
|
-
continue
|
|
48
|
-
updates[p.name] = p
|
|
49
|
-
|
|
50
|
-
return updates
|
|
51
|
-
|
|
52
|
-
def config_hook(conduit):
|
|
53
|
-
global fileurl
|
|
54
|
-
|
|
55
|
-
fileurl = conduit.confString('main', 'whitelist')
|
|
56
|
-
|
|
57
|
-
def _add_package_whitelist_excluders(conduit):
|
|
58
|
-
if hasattr(conduit, 'registerPackageName'):
|
|
59
|
-
conduit.registerPackageName("yum-plugin-foreman-protector")
|
|
60
|
-
ape = conduit._base.pkgSack.addPackageExcluder
|
|
61
|
-
exid = 'foreman-protector.W.'
|
|
62
|
-
ape(None, exid + str(1), 'mark.washed')
|
|
63
|
-
ape(None, exid + str(2), 'wash.name.in', _package_whitelist)
|
|
64
|
-
ape(None, exid + str(3), 'exclude.marked')
|
|
65
|
-
|
|
66
|
-
def exclude_hook(conduit):
|
|
67
|
-
conduit.info(3, 'Reading Foreman protector configuration')
|
|
68
|
-
|
|
69
|
-
_load_whitelist()
|
|
70
|
-
_add_obsoletes(conduit)
|
|
71
|
-
|
|
72
|
-
total = len(_get_updates(conduit._base))
|
|
73
|
-
conduit.info(3, '*** Excluded total: %s' % total)
|
|
74
|
-
if total:
|
|
75
|
-
if total > 1:
|
|
76
|
-
suffix = 's'
|
|
77
|
-
else:
|
|
78
|
-
suffix = ''
|
|
79
|
-
conduit.info(1, '\n'
|
|
80
|
-
'WARNING: Excluding %d package%s due to foreman-protector. \n'
|
|
81
|
-
'Use foreman-maintain packages install/update <package> \n'
|
|
82
|
-
'to safely install packages without restrictions.\n'
|
|
83
|
-
'Use foreman-maintain upgrade run for full upgrade.\n'
|
|
84
|
-
% (total, suffix))
|
|
85
|
-
|
|
86
|
-
_add_package_whitelist_excluders(conduit)
|
|
@@ -1,142 +0,0 @@
|
|
|
1
|
-
module ForemanMaintain::PackageManager
|
|
2
|
-
class Yum < Base
|
|
3
|
-
PROTECTOR_CONFIG_FILE = '/etc/yum/pluginconf.d/foreman-protector.conf'.freeze
|
|
4
|
-
PROTECTOR_WHITELIST_FILE = '/etc/yum/pluginconf.d/foreman-protector.whitelist'.freeze
|
|
5
|
-
|
|
6
|
-
def self.parse_envra(envra)
|
|
7
|
-
# envra format: 0:foreman-1.20.1.10-1.el7sat.noarch
|
|
8
|
-
parsed = envra.match(/\d*:?(?<name>.*)-[^-]+-[^-]+\.[^.]+/)
|
|
9
|
-
parsed ? Hash[parsed.names.map(&:to_sym).zip(parsed.captures)].merge(:envra => envra) : nil
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
def lock_versions
|
|
13
|
-
enable_protector
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def unlock_versions
|
|
17
|
-
disable_protector
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def versions_locked?
|
|
21
|
-
!!(protector_config =~ /^\s*enabled\s*=\s*1/) &&
|
|
22
|
-
protector_whitelist_file_nonzero?
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
def protector_whitelist_file_nonzero?
|
|
26
|
-
File.exist?(PROTECTOR_WHITELIST_FILE) &&
|
|
27
|
-
!File.zero?(PROTECTOR_WHITELIST_FILE)
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
def version_locking_supported?
|
|
31
|
-
true
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
def installed?(packages)
|
|
35
|
-
packages_list = [packages].flatten(1).map { |pkg| "'#{pkg}'" }.join(' ')
|
|
36
|
-
sys.execute?(%(rpm -q #{packages_list}))
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
def find_installed_package(name, queryformat = '')
|
|
40
|
-
rpm_cmd = "rpm -q '#{name}'"
|
|
41
|
-
unless queryformat.empty?
