foreman_maintain 0.3.6 → 0.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA256:
-  metadata.gz: f0a600b819e8c744cacd365f94a9bdedbbc187686d637d1e9b7ed39d065c3d54
-  data.tar.gz: eb3b315d318f8b85e3a6f78f79f951f6f70f0acfa11d31726c47df065aab9b3e
+SHA1:
+  metadata.gz: 8e56d0ebde52242c236f12a7a5b1f6a5bff833f3
+  data.tar.gz: b1edcdce8bef56a30d93e8e87b353c0da2823d0f
 SHA512:
-  metadata.gz: fd325f4efac68b36d08857a3860b1d875727cfc7841bd12d6c98ce96196f263526c9398875c4c9e3c3fe904c9f77926f7eb393e84bacac00847f9be247c40002
-  data.tar.gz: af9c5cedfe89e7e89dfea149c36833364bd1df4717f5a6c3241ce560eeca8772fe45523c3631c4f3d48e702790b26c8b6f3ad66f6f76f119f2e4b92d9a167fd2
+  metadata.gz: d30075189e4c304a615af0f9184aec70e6a904e7918d02720a5fddb7241d8abaab5b02221aeeeedd0638a5f3f9b973c2def96e3612d42185d97b0fca9e8f18d8
+  data.tar.gz: 9a4793c2de2b9ee693109bd6bb16b5f89f4365b17e972651973b4eb9844535788a1c1c665eef52790e487aa4da794ee1bc04f1ab160e867f666bccb7dd40019b

data/README.md

@@ -35,6 +35,19 @@ Subcommands:
       list                          List applicable services
       enable                        Enable applicable services
       disable                       Disable applicable services
+
+    backup                        Backup server
+      online                        Keep services online during backup
+      offline                       Shut down services to preserve consistent backup
+      snapshot                      Use snapshots of the databases to create backup
+
+    restore                       Restore a backup
+
+    maintenance-mode              Control maintenance-mode for application
+      start                         Start maintenance-mode
+      stop                          Stop maintenance-mode
+      status                        Get maintenance-mode status
+      is-enabled                    Get maintenance-mode status code
 ```
 
 ### Upgrades
@@ -107,12 +120,6 @@ export EXTERNAL_SAT_ORG='Sat6-CI'
 export EXTERNAL_SAT_ACTIVATION_KEY='Satellite QA RHEL7'
 ```
 
-To use beta repositories during upgrade, set the following environment variable
-
-```
-export FOREMAN_MAINTAIN_USE_BETA='1'
-```
-
 ## Implementation
 
 `foreman_maintain` maps the CLI commands into definitions. This allows to keep the set
@@ -383,8 +390,6 @@ Execute `rake` to run the tests.
 ```
 foreman-maintain health [check|fix]
 foreman-maintain upgrade [check|run|abort] [foreman_1_14, satellite_6_1, satellite_6_2]
-foreman-maintain maintenance-mode [on|off]
-foreman-maintain backup [save|restore]
 foreman-maintain monitor [display|upload]
 foreman-maintain debug [save|upload|tail]
 foreman-maintain console
@@ -397,18 +402,18 @@ The completion offers suggestion of possible command-line subcommands and their
 as usual. It can also suggest values for options and params where file
 or directory path is expected.
 
-Bash completion is automatically installed by RPM. To use it for development setup 
-`cp ./config/foreman-maintain.completion /etc/bash_completion.d/foreman-maintain` 
+Bash completion is automatically installed by RPM. To use it for development setup
+`cp ./config/foreman-maintain.completion /etc/bash_completion.d/foreman-maintain`
 and load it to the current shell `source /etc/bash_completion.d/foreman-maintain`.
 Make sure the `$PWD/bin` is in `PATH` or there is full path to `foreman-maintain-complete`
 executable specified in `/etc/bash_completion.d/foreman-maintain`.
 
-Bash completion for foreman-maintain needs pre-built cache that holds description of 
-all subcommands and its parameters. The cache is located by default in 
+Bash completion for foreman-maintain needs pre-built cache that holds description of
+all subcommands and its parameters. The cache is located by default in
 `~/.cache/foreman_maintain_completion.yml`. The location can be changed in foreman-maintain's
-config file. The cache can be built manually with 
+config file. The cache can be built manually with
 `foreman-maintain advanced prebuild-bash-completion` or is built automatically when
-completion is used and the cache is missing (this may cause slight delay). The cache expires 
+completion is used and the cache is missing (this may cause slight delay). The cache expires
 after installer scenario answer file changed (it indicates that the features on the instance
 may have changed which has impact on foreman-maintain CLI options and subcommands).
