foreman_maintain 1.0.7 → 1.0.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/definitions/procedures/packages/enable_version_locking.rb +5 -1
- data/definitions/procedures/packages/lock_versions.rb +3 -1
- data/definitions/procedures/packages/locking_status.rb +3 -1
- data/definitions/procedures/packages/unlock_versions.rb +3 -1
- data/extras/foreman_protector/dnf/foreman-protector.py +77 -0
- data/extras/foreman_protector/foreman-protector.whitelist +3 -0
- data/extras/foreman_protector/{foreman-protector.py → yum/foreman-protector.py} +0 -0
- data/lib/foreman_maintain/package_manager/base.rb +2 -7
- data/lib/foreman_maintain/package_manager/dnf.rb +4 -0
- data/lib/foreman_maintain/package_manager/yum.rb +11 -18
- data/lib/foreman_maintain/version.rb +1 -1
- metadata +4 -4
- data/definitions/checks/version_locking_enabled.rb +0 -14
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cbe5e2f041a482d1800b74195b3d0cbaeb504d14345c86402d4ee9402f052999
|
4
|
+
data.tar.gz: 96420eefe94c8632ec43a52d105af613aaf7b30107e59f6a69abc9549a02200b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2207cfef121cf8a15ce12c0c961b249b31ac3fb92b2275c15df58b245fc987261c634d53bd0fad5cfe8de3c71106fd30016f76fa7ffac67da2b5ab593fb02347
|
7
|
+
data.tar.gz: a121716d79737dbe7e480bca7aa767dd17090226d8ef51f19c9f49e8ce82b7b8620416bc5cecc2a654068f7a7e0d0ed8ba93dbf2eedac71ccbbb36517f7bbd0b
|
@@ -6,7 +6,11 @@ module Procedures::Packages
|
|
6
6
|
end
|
7
7
|
|
8
8
|
def run
|
9
|
-
|
9
|
+
installed_fm_packages = []
|
10
|
+
['satellite-maintain', 'rubygem-foreman_maintain'].each do |pkg|
|
11
|
+
installed_fm_packages << find_package(pkg)
|
12
|
+
end
|
13
|
+
package_manager.reinstall(installed_fm_packages, :assumeyes => @assumeyes)
|
10
14
|
end
|
11
15
|
end
|
12
16
|
end
|
@@ -2,7 +2,9 @@ module Procedures::Packages
|
|
2
2
|
class LockVersions < ForemanMaintain::Procedure
|
3
3
|
metadata do
|
4
4
|
description 'Lock packages'
|
5
|
-
|
5
|
+
confine do
|
6
|
+
package_manager.version_locking_supported?
|
7
|
+
end
|
6
8
|
end
|
7
9
|
|
8
10
|
def run
|
@@ -2,7 +2,9 @@ module Procedures::Packages
|
|
2
2
|
class LockingStatus < ForemanMaintain::Procedure
|
3
3
|
metadata do
|
4
4
|
description 'Check status of version locking of packages'
|
5
|
-
|
5
|
+
confine do
|
6
|
+
package_manager.version_locking_supported?
|
7
|
+
end
|
6
8
|
end
|
7
9
|
|
8
10
|
def run
|
@@ -2,7 +2,9 @@ module Procedures::Packages
|
|
2
2
|
class UnlockVersions < ForemanMaintain::Procedure
|
3
3
|
metadata do
|
4
4
|
description 'Unlock packages'
|
5
|
-
|
5
|
+
confine do
|
6
|
+
package_manager.version_locking_supported?
|
7
|
+
end
|
6
8
|
end
|
7
9
|
|
8
10
|
def run
|
@@ -0,0 +1,77 @@
|
|
1
|
+
import dnf
|
2
|
+
import dnf.exceptions
|
3
|
+
from dnfpluginscore import _, logger
|
4
|
+
|
5
|
+
import configparser
|
6
|
+
|
7
|
+
class ForemanProtector(dnf.Plugin):
|
8
|
+
name = 'foreman-protector'
|
9
|
+
config_name = 'foreman-protector'
|
10
|
+
|
11
|
+
def __init__(self,base,cli):
|
12
|
+
self.base = base
|
13
|
+
self.cli = cli
|
14
|
+
|
15
|
+
def _get_whitelist_file_url(self):
|
16
|
+
try:
|
17
|
+
parser = self.read_config(self.base.conf)
|
18
|
+
except Exception as e:
|
19
|
+
raise dnf.exceptions.Error(_("Parsing file failed: {}").format(str(e)))
|
20
|
+
|
21
|
+
if parser.has_section('main'):
|
22
|
+
fileurl = parser.get('main', 'whitelist')
|
23
|
+
else:
|
24
|
+
raise dnf.exceptions.Error(_('Incorrect plugin configuration!'))
