foreman_maintain 1.8.1 → 1.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 076bba551da26888de415a1f67a2b1950493db5cbcc8ace83b3efd0498ffa96d
-  data.tar.gz: b39e663f0109565f11303ce1cd02740e8b937dbd554ff3d8123446b63d09e073
+  metadata.gz: 9209b1f3f4a9910f6a635cd5876edbb3f9fa59e1381e532ae4961e18627fe638
+  data.tar.gz: 8a7f2e3ba17c629eea5535f86b94bb1be409620d520da3c0d96c61c1aea5009f
 SHA512:
-  metadata.gz: 636a6a7fde3ba794afd5080133c38ec4f77533190659b901fc796daa6c0130f7b213c2e9572b1c149e6a6a55911423c5431606b7e119cbe5613b7f91543bface
-  data.tar.gz: c7361d2bc970e0d58b6e4a2f4fb32550720ceb3565759447305c36339015ad96cc19722e53f9a21130834f3a582b29614de5848d04c7ea1a950b83ed5b2693f8
+  metadata.gz: 97e0f20269bc3b480bc429e91d7d119520ea4592162362f75efd42e9a4bc71200f4d13ff07b7103185200293826a3d887db265f99a2b7c94c385bd94a2eab352
+  data.tar.gz: de0dce8771c46602be6124a04a58b935529c051b2efb7d7f38fc8b5dd25e7b0d2203580335eb9038f2e6b21b79e0dab87a361e38ba173cb6f936bcfcd7378beb

data/definitions/checks/foreman/check_external_db_evr_permissions.rb

@@ -0,0 +1,61 @@
+module Checks
+  module Foreman
+    class CheckExternalDbEvrPermissions < ForemanMaintain::Check
+      metadata do
+        label :external_db_evr_permissions
+        for_feature :foreman_database
+        description 'Check that external databases have proper EVR extension permissions'
+        tags :pre_upgrade
+        confine do
+          feature(:foreman_database) && !feature(:foreman_database).local? && feature(:katello)
+        end
+      end
+
+      def run
+        return true unless evr_exists?
+
+        error_msg = 'The evr extension is not owned by the foreman database owner. ' \
+              'Please run the following command on the external foreman database to fix it: ' \
+              'UPDATE pg_extension SET extowner = (SELECT oid FROM pg_authid WHERE ' \
+              "rolname='#{foreman_db_user}') WHERE extname='evr';"
+        fail!(error_msg) unless foreman_owns_evr?
+      end
+
+      private
+
+      def foreman_db_user
+        feature(:foreman_database).configuration['username'] || 'foreman'
+      end
+
+      def evr_exists?
+        evr_exists = feature(:foreman_database).query(query_for_evr_existence)
+        return false if evr_exists.empty?
+        return evr_exists.first['evr_exists'] == '1'
+      end
+
+      def foreman_owns_evr?
+        evr_owned_by_postgres = feature(:foreman_database).query(query_if_postgres_owns_evr)
+        unless evr_owned_by_postgres.empty?
+          return evr_owned_by_postgres.first['evr_owned_by_postgres'] == '0'
+        end
+        failure_msg = 'Could not determine if the evr extension is owned by the ' \
+                'foreman database owner. Check that the foreman database is accessible ' \
+                "and that the database connection configuration is up to date."
+        fail!(failure_msg)
+      end
+
+      def query_for_evr_existence
+        <<-SQL
+          SELECT 1 AS evr_exists FROM pg_extension WHERE extname = 'evr'
+        SQL
+      end
+
+      def query_if_postgres_owns_evr
+        <<-SQL
+          SELECT CASE WHEN r.rolname = '#{foreman_db_user}' THEN 0 ELSE 1 END AS evr_owned_by_postgres
+          FROM pg_extension e JOIN pg_roles r ON e.extowner = r.oid WHERE e.extname = 'evr'
+        SQL
+      end
+    end
+  end
+end

data/definitions/checks/restore/validate_backup.rb

@@ -42,35 +42,30 @@ module Checks::Restore
     def required_katello_files(backup)
       backup_files_message(
         backup.katello_online_files.join(', '),
-        backup.katello_offline_files.join(', '),
-        [backup.katello_online_files + backup.katello_offline_files].join(', ')
+        backup.katello_offline_files.join(', ')
       )
     end
 
