foreman_maintain 1.7.7 → 1.7.8

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 329ada89d3d751c8024bbc6b70a3ef05100ae55ab54de1704b214ef13a49f7e1
4
- data.tar.gz: 34454b5429d9c9666db5a068d8a5149e946360daba3aaeebcb8a72a4f7010a24
3
+ metadata.gz: 8777c6bb442c0912407d6f30a576230c2c55308168b8303d0fb88acdf63ed5ed
4
+ data.tar.gz: 60f93fc85d0f78df89cad0a8de1a50cef4cfc31f171ca97cb84e38811868b5b8
5
5
  SHA512:
6
- metadata.gz: 8fc3733003a48ef868139beab0b0fd3fdf74484ee87bb1f332dbd422aac94aedf527ba22f7e88cdc65a85dfafab299fed03fa16e17d74250f620ddece5c483ea
7
- data.tar.gz: d6b385cddfe41a785733e449a8ca6a79488bc1b820c21f3cf18d186a12a0c3be6ea69dc61599ad186539f74bfd50950685a1a994eb26e05f627847a9860c5624
6
+ metadata.gz: 8ca48978960dfacef447466bbdfcd8f346402591645b0e44ce01d7b00a6c0981a7528c0a066d193807ad503fef6c624c9f0f7d683561cc92f42d07df28cf638b
7
+ data.tar.gz: e318ca1d5e8816e1073068d373b862871dd2b0527c9c0c4de1839ae6ec1e9bbe04c381409350d599a6bce25890acbc21ceb7c0f48224e463ca8cf21c237b9c13
@@ -0,0 +1,27 @@
1
+ class Checks::CheckSha1CertificateAuthority < ForemanMaintain::Check
2
+ metadata do
3
+ label :check_sha1_certificate_authority
4
+ description 'Check if server certificate authority is sha1 signed'
5
+
6
+ confine do
7
+ feature(:katello) || feature(:foreman_proxy)
8
+ end
9
+
10
+ do_not_whitelist
11
+ end
12
+
13
+ def run
14
+ installer_answers = feature(:installer).answers
15
+ server_ca = installer_answers['certs']['server_ca_cert']
16
+
17
+ certificate = OpenSSL::X509::Certificate.new(File.read(server_ca))
18
+
19
+ msg = <<~MSG
20
+ Server CA certificate signed with sha1 which will break on upgrade.
21
+ Update the server CA certificate with one signed with sha256 or
22
+ stronger then proceed with the upgrade.
23
+ MSG
24
+
25
+ assert(certificate.signature_algorithm != 'sha1WithRSAEncryption', msg)
26
+ end
27
+ end
@@ -53,6 +53,7 @@ module Scenarios::Foreman
53
53
  Checks::PackageManager::Dnf::ValidateDnfConfig,
54
54
  Checks::Repositories::CheckNonRhRepository,
55
55
  Checks::CheckOrganizationContentAccessMode,
56
+ Checks::CheckSha1CertificateAuthority,
56
57
  Checks::Repositories::Validate
57
58
  )
58
59
  end
@@ -55,6 +55,7 @@ module Scenarios::Satellite
55
55
  Checks::CheckIpv6Disable,
56
56
  Checks::Disk::AvailableSpacePostgresql13,
57
57
  Checks::CheckOrganizationContentAccessMode,
58
+ Checks::CheckSha1CertificateAuthority,
58
59
  Checks::Repositories::Validate.new(:version => target_version),
59
60
  )
60
61
  end
@@ -1,3 +1,3 @@
1
1
  module ForemanMaintain
2
- VERSION = '1.7.7'.freeze
2
+ VERSION = '1.7.8'.freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foreman_maintain
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.7.7
4
+ version: 1.7.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ivan Nečas
@@ -162,6 +162,7 @@ files:
162
162
  - definitions/checks/candlepin/db_up.rb
163
163
  - definitions/checks/check_hotfix_installed.rb
164
164
  - definitions/checks/check_ipv6_disable.rb
165
+ - definitions/checks/check_sha1_certificate_authority.rb
165
166
  - definitions/checks/check_tmout.rb
166
167
  - definitions/checks/disk/available_space.rb
167
168
  - definitions/checks/disk/available_space_candlepin.rb