foreman_maintain 1.9.0 → 1.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/definitions/checks/check_sha1_certificate_authority.rb +29 -0
  3. data/definitions/features/pulpcore.rb +8 -1
  4. data/definitions/scenarios/foreman_upgrade.rb +1 -0
  5. data/definitions/scenarios/satellite_upgrade.rb +1 -0
  6. data/lib/foreman_maintain/version.rb +1 -1
  7. metadata +6 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9209b1f3f4a9910f6a635cd5876edbb3f9fa59e1381e532ae4961e18627fe638
4
- data.tar.gz: 8a7f2e3ba17c629eea5535f86b94bb1be409620d520da3c0d96c61c1aea5009f
3
+ metadata.gz: 73708bb032234b95b2f4e43e6a754f4edd5a10b5fab5b0fe48e025e97c07b045
4
+ data.tar.gz: 804e89098c9776b9eaabbe8ddbf25b42fadafca9180bfaaafcc1e2ad19a68cbd
5
5
  SHA512:
6
- metadata.gz: 97e0f20269bc3b480bc429e91d7d119520ea4592162362f75efd42e9a4bc71200f4d13ff07b7103185200293826a3d887db265f99a2b7c94c385bd94a2eab352
7
- data.tar.gz: de0dce8771c46602be6124a04a58b935529c051b2efb7d7f38fc8b5dd25e7b0d2203580335eb9038f2e6b21b79e0dab87a361e38ba173cb6f936bcfcd7378beb
6
+ metadata.gz: 7436f734603158c084a33422808590fc4de98432ecf44d64106c58d625c7356e015d9fba968dd89c72aff8974364bbcd2493e7f74d99e079be59489df4a00714
7
+ data.tar.gz: d24586355b6f3bd785d8222ee93443712c4de0ce14a0dff53705b029e9a1bf0ab83db582cbce0ccf0da9e603edd5f030c259220d814a466faa20e78e40ef09fd
data/definitions/checks/check_sha1_certificate_authority.rb ADDED
@@ -0,0 +1,29 @@
1
+ class Checks::CheckSha1CertificateAuthority < ForemanMaintain::Check
2
+ metadata do
3
+ label :check_sha1_certificate_authority
4
+ description 'Check if server certificate authority is sha1 signed'
5
+
6
+ confine do
7
+ feature(:katello) || feature(:foreman_proxy)
8
+ end
9
+
10
+ do_not_whitelist
11
+ end
12
+
13
+ def run
14
+ installer_answers = feature(:installer).answers
15
+ server_ca = installer_answers['certs']['server_ca_cert']
16
+
17
+ return unless server_ca
18
+
19
+ certificate = OpenSSL::X509::Certificate.new(File.read(server_ca))
20
+
21
+ msg = <<~MSG
22
+ Server CA certificate signed with sha1 which will break on upgrade.
23
+ Update the server CA certificate with one signed with sha256 or
24
+ stronger then proceed with the upgrade.
25
+ MSG
26
+
27
+ assert(certificate.signature_algorithm != 'sha1WithRSAEncryption', msg)
28
+ end
29
+ end
data/definitions/features/pulpcore.rb CHANGED
@@ -25,7 +25,14 @@ class Features::Pulpcore < ForemanMaintain::Feature
25
25
  end
26
26
 
27
27
  def running_tasks
28
- cli('task list --state-in running --state-in canceling')
28
+ tasks = cli('task list --state-in running --state-in canceling')
29
+ # cli() uses parse_json() which swallows JSON::ParserError and returns nil
30
+ # but running_tasks should return an Array
31
+ if tasks.nil?
32
+ []
33
+ else
34
+ tasks
35
+ end
29
36
  rescue ForemanMaintain::Error::ExecutionError
30
37
  []
31
38
  end
data/definitions/scenarios/foreman_upgrade.rb CHANGED
@@ -54,6 +54,7 @@ module Scenarios::Foreman
54
54
  Checks::PackageManager::Dnf::ValidateDnfConfig,
55
55
  Checks::Repositories::CheckNonRhRepository,
56
56
  Checks::CheckOrganizationContentAccessMode,
57
+ Checks::CheckSha1CertificateAuthority,
57
58
  Checks::Repositories::Validate
58
59
  )
59
60
  end
data/definitions/scenarios/satellite_upgrade.rb CHANGED
@@ -55,6 +55,7 @@ module Scenarios::Satellite
55
55
  Checks::CheckIpv6Disable,
56
56
  Checks::Disk::AvailableSpacePostgresql13,
57
57
  Checks::CheckOrganizationContentAccessMode,
58
+ Checks::CheckSha1CertificateAuthority,
58
59
  Checks::Repositories::Validate.new(:version => target_version),
59
60
  )
60
61
  end
data/lib/foreman_maintain/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ForemanMaintain
2
- VERSION = '1.9.0'.freeze
2
+ VERSION = '1.9.1'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foreman_maintain
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.0
4
+ version: 1.9.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ivan Nečas
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-11-25 00:00:00.000000000 Z
11
+ date: 2024-12-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: clamp
@@ -161,6 +161,7 @@ files:
161
161
  - definitions/checks/candlepin/db_up.rb
162
162
  - definitions/checks/check_hotfix_installed.rb
163
163
  - definitions/checks/check_ipv6_disable.rb
164
+ - definitions/checks/check_sha1_certificate_authority.rb
164
165
  - definitions/checks/check_tmout.rb
165
166
  - definitions/checks/disk/available_space.rb
166
167
  - definitions/checks/disk/available_space_candlepin.rb
@@ -410,7 +411,7 @@ homepage: https://github.com/theforeman/foreman_maintain
410
411
  licenses:
411
412
  - GPL-3.0
412
413
  metadata: {}
413
- post_install_message:
414
+ post_install_message:
414
415
  rdoc_options: []
415
416
  require_paths:
416
417
  - lib
@@ -429,7 +430,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
429
430
  version: '0'
430
431
  requirements: []
431
432
  rubygems_version: 3.3.27
432
- signing_key:
433
+ signing_key:
433
434
  specification_version: 4
434
435
  summary: Foreman maintenance tool belt
435
436
  test_files: []