 
@@ -424,9 +429,18 @@ Possible options for the `:completion` attribute are:
  - `{ :type => :flag }` option has no value, default for flags
  - `{ :type => :value }` option has value of unknown type, no suggestions for the value, default
  - `{ :type => :directory }` value is directory, suggestions follow directory structure
- - `{ :type => :file, :filter => '\.txt$' }` value is file, suggestions follow directory structure, 
+ - `{ :type => :file, :filter => '\.txt$' }` value is file, suggestions follow directory structure,
  	optional `:filter` is regexp to filter the results.
- 
+
+### Difference between maintenance-mode status and is-enabled:
+
+* `maintenance-mode status` gives a brief output with On/Off message. This includes status of each step.
+
+* `maintenance-mode is-enabled` returns `0 or 1` output depending upon the maintenance-mode status.
+Here, 1=ON & 0=OFF.
+
+If User would like to check whether maintenance-mode is ON/OFF on system in their external script then
+they can use subcommand `foreman-maintain maintenance-mode is-enabled`.
 
 ## How to contribute?
 

data/bin/passenger-recycler

@@ -11,9 +11,9 @@ CONFIG = YAML.load_file(CONFIG_FILE) if File.readable?(CONFIG_FILE)
 exit 0 unless CONFIG[:ENABLED]
 
 def running?(pid)
-  return Process.getpgid(pid) != -1
+  Process.getpgid(pid) != -1
 rescue Errno::ESRCH
-  return false
+  false
 end
 
 def debug(msg)
@@ -25,11 +25,10 @@ def verbose(msg)
 end
 
 def kill(pid)
-  if running?(pid) && CONFIG[:KILL_BUSY]
-    verbose "Process #{pid} is still running, sending SIGKILL"
-    Process.kill 'KILL', pid
-    sleep 5
-  end
+  return unless running?(pid) && CONFIG[:KILL_BUSY]
+  verbose "Process #{pid} is still running, sending SIGKILL"
+  Process.kill 'KILL', pid
+  sleep 5
 end
 
 def process_status?(pid)
@@ -40,6 +39,10 @@ def process_status?(pid)
   end
 end
 
+def show_passenger_status(status_messages)
+  status_messages.each { |msg| verbose msg }
+end
+
 require 'phusion_passenger'
 PhusionPassenger.locate_directories
 require 'phusion_passenger/platform_info'
@@ -65,25 +68,22 @@ stats.passenger_processes.each do |p|
   pid = p.pid.to_i
   started = get_process_start(pid)
   get_pid_mem_kb, get_pid_mem_mb = get_rss_info(p)
-  debug_message = "Checking #{pid} with RSS of #{get_pid_mem_kb}"
-  verbose_message = "Terminating #{pid} (started #{started}) with private" \
-                    " RSS size of #{get_pid_mem_mb} MB"
-  debug debug_message
+  debug "Checking #{pid} with RSS of #{get_pid_mem_kb}"
   next unless get_pid_mem_kb > CONFIG[:MAX_PRIV_RSS_MEMORY]
   status_ps = `ps -p#{pid} -u`
   status_all = `passenger-status 2> /dev/null`
   status_backtraces = `passenger-status --show=backtraces 2>/dev/null`
-  verbose verbose_message
-  Process.kill 'SIGUSR1', pid
-  sleep CONFIG[:GRACEFUL_SHUTDOWN_SLEEP]
-  kill(pid)
-  process_status?(pid)
-  if CONFIG[:SEND_STATUS]
-    verbose status_ps
-    verbose status_all
-    verbose status_backtraces
+  verbose("Terminating #{pid} (started #{started}) with private RSS size of #{get_pid_mem_mb} MB")
+  begin
+    Process.kill 'SIGUSR1', pid
+    sleep CONFIG[:GRACEFUL_SHUTDOWN_SLEEP]
+    kill(pid)
+    process_status?(pid)
+    show_passenger_status([status_ps, status_all, status_backtraces]) if CONFIG[:SEND_STATUS]
+    killed += 1
+    exit(1) if killed >= CONFIG[:MAX_TERMINATION]
+  rescue Errno::ESRCH
+    puts "#{Process.pid}: #{pid} is NOT running"
   end
-  killed += 1
-  exit(1) if killed >= CONFIG[:MAX_TERMINATION]
 end
 exit 0

data/config/foreman_maintain.yml.example

@@ -23,5 +23,12 @@
 # Mention directory path to store candlepin db backups
 # :db_backup_dir: '/var/lib/foreman-maintain/db-backups'
 
+# Disable commands and subcommands. Default: []
+# :disable_commands: [ 'SnapshotBackupCommand' ]
+
 # Location of cache for bash completion
 :completion_cache_file: '~/.cache/foreman_maintain_completion.yml'
+
+# Mention true/false.