|
25
|
+
return fileurl
|
26
|
+
|
27
|
+
def _load_whitelist(self):
|
28
|
+
fileurl = self._get_whitelist_file_url()
|
29
|
+
package_whitelist = set()
|
30
|
+
try:
|
31
|
+
if fileurl:
|
32
|
+
llfile = open(fileurl, 'r')
|
33
|
+
for line in llfile.readlines():
|
34
|
+
if line.startswith('#') or line.strip() == '':
|
35
|
+
continue
|
36
|
+
|
37
|
+
package_whitelist.add(line.rstrip())
|
38
|
+
llfile.close()
|
39
|
+
except IOError as e:
|
40
|
+
raise dnf.exceptions.Error('Unable to read Foreman protector"s configuration: %s' % e)
|
41
|
+
return package_whitelist
|
42
|
+
|
43
|
+
def _add_obsoletes(self):
|
44
|
+
package_whitelist = self._load_whitelist()
|
45
|
+
final_query = self.base.sack.query()
|
46
|
+
if package_whitelist:
|
47
|
+
# If anything obsoletes something that we have whitelisted ... then
|
48
|
+
# whitelist that too.
|
49
|
+
whitelist_query = self.base.sack.query().filterm(name=package_whitelist)
|
50
|
+
obsoletes_query = self.base.sack.query().filterm(obsoletes=list(whitelist_query))
|
51
|
+
|
52
|
+
final_query = whitelist_query.union(obsoletes_query)
|
53
|
+
return final_query
|
54
|
+
|
55
|
+
def sack(self):
|
56
|
+
whitelist_and_obsoletes = self._add_obsoletes()
|
57
|
+
all_available_packages = self.base.sack.query().available()
|
58
|
+
excluded_pkgs_query = all_available_packages.difference(whitelist_and_obsoletes)
|
59
|
+
total = len(excluded_pkgs_query)
|
60
|
+
logger.info(_('Reading Foreman protector configuration'))
|
61
|
+
self.base.sack.add_excludes(excluded_pkgs_query)
|
62
|
+
|
63
|
+
logger.info(_('*** Excluded total: %s' % total))
|
64
|
+
if total:
|
65
|
+
if total > 1:
|
66
|
+
suffix = 's'
|
67
|
+
else:
|
68
|
+
suffix = ''
|
69
|
+
logger.info(_('\n'
|
70
|
+
'WARNING: Excluding %d package%s due to foreman-protector. \n'
|
71
|
+
'Use foreman-maintain packages install/update <package> \n'
|
72
|
+
'to safely install packages without restrictions.\n'
|
73
|
+
'Use foreman-maintain upgrade run for full upgrade.\n'
|
74
|
+
% (total, suffix)))
|
75
|
+
else:
|
76
|
+
logger.info(_('\n'
|
77
|
+
'Nothing excluded by foreman-protector!\n'))
|
File without changes
|
@@ -1,13 +1,8 @@
|
|
1
1
|
module ForemanMaintain::PackageManager
|
2
2
|
# rubocop:disable Lint/UnusedMethodArgument
|
3
3
|
class Base
|
4
|
-
#
|
5
|
-
def
|
6
|
-
raise NotImplementedError
|
7
|
-
end
|
8
|
-
|
9
|
-
# make sure the version locking tools are configured
|
10
|
-
def install_version_locking(assumeyes: false)
|
4
|
+
# confirms that Package Manager supports the locking mechanism
|
5
|
+
def version_locking_supported?
|
11
6
|
raise NotImplementedError
|
12
7
|
end
|
13
8
|
|
@@ -2,7 +2,6 @@ module ForemanMaintain::PackageManager
|
|
2
2
|
class Yum < Base
|
3
3
|
PROTECTOR_CONFIG_FILE = '/etc/yum/pluginconf.d/foreman-protector.conf'.freeze
|
4
4
|
PROTECTOR_WHITELIST_FILE = '/etc/yum/pluginconf.d/foreman-protector.whitelist'.freeze
|
5
|
-
PROTECTOR_PLUGIN_FILE = '/usr/lib/yum-plugins/foreman-protector.py'.freeze
|
6
5
|
|
7
6
|
def self.parse_envra(envra)
|
8
7
|
# envra format: 0:foreman-1.20.1.10-1.el7sat.noarch
|
@@ -19,18 +18,17 @@ module ForemanMaintain::PackageManager
|
|
19
18
|
end
|
20
19
|
|
21
20
|
def versions_locked?