     def required_fpc_files(backup)
       backup_files_message(
         backup.fpc_online_files.join(', '),
-        backup.fpc_offline_files.join(', '),
-        [backup.fpc_online_files + backup.fpc_offline_files].join(', ')
+        backup.fpc_offline_files.join(', ')
       )
     end
 
     def required_foreman_files(backup)
       backup_files_message(
         backup.foreman_online_files.join(', '),
-        backup.foreman_offline_files.join(', '),
-        [backup.foreman_online_files + backup.foreman_offline_files].join(', ')
+        backup.foreman_offline_files.join(', ')
       )
     end
 
-    def backup_files_message(online_files, offline_files, logical_files)
+    def backup_files_message(online_files, offline_files)
       message = ''
       message += 'An online or remote database backup directory contains: '
       message += "#{online_files}\n"
       message += 'An offline backup directory contains: '
       message += "#{offline_files}\n"
-      message += 'A logical backup directory contains: '
-      message += "#{logical_files}\n"
       message
     end
   end

data/definitions/features/foreman_proxy.rb

@@ -70,6 +70,7 @@ class Features::ForemanProxy < ForemanMaintain::Feature
       configs += ['/var/lib/dhcpd', File.dirname(dhcpd_config_file)]
     end
     configs.push('/usr/share/xml/scap') if backup_features.include?('openscap')
+    configs.push('/etc/ansible') if backup_features.include?('ansible')
     configs
   end
 

data/definitions/features/puppet_server.rb

@@ -26,10 +26,6 @@ class Features::PuppetServer < ForemanMaintain::Feature
     find_package('puppetserver') ? [system_service('puppetserver', 30)] : []
   end
 
-  def puppet_version
-    version(execute!("#{puppet_path} --version"))
-  end
-
   def find_empty_cacert_request_files
     cmd_output = execute!("find #{cacert_requests_directory} -type f -size 0 | paste -d, -s")
     cmd_output.split(',')

data/definitions/procedures/pulpcore/container_handle_image_metadata.rb

@@ -14,8 +14,7 @@ module Procedures::Pulpcore
 
         feature(:service).handle_services(spinner, 'start', :only => necessary_services)
 
-        spinner.update('Adding image metadata to pulp. You can continue using the ' \
-               'system normally while the task runs in the background.')
+        spinner.update('Adding image metadata to pulp.')
         execute!(pulpcore_manager('container-handle-image-data'))
       end
     end

data/definitions/procedures/repositories/index_katello_repositories_container_metadata.rb

@@ -8,8 +8,7 @@ module Procedures::Repositories
     end
 
     def run
-      with_spinner(('Adding image metadata. You can continue using the ' \
-                    'system normally while the task runs in the background.')) do
+      with_spinner('Adding image metadata to Katello.') do
         execute!('foreman-rake katello:import_container_manifest_labels')
       end
     end

data/definitions/scenarios/foreman_upgrade.rb

@@ -40,6 +40,7 @@ module Scenarios::Foreman
         Checks::Disk::AvailableSpaceCandlepin, # if candlepin
         Checks::Disk::AvailableSpacePostgresql13,
         Checks::Foreman::ValidateExternalDbVersion, # if external database
+        Checks::Foreman::CheckExternalDbEvrPermissions, # if external database
         Checks::Foreman::CheckCorruptedRoles,
         Checks::Foreman::CheckDuplicatePermissions,
         Checks::Foreman::TuningRequirements, # if katello present

data/definitions/scenarios/satellite_upgrade.rb

@@ -39,6 +39,7 @@ module Scenarios::Satellite
         Checks::Disk::AvailableSpace,
         Checks::Disk::AvailableSpaceCandlepin, # if candlepin
         Checks::Foreman::ValidateExternalDbVersion, # if external database
+        Checks::Foreman::CheckExternalDbEvrPermissions, # if external database
         Checks::Foreman::CheckCorruptedRoles,
         Checks::Foreman::CheckDuplicatePermissions,
         Checks::Foreman::TuningRequirements, # if katello present

data/lib/foreman_maintain/utils/backup.rb

@@ -67,18 +67,15 @@ module ForemanMaintain
       end
 
       def valid_fpc_backup?
-        fpc_online_backup? || fpc_standard_backup? || fpc_logical_backup? || \
-          fpc_hybrid_db_backup?
+        fpc_online_backup? || fpc_standard_backup?
       end
 
