foreman_maintain 0.6.9 → 0.6.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7050dd905c1396f95686caabf7afaea60f963b8c68c2b0849eb4d06b7e5330f7
-  data.tar.gz: d683a46f74563cb3c22a4f0ab94ebf3354aa4685afd8b22a7ea68ec1fc6d70a7
+  metadata.gz: e382b3653ec4332ef6bc891b83e92263874dfc079fb84c1f3db951696804832e
+  data.tar.gz: 03b8467289528688c03ed6ad7b8361befee931c9eb0d51a897aa38a755b9ad8a
 SHA512:
-  metadata.gz: 56ffb28e036596b3b7262ff27e5f7ab85ccd98ba3f261ef5049f0e4c404b743b96fe3086723a7a0d08005e27308b40888e209ca66125662d4dd72da8706a540c
-  data.tar.gz: f056a9c36223352dededfd338e462070f71780b679e2d661360733a85ef07045ac1fd7f803421f945d9f1cc0176d7351d8f0f951da558635b33a5dcc7e99a67c
+  metadata.gz: 0f9b4071adbda3fb4f39c84a6c02891aa4e54c0138d8245dfb2da93844bbc6b51e8db88a0424a006fde8563b7b4806b833176caeacaaa9c4b3101ef23824c4f0
+  data.tar.gz: a00abc28ccc812b76de1ca75849f471bd16944fb3cd8bc7ead833f0c077c17e1860626ba6e9c52af834fa1f21c2a6c6b0c331551bc435d921926fdc694cda045

data/README.md

@@ -488,6 +488,15 @@ Here, 0=ON & 1=OFF.
 If users would like to check whether maintenance-mode is ON/OFF on system in their external script then
 they can use subcommand `foreman-maintain maintenance-mode is-enabled`.
 
+## Exit codes with special meanings -
+
+Every command returns an exit code. Any other exit status than 0 indicates a failure of some kind. Foreman Maintain uses following exit codes with special meaning.
+
+| Exit Code  | Description                        |
+| -----------| -----------------------------------|
+| 75         | Temporary failure and needs re-run |
+| 78         | Command executed with warning(s)   |
+
 ## How to contribute?
 
 Generally, follow the [Foreman guidelines](https://theforeman.org/contribute.html). For code-related contributions, fork this project and send a pull request with all changes. Some things to keep in mind:

data/definitions/checks/foreman/check_checkpoint_segments.rb

@@ -0,0 +1,51 @@
+module Checks
+  module Foreman
+    class CheckpointSegments < ForemanMaintain::Check
+      metadata do
+        label :check_postgresql_checkpoint_segments
+        description 'Check if checkpoint_segments configuration exists on the system'
+        confine do
+          feature(:foreman) && feature(:installer) &&
+            File.exist?(feature(:installer).custom_hiera_file)
+        end
+      end
+
+      def run
+        failure_message = check_custom_hiera
+        fail! failure_message if failure_message
+      end
+
+      # rubocop:disable Metrics/MethodLength
+      def check_custom_hiera
+        hiera_file = feature(:installer).custom_hiera_file
+        if (config = YAML.load_file(hiera_file)) &&
+           config.key?('postgresql::server::config_entries')
+          if config['postgresql::server::config_entries'].nil?
+            return <<-MESSAGE.strip_heredoc
+            ERROR: 'postgresql::server::config_entries' cannot be null.
+            Please remove it from following file and re-run the command.
+            - #{hiera_file}
+            MESSAGE
+          elsif config['postgresql::server::config_entries'].key?('checkpoint_segments')
+            message = <<-MESSAGE.strip_heredoc
+            ERROR: Tuning option 'checkpoint_segments' found.
+            This option is no longer valid for PostgreSQL 9.5 or newer.
+            Please remove it from following file and re-run the command.
+            - #{hiera_file}
+            MESSAGE
+            if feature(:katello)
+              message += <<-MESSAGE.strip_heredoc
+              The presence of checkpoint_segments in #{hiera_file} indicates manual tuning.
+              Manual tuning can override values provided by the --tuning parameter.
+              Review #{hiera_file} for values that are already provided by the built in tuning profiles.
+              Built in tuning profiles also provide a supported upgrade path.
+              MESSAGE
+            end
+            return message
+          end
+        end
+      end
+      # rubocop:enable Metrics/MethodLength
+    end
+  end
+end

