RubyGems - foreman_maintain - Versions diffs - 1.8.2 → 1.9.0 - Mend

foreman_maintain 1.8.2 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/definitions/checks/foreman/check_external_db_evr_permissions.rb +61 -0
data/definitions/scenarios/foreman_upgrade.rb +1 -0
data/definitions/scenarios/satellite_upgrade.rb +1 -0
data/lib/foreman_maintain/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a042b3f0cd480eab2e674abcbd5aecb247943b481bad114e31376610a3b785d0
-  data.tar.gz: 16e74a0e82caffb11d5d0363046bfa5120afab203ce1d88ad88a4311f664e1f4
+  metadata.gz: 9209b1f3f4a9910f6a635cd5876edbb3f9fa59e1381e532ae4961e18627fe638
+  data.tar.gz: 8a7f2e3ba17c629eea5535f86b94bb1be409620d520da3c0d96c61c1aea5009f
 SHA512:
-  metadata.gz: 7bcc01a88e2f8bebb549a83af6d0b1f33a714a76925dc51ee48a2a979611e7d8fc47ed91b162ce97bd004360f9bb8cef7499c34160283e539e63e8b7f4b8315f
-  data.tar.gz: 4e056e25de905cb6bb98da55c10dc1c1a57b99de6ed39b13241c4d09d7e2ca8cbaacaf6a44153ccd0f9675f432cda32ed9cb617399c3258940b0569898b12448
+  metadata.gz: 97e0f20269bc3b480bc429e91d7d119520ea4592162362f75efd42e9a4bc71200f4d13ff07b7103185200293826a3d887db265f99a2b7c94c385bd94a2eab352
+  data.tar.gz: de0dce8771c46602be6124a04a58b935529c051b2efb7d7f38fc8b5dd25e7b0d2203580335eb9038f2e6b21b79e0dab87a361e38ba173cb6f936bcfcd7378beb

data/definitions/checks/foreman/check_external_db_evr_permissions.rb ADDED Viewed

@@ -0,0 +1,61 @@
+module Checks
+  module Foreman
+    class CheckExternalDbEvrPermissions < ForemanMaintain::Check
+      metadata do
+        label :external_db_evr_permissions
+        for_feature :foreman_database
+        description 'Check that external databases have proper EVR extension permissions'
+        tags :pre_upgrade
+        confine do
+          feature(:foreman_database) && !feature(:foreman_database).local? && feature(:katello)
+        end
+      end
+      def run
+        return true unless evr_exists?
+        error_msg = 'The evr extension is not owned by the foreman database owner. ' \
+              'Please run the following command on the external foreman database to fix it: ' \
+              'UPDATE pg_extension SET extowner = (SELECT oid FROM pg_authid WHERE ' \
+              "rolname='#{foreman_db_user}') WHERE extname='evr';"
+        fail!(error_msg) unless foreman_owns_evr?
+      end
+      private
+      def foreman_db_user
+        feature(:foreman_database).configuration['username'] || 'foreman'
+      end
+      def evr_exists?
+        evr_exists = feature(:foreman_database).query(query_for_evr_existence)
+        return false if evr_exists.empty?
+        return evr_exists.first['evr_exists'] == '1'
+      end
+      def foreman_owns_evr?
+        evr_owned_by_postgres = feature(:foreman_database).query(query_if_postgres_owns_evr)
+        unless evr_owned_by_postgres.empty?
+          return evr_owned_by_postgres.first['evr_owned_by_postgres'] == '0'
+        end
+        failure_msg = 'Could not determine if the evr extension is owned by the ' \
+                'foreman database owner. Check that the foreman database is accessible ' \
+                "and that the database connection configuration is up to date."
+        fail!(failure_msg)
+      end
+      def query_for_evr_existence
+        <<-SQL
+          SELECT 1 AS evr_exists FROM pg_extension WHERE extname = 'evr'
+        SQL
+      end
+      def query_if_postgres_owns_evr
+        <<-SQL
+          SELECT CASE WHEN r.rolname = '#{foreman_db_user}' THEN 0 ELSE 1 END AS evr_owned_by_postgres
+          FROM pg_extension e JOIN pg_roles r ON e.extowner = r.oid WHERE e.extname = 'evr'
+        SQL
+      end
+    end
+  end
+end

data/definitions/scenarios/foreman_upgrade.rb CHANGED Viewed

@@ -40,6 +40,7 @@ module Scenarios::Foreman
         Checks::Disk::AvailableSpaceCandlepin, # if candlepin
         Checks::Disk::AvailableSpacePostgresql13,
         Checks::Foreman::ValidateExternalDbVersion, # if external database
+        Checks::Foreman::CheckExternalDbEvrPermissions, # if external database
         Checks::Foreman::CheckCorruptedRoles,
         Checks::Foreman::CheckDuplicatePermissions,
         Checks::Foreman::TuningRequirements, # if katello present

data/definitions/scenarios/satellite_upgrade.rb CHANGED Viewed

@@ -39,6 +39,7 @@ module Scenarios::Satellite
         Checks::Disk::AvailableSpace,
         Checks::Disk::AvailableSpaceCandlepin, # if candlepin
         Checks::Foreman::ValidateExternalDbVersion, # if external database
+        Checks::Foreman::CheckExternalDbEvrPermissions, # if external database
         Checks::Foreman::CheckCorruptedRoles,
         Checks::Foreman::CheckDuplicatePermissions,
         Checks::Foreman::TuningRequirements, # if katello present

data/lib/foreman_maintain/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '1.8.2'.freeze
+  VERSION = '1.9.0'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 1.8.2
+  version: 1.9.0
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-11-13 00:00:00.000000000 Z
+date: 2024-11-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -169,6 +169,7 @@ files:
 - definitions/checks/env_proxy.rb
 - definitions/checks/foreman/check_corrupted_roles.rb
 - definitions/checks/foreman/check_duplicate_permission.rb
+- definitions/checks/foreman/check_external_db_evr_permissions.rb
 - definitions/checks/foreman/check_puppet_capsules.rb
 - definitions/checks/foreman/check_tuning_requirements.rb
 - definitions/checks/foreman/db_up.rb