|
22
|
-
!!(protector_config =~ /^\s*enabled\s*=\s*1/)
|
21
|
+
!!(protector_config =~ /^\s*enabled\s*=\s*1/) &&
|
22
|
+
protector_whitelist_file_nonzero?
|
23
23
|
end
|
24
24
|
|
25
|
-
def
|
26
|
-
File.exist?(
|
27
|
-
File.
|
25
|
+
def protector_whitelist_file_nonzero?
|
26
|
+
File.exist?(PROTECTOR_WHITELIST_FILE) &&
|
27
|
+
!File.zero?(PROTECTOR_WHITELIST_FILE)
|
28
28
|
end
|
29
29
|
|
30
|
-
def
|
31
|
-
|
32
|
-
install_extras('foreman_protector/foreman-protector.conf', PROTECTOR_CONFIG_FILE)
|
33
|
-
install_extras('foreman_protector/foreman-protector.whitelist', PROTECTOR_WHITELIST_FILE)
|
30
|
+
def version_locking_supported?
|
31
|
+
true
|
34
32
|
end
|
35
33
|
|
36
34
|
def installed?(packages)
|
@@ -49,6 +47,10 @@ module ForemanMaintain::PackageManager
|
|
49
47
|
yum_action('install', packages, :assumeyes => assumeyes)
|
50
48
|
end
|
51
49
|
|
50
|
+
def reinstall(packages, assumeyes: false)
|
51
|
+
yum_action('reinstall', packages, :assumeyes => assumeyes)
|
52
|
+
end
|
53
|
+
|
52
54
|
def remove(packages, assumeyes: false)
|
53
55
|
yum_action('remove', packages, :assumeyes => assumeyes)
|
54
56
|
end
|
@@ -129,14 +131,5 @@ module ForemanMaintain::PackageManager
|
|
129
131
|
:interactive => !assumeyes, :valid_exit_statuses => valid_exit_statuses)
|
130
132
|
end
|
131
133
|
end
|
132
|
-
|
133
|
-
def install_extras(src, dest, override: false)
|
134
|
-
extras_src = File.expand_path('../../../../extras', __FILE__)
|
135
|
-
if override ||
|
136
|
-
(File.directory?(dest) && !File.exist?(File.join(dest, src))) ||
|
137
|
-
!File.exist?(dest)
|
138
|
-
FileUtils.cp(File.join(extras_src, src), dest)
|
139
|
-
end
|
140
|
-
end
|
141
134
|
end
|
142
135
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: foreman_maintain
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ivan Nečas
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-04-
|
11
|
+
date: 2022-04-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: clamp
|
@@ -184,7 +184,6 @@ files:
|
|
184
184
|
- definitions/checks/server_ping.rb
|
185
185
|
- definitions/checks/services_up.rb
|
186
186
|
- definitions/checks/system_registration.rb
|
187
|
-
- definitions/checks/version_locking_enabled.rb
|
188
187
|
- definitions/features/apache.rb
|
189
188
|
- definitions/features/candlepin.rb
|
190
189
|
- definitions/features/candlepin_database.rb
|
@@ -361,9 +360,10 @@ files:
|
|
361
360
|
- definitions/scenarios/upgrade_to_satellite_6_9.rb
|
362
361
|
- definitions/scenarios/upgrade_to_satellite_6_9_z.rb
|
363
362
|
- extras/foreman-maintain.sh
|
363
|
+
- extras/foreman_protector/dnf/foreman-protector.py
|
364
364
|
- extras/foreman_protector/foreman-protector.conf
|
365
|
-
- extras/foreman_protector/foreman-protector.py
|
366
365
|
- extras/foreman_protector/foreman-protector.whitelist
|
366
|
+
- extras/foreman_protector/yum/foreman-protector.py
|
367
367
|
- extras/passenger-recycler.cron
|
368
368
|
- lib/foreman_maintain.rb
|
369
369
|
- lib/foreman_maintain/check.rb
|
@@ -1,14 +0,0 @@
|
|
1
|
-
module Checks
|
2
|
-
class VersionLockingEnabled < ForemanMaintain::Check
|
3
|
-
metadata do
|
4
|
-
description 'Check if tooling for package locking is installed'
|
5
|
-
end
|
6
|
-
|
7
|
-
def run
|
8
|
-
enabled = package_manager.version_locking_enabled?
|
9
|
-
enable_locking = Procedures::Packages::EnableVersionLocking.new(:assumeyes => assumeyes?)
|
10
|
-
assert(enabled, 'Tools for package version locking are not available on this system',
|
11
|
-
:next_steps => enable_locking)
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|