+# Value true will to enable cron service stop/restart on maintenance-mode start/stop
+# :manage_crond: false

data/config/foreman_maintain.yml.packaging

@@ -25,3 +25,7 @@
 
 # Location of cache for bash completion
 :completion_cache_file: '~/.cache/foreman_maintain_completion.yml'
+
+# Mention true/false.
+# Value true will to enable cron service stop/restart on maintenance-mode start/stop
+# :manage_crond: false

data/definitions/checks/candlepin/db_up.rb

@@ -18,7 +18,7 @@ module Checks
       end
 
       def next_steps
-        if feature(:foreman_database).local?
+        if feature(:candlepin_database).local?
           [Procedures::Service::Start.new(:only => 'postgresql')]
         else
           [] # there is nothing we can do for remote db

data/definitions/checks/check_hotfix_installed.rb

@@ -0,0 +1,90 @@
+class Checks::CheckHotfixInstalled < ForemanMaintain::Check
+  metadata do
+    label :check_hotfix_installed
+    description 'Check to verify if any hotfix installed on system'
+    tags :pre_upgrade
+    preparation_steps do
+      Procedures::Packages::Install.new(:packages => %w[yum-utils])
+    end
+
+    confine do
+      feature(:downstream)
+    end
+  end
+
+  def run
+    if feature(:downstream).subscribed_using_activation_key?
+      skip "Your system is subscribed using custom activation key. Hotfixes can't be detected."
+    else
+      with_spinner('Checking for presence of hotfix(es). It may take some time to verify.') do
+        hotfix_rpmlist = find_hotfix_packages
+        installed_pkg_list = installed_packages
+        files_modifications = installed_pkg_list.flat_map { |pkg| modified_files(pkg) }
+        assert(hotfix_rpmlist.empty? && files_modifications.empty?,
+               warning_message(hotfix_rpmlist, files_modifications),
+               :warn => true)
+      end
+    end
+  end
+
+  private
+
+  def modified_files(package)
+    changed_files = []
+    IO.popen(['rpm', '-V', package]) do |pipe|
+      pipe.each do |line|
+        arr_output = line.chomp.split
+        flags = arr_output.first
+        filename = arr_output.last
+        changed_files << filename if flags.include?('5') && filename =~ /\.(rb|py|erb|js)$/
+      end
+    end
+    changed_files
+  end
+
+  def installed_packages
+    packages = []
+    repoquery_cmd = execute!('which repoquery')
+    IO.popen([repoquery_cmd, '-a', '--installed', '--qf', '%{ui_from_repo} %{nvra}']) do |io|
+      io.each do |line|
+        repo, pkg = line.chomp.split
+        packages << pkg if /satellite|rhscl/ =~ repo[1..-1].downcase
+      end
+    end
+    packages
+  end
+
+  def find_hotfix_packages
+    output = execute!('rpm -qa release="*HOTFIX*"').strip
+    return [] if output.empty?
+
+    output.split("\n")
+  end
+
+  def warning_message(hotfix_rpmlist, files_modified)
+    message = "\n"
+    unless hotfix_rpmlist.empty?
+      message += msg_for_hotfix_rpms(hotfix_rpmlist)
+    end
+    unless files_modified.empty?
+      message += msg_for_modified_files(files_modified)
+    end
+    message += "\n\n*** WARNING: Before update make sure the updated packages contain"\
+      " the listed modifications\n"\
+      "*** otherwise these fixes will be lost. \n"\
+      '*** It is also recommended to backup the modified files prior update.'
+    message
+  end
+
+  def msg_for_hotfix_rpms(rpms_list)
+    message = "HOTFIX rpm(s) applied on this system:\n"
+    message += rpms_list.join(',')
+    message
+  end
+
+  def msg_for_modified_files(files_modified)
+    message = "\n\nFound #{files_modified.length} file(s) modified on this system.\n"
+    message += files_modified.join("\n")
+    message
+  end
+end

data/definitions/checks/check_tmout.rb

@@ -0,0 +1,20 @@
+class Checks::CheckTmout < ForemanMaintain::Check
+  metadata do
+    label :check_tmout_variable
+    description 'Check if TMOUT environment variable is set'
+    tags :pre_upgrade
+  end
+
+  def run
+    assert(tmout_unset?, "The TMOUT environment variable is set with value #{tmout_env}."\
+          " Run 'unset TMOUT' command to unset this variable.")
+  end
+
+  def tmout_unset?
+    tmout_env == '0' || tmout_env == '' || tmout_env.nil?
+  end
+
+  def tmout_env
+    ENV['TMOUT']
+  end
+end

data/definitions/checks/disk/performance.rb

@@ -26,11 +26,7 @@ module Checks
           puts "\n"
           puts stats.stdout
 
-          if feature(:downstream) && feature(:downstream).at_least_version?('6.3')
-            assert(success, io_obj.slow_disk_error_msg + warning_message, :warn => true)
-          else
-            assert(success, io_obj.slow_disk_error_msg)
-          end
+          assert(success, io_obj.slow_disk_error_msg)
         end
       end
 
@@ -42,17 +38,11 @@ module Checks
 
       def dirs_to_check
         return DEFAULT_DIRS.first(1) if check_only_single_device?
