foreman_maintain 1.9.0 → 1.9.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/definitions/checks/check_sha1_certificate_authority.rb +29 -0
  3. data/definitions/features/pulpcore.rb +8 -1
  4. data/definitions/scenarios/foreman_upgrade.rb +1 -0
  5. data/definitions/scenarios/satellite_upgrade.rb +1 -0
  6. data/lib/foreman_maintain/version.rb +1 -1
  7. metadata +6 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9209b1f3f4a9910f6a635cd5876edbb3f9fa59e1381e532ae4961e18627fe638
4
- data.tar.gz: 8a7f2e3ba17c629eea5535f86b94bb1be409620d520da3c0d96c61c1aea5009f
3
+ metadata.gz: 73708bb032234b95b2f4e43e6a754f4edd5a10b5fab5b0fe48e025e97c07b045
4
+ data.tar.gz: 804e89098c9776b9eaabbe8ddbf25b42fadafca9180bfaaafcc1e2ad19a68cbd
5
5
  SHA512:
6
- metadata.gz: 97e0f20269bc3b480bc429e91d7d119520ea4592162362f75efd42e9a4bc71200f4d13ff07b7103185200293826a3d887db265f99a2b7c94c385bd94a2eab352
7
- data.tar.gz: de0dce8771c46602be6124a04a58b935529c051b2efb7d7f38fc8b5dd25e7b0d2203580335eb9038f2e6b21b79e0dab87a361e38ba173cb6f936bcfcd7378beb
6
+ metadata.gz: 7436f734603158c084a33422808590fc4de98432ecf44d64106c58d625c7356e015d9fba968dd89c72aff8974364bbcd2493e7f74d99e079be59489df4a00714
7
+ data.tar.gz: d24586355b6f3bd785d8222ee93443712c4de0ce14a0dff53705b029e9a1bf0ab83db582cbce0ccf0da9e603edd5f030c259220d814a466faa20e78e40ef09fd
data/definitions/checks/check_sha1_certificate_authority.rb ADDED
@@ -0,0 +1,29 @@
1
+ class Checks::CheckSha1CertificateAuthority < ForemanMaintain::Check
2
+ metadata do
3
+ label :check_sha1_certificate_authority
4
+ description 'Check if server certificate authority is sha1 signed'
5
+
6
+ confine do
7
+ feature(:katello) || feature(:foreman_proxy)
8
+ end
9
+
10
+ do_not_whitelist
11
+ end
12
+
13
+ def run
14
+ installer_answers = feature(:installer).answers
15
+ server_ca = installer_answers['certs']['server_ca_cert']
16
+
17
+ return unless server_ca
18
+
19
+ certificate = OpenSSL::X509::Certificate.new(File.read(server_ca))
20
+
21
+ msg = <<~MSG
22
+ Server CA certificate signed with sha1 which will break on upgrade.
23
+ Update the server CA certificate with one signed with sha256 or
24
+ stronger then proceed with the upgrade.
25
+ MSG
26
+
27
+ assert(certificate.signature_algorithm != 'sha1WithRSAEncryption', msg)
28
+ end
29
+ end
data/definitions/features/pulpcore.rb CHANGED
@@ -25,7 +25,14 @@ class Features::Pulpcore < ForemanMaintain::Feature
25
25
  end
26
26
 
27
27
  def running_tasks
28
- cli('task list --state-in running --state-in canceling')
28
+ tasks = cli('task list --state-in running --state-in canceling')
29
+ # cli() uses parse_json() which swallows JSON::ParserError and returns nil
30
+ # but running_tasks should return an Array
31
+ if tasks.nil?
32
+ []
33
+ else
34
+ tasks
35
+ end
29
36
  rescue ForemanMaintain::Error::ExecutionError
30
37
  []
31
38
  end
data/definitions/scenarios/foreman_upgrade.rb CHANGED
@@ -54,6 +54,7 @@ module Scenarios::Foreman
54
54
  Checks::PackageManager::Dnf::ValidateDnfConfig,
55
55
  Checks::Repositories::CheckNonRhRepository,
56
56
  Checks::CheckOrganizationContentAccessMode,
57
+ Checks::CheckSha1CertificateAuthority,
57
58
  Checks::Repositories::Validate
58
59
  )
59
60
  end
data/definitions/scenarios/satellite_upgrade.rb CHANGED
@@ -55,6 +55,7 @@ module Scenarios::Satellite
55
55
  Checks::CheckIpv6Disable,
56
56
  Checks::Disk::AvailableSpacePostgresql13,
57
57
  Checks::CheckOrganizationContentAccessMode,
58
+ Checks::CheckSha1CertificateAuthority,
58
59
  Checks::Repositories::Validate.new(:version => target_version),
59
60
  )
60
61
  end
data/lib/foreman_maintain/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ForemanMaintain
2
- VERSION = '1.9.0'.freeze
2
+ VERSION = '1.9.1'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foreman_maintain
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.0
4
+ version: 1.9.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ivan Nečas
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-11-25 00:00:00.000000000 Z
11
+ date: 2024-12-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: clamp
@@ -161,6 +161,7 @@ files:
161
161
  - definitions/checks/candlepin/db_up.rb
162
162
  - definitions/checks/check_hotfix_installed.rb
163
163
  - definitions/checks/check_ipv6_disable.rb
164
+ - definitions/checks/check_sha1_certificate_authority.rb
164
165
  - definitions/checks/check_tmout.rb
165
166
  - definitions/checks/disk/available_space.rb
166
167
  - definitions/checks/disk/available_space_candlepin.rb
@@ -410,7 +411,7 @@ homepage: https://github.com/theforeman/foreman_maintain
410
411
  licenses:
411
412
  - GPL-3.0
412
413
  metadata: {}
413
- post_install_message:
414
+ post_install_message:
414
415
  rdoc_options: []
415
416
  require_paths:
416
417
  - lib
@@ -429,7 +430,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
429
430
  version: '0'
430
431
  requirements: []
431
432
  rubygems_version: 3.3.27
432
- signing_key:
433
+ signing_key:
433
434
  specification_version: 4
434
435
  summary: Foreman maintenance tool belt
435
436
  test_files: []