data/definitions/checks/foreman/check_duplicate_permission.rb

@@ -0,0 +1,33 @@
+module Checks
+  module Foreman
+    class CheckDuplicatePermissions < ForemanMaintain::Check
+      metadata do
+        label :duplicate_permissions
+        for_feature :foreman_database
+        description 'Check for duplicate permissions from database'
+        tags :pre_upgrade
+      end
+
+      def run
+        duplicate_permissions = find_duplicate_permissions
+        assert(
+          duplicate_permissions.empty?,
+          'Duplicate permissions in your database',
+          :next_steps => [
+            Procedures::Foreman::RemoveDuplicatePermissions.new
+          ]
+        )
+      end
+
+      def find_duplicate_permissions
+        feature(:foreman_database).query(self.class.query_to_get_duplicate_permission)
+      end
+
+      def self.query_to_get_duplicate_permission
+        <<-SQL
+          SELECT id,name FROM permissions p WHERE (SELECT count(name) FROM permissions pr WHERE p.name =pr.name) > 1
+        SQL
+      end
+    end
+  end
+end

data/definitions/checks/foreman_proxy/check_tftp_storage.rb

@@ -22,10 +22,9 @@ module Checks::ForemanProxy
     end
 
     def old_files_from_tftp_boot
-      Dir.entries(tftp_boot_directory).map do |file|
+      Dir.glob("#{tftp_boot_directory}*-{vmlinuz,initrd.img}").map do |file|
         unless File.directory?(file)
-          file_path =  tftp_boot_directory + file
-          file_path if File.mtime(file_path) + (token_duration * 60) < Time.now
+          file if File.mtime(file) + (token_duration * 60) < Time.now
         end
       end.compact
     end

data/definitions/features/installer.rb

@@ -53,6 +53,10 @@ class Features::Installer < ForemanMaintain::Feature
     end
   end
 
+  def custom_hiera_file
+    @custom_hiera_file ||= File.join(config_directory, 'custom-hiera.yaml')
+  end
+
   def can_upgrade?
     @installer_type == :scenarios || @installer_type == :legacy_katello
   end

data/definitions/procedures/foreman/remove_duplicate_permissions.rb

@@ -0,0 +1,70 @@
+module Procedures::Foreman
+  class RemoveDuplicatePermissions < ForemanMaintain::Procedure
+    metadata do
+      for_feature :foreman_database
+      description 'Remove duplicate permissions from database'
+    end
+
+    def run
+      duplicate_permissions = feature(:foreman_database).query(
+        Checks::Foreman::CheckDuplicatePermissions.query_to_get_duplicate_permission
+      ).group_by { |permission| permission['name'] }
+      unassigned_permissions = []
+      duplicate_permissions.each_value do |permissions|
+        permission_ids = permissions.map { |i| i['id'] }
+        filterings = check_permissions_assign_to_filter(permission_ids)
+        assigned_permissions = filterings.keys
+        unassigned_permissions << permission_ids - assigned_permissions
+        fix_permissions(assigned_permissions) if assigned_permissions.length > 1
+      end
+      delete_permission(unassigned_permissions.flatten) unless unassigned_permissions.empty?
+    end
+
+    private
+
+    def check_permissions_assign_to_filter(permission_ids)
+      sql = <<-SQL
+        SELECT id, filter_id, permission_id FROM filterings WHERE permission_id IN (#{permission_ids.join(',')})
+      SQL
+      feature(:foreman_database).query(sql).group_by { |filtering| filtering['permission_id'] }
+    end
+
+    def fix_permissions(assigned_permissions)
+      persist_permission = assigned_permissions.shift
+      filter_ids = filters_for_permission(persist_permission)
+      update_filtering(assigned_permissions, persist_permission, filter_ids)
+      delete_filtering(assigned_permissions)
+      delete_permission(assigned_permissions)
+    end
+
+    def filters_for_permission(permission)
+      feature(:foreman_database).query(
+        "SELECT filter_id FROM filterings WHERE permission_id = #{permission.to_i}"
+      ).map { |filter| filter['filter_id'] }
+    end
+
+    def update_filtering(old_ids, new_id, filter_ids)
+      sql = <<-SQL
+      WITH rows AS (
+        UPDATE filterings SET permission_id = '#{new_id}' WHERE permission_id IN (#{old_ids.join(',')}) AND filter_id NOT IN (#{filter_ids.join(',')})
+        RETURNING id
+      )
+      SELECT id
+      FROM rows
+      SQL
+      feature(:foreman_database).query(sql)
+    end
+
+    def delete_filtering(permission_ids)
+      feature(:foreman_database).psql(
+        "DELETE FROM filterings where permission_id IN (#{permission_ids.join(',')})"
+      )
+    end
+
+    def delete_permission(permission_ids)
+      feature(:foreman_database).psql(
+        "DELETE FROM permissions where id IN (#{permission_ids.join(',')})"
+      )
+    end
+  end
+end

data/definitions/procedures/installer/upgrade.rb

@@ -6,7 +6,7 @@ module Procedures::Installer
 
     def run
       assumeyes_val = @assumeyes.nil? ? assumeyes? : @assumeyes
-      feature(:installer).run(@arguments, :interactive => !assumeyes_val)
+      feature(:installer).upgrade(:interactive => !assumeyes_val)
     end
   end
 end