-
         DEFAULT_DIRS
       end
 
       private
 
-      def warning_message
-        "\nWARNING: Low disk speed might have a negative impact on the system."\
-        "\nSee https://access.redhat.com/solutions/3397771 before proceeding"
-      end
-
       def compute_disk_speed(spinner)
         success = true
         io_obj = ForemanMaintain::Utils::Disk::NilDevice.new

data/definitions/checks/maintenance_mode/check_consistency.rb

@@ -0,0 +1,62 @@
+module Checks::MaintenanceMode
+  class CheckConsistency < ForemanMaintain::Check
+    metadata do
+      label :check_maintenance_mode_consistency
+      description 'Check of maintenance-mode consistency'
+      advanced_run false
+    end
+
+    def run
+      procedure_arr = []
+      message_to_show = ''
+      with_spinner('Running status of maintenance-mode') do |_spinner|
+        message_to_show, procedure_arr = verify_with_features
+      end
+      puts message_to_show
+      assert(
+        procedure_arr.empty?,
+        'You can follow remediation procedure(s) to fix maintenance-mode state',
+        :next_steps => procedure_arr
+      )
+    end
+
+    private
+
+    def verify_with_features
+      procedure_arr = []
+      feature_status_msgs = []
+      is_mode_on = feature(:iptables).maintenance_mode_chain_exist?
+      [:iptables, :sync_plans, :cron].each do |feature_name|
+        msg, procedures_to_run = send("check_for_#{feature_name}", is_mode_on)
+        feature_status_msgs << msg
+        procedure_arr.concat(procedures_to_run)
+      end
+      [construct_message(is_mode_on, feature_status_msgs), procedure_arr]
+    end
+
+    def construct_message(is_mode_on, feature_status_msgs)
+      info_string = "\nStatus of maintenance-mode: #{is_mode_on ? 'On' : 'Off'}"
+      unless feature_status_msgs.empty?
+        info_string += "\n- "
+      end
+      info_string += feature_status_msgs.join("\n- ")
+      info_string
+    end
+
+    def check_for_cron(is_mode_on)
+      unless ForemanMaintain.config.manage_crond && feature(:cron)
+        return ['cron jobs: not managed', []]
+      end
+
+      feature(:cron).status_for_maintenance_mode(is_mode_on)
+    end
+
+    def check_for_iptables(_is_mode_on)
+      feature(:iptables).status_for_maintenance_mode
+    end
+
+    def check_for_sync_plans(is_mode_on)
+      feature(:sync_plans).status_for_maintenance_mode(is_mode_on)
+    end
+  end
+end

data/definitions/checks/puppet/verify_no_empty_cacert_requests.rb

@@ -0,0 +1,24 @@
+module Checks::Puppet
+  class VerifyNoEmptyCacertRequests < ForemanMaintain::Check
+    metadata do
+      label :puppet_check_no_empty_cert_requests
+      for_feature :puppet_server
+      tags :default
+      description 'Check to verify no empty CA cert requests exist'
+    end
+
+    def run
+      cacert_requests_directory = feature(:puppet_server).cacert_requests_directory
+      if feature(:puppet_server).cacert_requests_dir_exists?
+        files = feature(:puppet_server).find_empty_cacert_request_files
+        assert(
+          files.empty?,
+          "Found #{files.length} empty file(s) under #{cacert_requests_directory}",
+          :next_steps => Procedures::Puppet::DeleteEmptyCaCertRequestFiles.new
+        )
+      else
+        skip "#{cacert_requests_directory} directory not found"
+      end
+    end
+  end
+end

data/definitions/checks/repositories/check_upstream_repository.rb

@@ -0,0 +1,22 @@
+class Checks::CheckUpstreamRepository < ForemanMaintain::Check
+  metadata do
+    label :check_upstream_repository
+    description 'Check if any upstream repositories are enabled on system'
+    tags :pre_upgrade
+    preparation_steps do
+      Procedures::Packages::Install.new(:packages => %w[yum-utils])
+    end
+    confine do
+      feature(:downstream)
+    end
+  end
+
+  def run
+    with_spinner('Checking for presence of upstream repositories') do
+      enabled_upstream_repos = feature(:system_repos).upstream_repos_ids
+      assert(enabled_upstream_repos.empty?,
+             "System has upstream #{enabled_upstream_repos.join(',')} repositories enabled",
+             :next_steps => Procedures::Repositories::Disable.new(:repos => enabled_upstream_repos))
+    end
+  end
+end