|
|
42
|
-
rpm_cmd += " --qf '#{queryformat}'"
|
|
43
|
-
end
|
|
44
|
-
status, result = sys.execute_with_status(rpm_cmd)
|
|
45
|
-
if status == 0
|
|
46
|
-
result
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
def install(packages, assumeyes: false)
|
|
51
|
-
yum_action('install', packages, :assumeyes => assumeyes)
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
def reinstall(packages, assumeyes: false)
|
|
55
|
-
yum_action('reinstall', packages, :assumeyes => assumeyes)
|
|
56
|
-
end
|
|
57
|
-
|
|
58
|
-
def remove(packages, assumeyes: false)
|
|
59
|
-
yum_action('remove', packages, :assumeyes => assumeyes)
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
def update(packages = [], assumeyes: false, yum_options: [])
|
|
63
|
-
yum_action('update', packages, :assumeyes => assumeyes, :yum_options => yum_options)
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
def clean_cache(assumeyes: false)
|
|
67
|
-
yum_action('clean', 'all', :assumeyes => assumeyes)
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
def check_update(packages: nil, with_status: false)
|
|
71
|
-
yum_action('check-update', packages, :assumeyes => true, :valid_exit_statuses => [0, 100],
|
|
72
|
-
:with_status => with_status)
|
|
73
|
-
end
|
|
74
|
-
|
|
75
|
-
def update_available?(package)
|
|
76
|
-
cmd_output = yum_action('check-update -q', package, :with_status => true, :assumeyes => false)
|
|
77
|
-
cmd_output[0] == 100
|
|
78
|
-
end
|
|
79
|
-
|
|
80
|
-
def files_not_owned_by_package(directory)
|
|
81
|
-
find_cmd = "find #{directory} -exec /bin/sh -c 'rpm -qf {} &> /dev/null || echo {}' \\;"
|
|
82
|
-
sys.execute(find_cmd).split("\n")
|
|
83
|
-
end
|
|
84
|
-
|
|
85
|
-
def list_installed_packages(queryformat = '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n')
|
|
86
|
-
# The queryformat should only include valid tag(s) as per `rpm --querytags` list.
|
|
87
|
-
# If any special formatting is required with querytag then it should be provided with tag i.e,
|
|
88
|
-
# "--%{VENDOR}"
|
|
89
|
-
# The queryformat string must end with '\n'
|
|
90
|
-
sys.execute!("rpm -qa --qf '#{queryformat}'").split("\n")
|
|
91
|
-
end
|
|
92
|
-
|
|
93
|
-
private
|
|
94
|
-
|
|
95
|
-
def protector_config
|
|
96
|
-
File.exist?(protector_config_file) ? File.read(protector_config_file) : ''
|
|
97
|
-
end
|
|
98
|
-
|
|
99
|
-
def protector_config_file
|
|
100
|
-
PROTECTOR_CONFIG_FILE
|
|
101
|
-
end
|
|
102
|
-
|
|
103
|
-
def enable_protector
|
|
104
|
-
setup_protector(true)
|
|
105
|
-
end
|
|
106
|
-
|
|
107
|
-
def disable_protector
|
|
108
|
-
setup_protector(false)
|
|
109
|
-
end
|
|
110
|
-
|
|
111
|
-
def setup_protector(enabled)
|
|
112
|
-
config = protector_config
|
|
113
|
-
config += "\n" unless config[-1] == "\n"
|
|
114
|
-
enabled_re = /^\s*enabled\s*=.*$/
|
|
115
|
-
if enabled_re.match(config)
|
|
116
|
-
config = config.gsub(enabled_re, "enabled = #{enabled ? '1' : '0'}")
|
|
117
|
-
else
|
|
118
|
-
config += "enabled = #{enabled ? '1' : '0'}\n"
|
|
119
|
-
end
|
|
120
|
-
File.open(protector_config_file, 'w') { |file| file.puts config }
|
|
121
|
-
end
|
|
122
|
-
|
|
123
|
-
def yum_action(action, packages, options)
|
|
124
|
-
with_status = options.fetch(:with_status, false)
|
|
125
|
-
assumeyes = options.fetch(:assumeyes, false)
|
|
126
|
-
valid_exit_statuses = options.fetch(:valid_exit_statuses, [0])
|
|
127
|
-
yum_options = options.fetch(:yum_options, [])
|
|
128
|
-
packages = [packages].flatten(1)
|
|
129
|
-
yum_options << '-y' if assumeyes
|
|
130
|
-
yum_options << '--disableplugin=foreman-protector'
|
|
131
|
-
yum_options_s = yum_options.empty? ? '' : ' ' + yum_options.join(' ')
|
|
132
|
-
packages_s = packages.empty? ? '' : ' ' + packages.join(' ')
|
|
133
|
-
if with_status
|
|
134
|
-
sys.execute_with_status("yum#{yum_options_s} #{action}#{packages_s}",
|
|
135
|
-
:interactive => !assumeyes)
|
|
136
|
-
else
|
|
137
|
-
sys.execute!("yum#{yum_options_s} #{action}#{packages_s}",
|
|
138
|
-
:interactive => !assumeyes, :valid_exit_statuses => valid_exit_statuses)
|
|
139
|
-
end
|
|
140
|
-
end
|
|
141
|
-
end
|
|
142
|
-
end
|