data/definitions/scenarios/upgrade_to_satellite_6_8.rb

@@ -27,6 +27,7 @@ module Scenarios::Satellite_6_8
     def compose
       add_steps(find_checks(:default))
       add_steps(find_checks(:pre_upgrade))
+      add_step(Checks::Foreman::CheckpointSegments)
       add_step(Checks::Repositories::Validate.new(:version => '6.8'))
     end
   end

data/lib/foreman_maintain/cli/packages_command.rb

@@ -38,7 +38,7 @@ module ForemanMaintain
 
       subcommand 'update', 'Update packages in an unlocked session' do
         interactive_option
-        parameter '[PACKAGES ...]', 'packages to update', :attribute_name => :packages
+        parameter '[PACKAGES] ...', 'packages to update', :attribute_name => :packages
 
         def execute
           run_scenarios_and_exit(

data/lib/foreman_maintain/cli/upgrade_command.rb

@@ -53,7 +53,10 @@ module ForemanMaintain
       end
 
       subcommand 'list-versions', 'List versions this system is upgradable to' do
+        disable_self_upgrade_option
+
         def execute
+          ForemanMaintain.perform_self_upgrade unless disable_self_upgrade?
           print_versions(UpgradeRunner.available_targets)
         end
       end

data/lib/foreman_maintain/concerns/downstream.rb

@@ -72,7 +72,9 @@ module ForemanMaintain
       end
 
       def ansible_repo(server_version, rh_version_major)
-        if server_version >= version('6.6')
+        if server_version >= version('6.8')
+          "rhel-#{rh_version_major}-server-ansible-2.9-rpms"
+        elsif server_version >= version('6.6')
           "rhel-#{rh_version_major}-server-ansible-2.8-rpms"
         elsif server_version >= version('6.4')
           "rhel-#{rh_version_major}-server-ansible-2.6-rpms"
@@ -105,7 +107,7 @@ module ForemanMaintain
                           "rhel-#{rh_version_major}-server-satellite-tools-#{full_version}-rpms"]
                        end
 
-        return repos_arrary.first(1) if feature(:capsule)
+        return repos_arrary.first(1) if feature(:satellite)
 
         repos_arrary
       end

data/lib/foreman_maintain/reporter/cli_reporter.rb

@@ -276,7 +276,7 @@ module ForemanMaintain
 
       # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
       def scenario_failure_message(scenario)
-        return if scenario.passed?
+        return if scenario.passed? && !scenario.warning?
         message = []
         message << <<-MESSAGE.strip_heredoc
           Scenario [#{scenario.description}] failed.

data/lib/foreman_maintain/runner.rb

@@ -54,6 +54,7 @@ module ForemanMaintain
         @last_scenario = scenario
         @last_scenario_continuation_confirmed = false
       end
+      @exit_code = 78 if scenario.warning?
       @exit_code = 1 if scenario.failed?
     end
 

data/lib/foreman_maintain/scenario.rb

@@ -129,8 +129,11 @@ module ForemanMaintain
 
     def passed?
       (steps_with_abort(:whitelisted => false) +
-        steps_with_error(:whitelisted => false) +
-        steps_with_warning(:whitelisted => false)).empty?
+        steps_with_error(:whitelisted => false)).empty?
+    end
+
+    def warning?
+      !steps_with_warning(:whitelisted => false).empty?
     end
 
     def failed?

data/lib/foreman_maintain/version.rb

@@ -1,3 +1,3 @@
 module ForemanMaintain
-  VERSION = '0.6.9'.freeze
+  VERSION = '0.6.10'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_maintain
 version: !ruby/object:Gem::Version
-  version: 0.6.9
+  version: 0.6.10
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-03 00:00:00.000000000 Z
+date: 2020-09-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: clamp
@@ -127,7 +127,9 @@ files:
 - definitions/checks/disk/available_space.rb
 - definitions/checks/disk/performance.rb
 - definitions/checks/env_proxy.rb
+- definitions/checks/foreman/check_checkpoint_segments.rb
 - definitions/checks/foreman/check_corrupted_roles.rb
+- definitions/checks/foreman/check_duplicate_permission.rb
 - definitions/checks/foreman/check_duplicate_roles.rb
 - definitions/checks/foreman/db_up.rb
 - definitions/checks/foreman/facts_names.rb
@@ -226,6 +228,7 @@ files:
 - definitions/procedures/foreman/apipie_cache.rb
 - definitions/procedures/foreman/fix_corrupted_roles.rb
 - definitions/procedures/foreman/remove_duplicate_obsolete_roles.rb
+- definitions/procedures/foreman/remove_duplicate_permissions.rb
 - definitions/procedures/foreman_docker/remove_foreman_docker.rb
 - definitions/procedures/foreman_openscap/invalid_report_associations.rb
 - definitions/procedures/foreman_proxy/features.rb