       def valid_katello_backup?
-        katello_online_backup? || katello_standard_backup? || katello_logical_backup? || \
-          # Katello can have setup where some of dbs are external but not all
-          katello_hybrid_db_backup?
+        katello_online_backup? || katello_standard_backup?
       end
 
       def valid_foreman_backup?
-        foreman_standard_backup? || foreman_online_backup? || foreman_logical_backup?
+        foreman_standard_backup? || foreman_online_backup?
       end
 
       def check_file_existence(existence_map)
@@ -111,19 +108,6 @@ module ForemanMaintain
           :absent => absent)
       end
 
-      def katello_logical_backup?
-        present = [:pgsql_data, :candlepin_dump, :foreman_dump, :pulpcore_dump]
-        absent = []
-        check_file_existence(:present => present,
-          :absent => absent)
-      end
-
-      def katello_hybrid_db_backup?
-        all_dbs = { :pgsql_data => %w[candlepin foreman pulpcore] }
-        present, absent = dumps_for_hybrid_db_setup(all_dbs)
-        check_file_existence(:present => present, :absent => absent)
-      end
-
       def fpc_standard_backup?
         present = [:pgsql_data]
         absent = [:candlepin_dump, :foreman_dump, :pulpcore_dump]
@@ -137,19 +121,6 @@ module ForemanMaintain
         check_file_existence(:present => present, :absent => absent)
       end
 
-      def fpc_logical_backup?
-        present = [:pulpcore_dump, :pgsql_data]
-        absent = [:candlepin_dump, :foreman_dump]
-        check_file_existence(:present => present, :absent => absent)
-      end
-
-      def fpc_hybrid_db_backup?
-        all_dbs = { :pgsql_data => ['pulpcore'] }
-        present, absent = dumps_for_hybrid_db_setup(all_dbs)
-        absent.concat [:candlepin_dump, :foreman_dump]
-        check_file_existence(:present => present, :absent => absent)
-      end
-
       def foreman_standard_backup?
         check_file_existence(:present => [:pgsql_data],
           :absent => [:candlepin_dump, :foreman_dump, :pulpcore_dump])
@@ -160,30 +131,6 @@ module ForemanMaintain
           :absent => [:candlepin_dump, :pgsql_data, :pulpcore_dump])
       end
 
-      def foreman_logical_backup?
-        check_file_existence(:present => [:pgsql_data, :foreman_dump],
-          :absent => [:candlepin_dump, :pulpcore_dump])
-      end
-
-      def dumps_for_hybrid_db_setup(dbs_hash)
-        present = []
-        absent = []
-        dbs_hash.each do |data_file, dbs|
-          dbs.each do |db|
-            feature_label = "#{db}_database"
-            dump_file = "#{db}_dump"
-            if feature(feature_label.to_sym).local?
-              present |= [data_file]
-              absent << dump_file.to_sym
-            else
-              present << dump_file.to_sym
-            end
-          end
-          absent |= [data_file] unless present.include?(data_file)
-        end
-        [present, absent]
-      end
-
       def validate_hostname?
         # make sure that the system hostname is the same as the backup
         metadata.fetch('hostname', nil) == hostname

data/lib/foreman_maintain/version.rb

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '1.8.1'.freeze
+  VERSION = '1.9.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 1.8.1
+  version: 1.9.0
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-10-21 00:00:00.000000000 Z
+date: 2024-11-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -142,7 +142,6 @@ email: inecas@redhat.com
 executables:
 - foreman-maintain
 - foreman-maintain-complete
-- foreman-maintain-rotate-tar
 extensions: []
 extra_rdoc_files:
 - LICENSE
@@ -170,6 +169,7 @@ files:
 - definitions/checks/env_proxy.rb
 - definitions/checks/foreman/check_corrupted_roles.rb
 - definitions/checks/foreman/check_duplicate_permission.rb
+- definitions/checks/foreman/check_external_db_evr_permissions.rb
 - definitions/checks/foreman/check_puppet_capsules.rb
 - definitions/checks/foreman/check_tuning_requirements.rb
 - definitions/checks/foreman/db_up.rb