katello 4.13.0.rc1 → 4.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bd34bfe58b23b1d93a3997cebe69df8ee33721ed70f580c6e9702f7fc6ba6bd2
-  data.tar.gz: 0c11d4179198241b8086a718fd240ae3c91af22a9912637aa88b9e2534fb11ff
+  metadata.gz: 24a3d52ddfd156ad5a11c37f63def11242d86b6c67f7e7b5e97cbad375ec0ffa
+  data.tar.gz: f307cdc997b68aac82c1f7a9b5d9e380eb9c8a93dcacd7e87a3a05dd6c5589c5
 SHA512:
-  metadata.gz: 8007ac10ec5431af852d6ed99534aaa40b986c2f007769a591f32d59a47afdc9f7535e850bfb6c263d9301476776a31f4b6ecc5223e76083a3923e92db66ca6e
-  data.tar.gz: b2d7cfadb5189daa8be9bba7ddd8b4bd4b17993ed64ff2db28a87738f9bab6a7f0ef8242c2e599293307530625cb56aebc33b62f876386b58e38cbc73c50020a
+  metadata.gz: c188709e872b9e152963f860462b267a480533e7634d5804708838df3701cade9ec0dc8d9c0bc72423bccd93383947a7b1d5a4a624a03245a4b8784c9c73a36e
+  data.tar.gz: 3caf9ffe2eda0fb1f1f3593f1e2badcc92946a483c16f448421193faf067960b73380c81bc2349a6c9bef4b64550ee6410afbf926157b0d132533897614dfc6d

data/app/controllers/katello/api/registry/registry_proxies_controller.rb

@@ -3,15 +3,14 @@ module Katello
   class Api::Registry::RegistryProxiesController < Api::V2::ApiController
     before_action :disable_strong_params
     before_action :confirm_settings
-    before_action :confirm_push_settings, only: [:start_upload_blob, :upload_blob, :finish_upload_blob,
-                                                 :push_manifest]
     skip_before_action :authorize
     before_action :optional_authorize, only: [:token, :catalog]
     before_action :registry_authorize, except: [:token, :v1_search, :catalog]
     before_action :authorize_repository_read, only: [:pull_manifest, :tags_list]
-    # TODO: authorize_repository_write commented out until Katello indexes Pulp container push repositories.
-    # before_action :authorize_repository_write, only: [:start_upload_blob, :upload_blob, :finish_upload_blob,
-    #                                                   :push_manifest]
+    # TODO: authorize_repository_write commented out due to container push changes. Additional task needed to fix.
+    # before_action :authorize_repository_write, only: [:start_upload_blob, :upload_blob, :finish_upload_blob, :push_manifest]
+    before_action :container_push_prop_validation, only: [:start_upload_blob, :upload_blob, :finish_upload_blob, :push_manifest]
+    before_action :create_container_repo_if_needed, only: [:start_upload_blob, :upload_blob, :finish_upload_blob, :push_manifest]
     skip_before_action :check_media_type, only: [:start_upload_blob, :upload_blob, :finish_upload_blob,
                                                  :push_manifest]
 
@@ -85,6 +84,301 @@ module Katello
       return false
     end
 
+    def container_push_prop_validation(props = nil)
+      # Handle validation and repo creation for container pushes before talking to pulp
+      return false unless confirm_push_settings
+      props = parse_blob_push_props if props.nil?
+      return false unless check_blob_push_field_syntax(props)
+
+      # validate input and find the org and product either using downcase label or id
+      if props[:schema] == "label"
+        return false unless check_blob_push_org_label(props)
+        return false unless check_blob_push_product_label(props)
+      else
+        return false unless check_blob_push_org_id(props)
+        return false unless check_blob_push_product_id(props)
+      end
+
+      return false unless check_blob_push_container(props)
+      true
+    end
+
+    def parse_blob_push_props(path_string = nil)
+      # path string should follow one of these formats:
+      #   - /v2/{org_label}/{product_label}/{name}/blobs/uploads...
+      #   - /v2/id/{org_id}/{product_id}/{name}/blobs/uploads...
+      #   - /v2/{org_label}/{product_label}/{name}/manifests/...
+      #   - /v2/id/{org_id}/{product_id}/{name}/manifests/...
+      # inputs not matching format will return {valid_format: false}
+      path_string = @_request.fullpath if path_string.nil?
+      segments = path_string.split('/')
+
+      if segments.length >= 7 && segments[0] == "" && segments[1] == "v2" &&
+        segments[2] != "id" && (segments[5] == "blobs" || segments[5] == "manifests")
+
+        return {
+          valid_format: true,
+          schema: "label",
+          organization: segments[2],
+          product: segments[3],
+          name: segments[4]
+        }
+      elsif segments.length >= 8 && segments[0] == "" && segments[1] == "v2" &&
+        segments[2] == "id" && (segments[6] == "blobs" || segments[6] == "manifests")
+
+        return {
+          valid_format: true,
+          schema: "id",
+          organization: segments[3],
+          product: segments[4],
+          name: segments[5]
+        }
+      else
+        return {valid_format: false}
+      end
+    end
+
+    def check_blob_push_field_syntax(props)
+      # check basic url field syntax
+      unless props[:valid_format]
+        return render_podman_error(
+          "NAME_INVALID",
+          "Invalid format. Container pushes should follow 'organization_label/product_label/name' OR 'id/organization_id/product_id/name' schema.",
+          :bad_request
+        )
+      end
+      return true
+    end
+
+    # rubocop:disable Metrics/MethodLength
+    def check_blob_push_org_label(props)
+      org_label = props[:organization]
+      unless org_label.present? && org_label.length > 0
+        return render_podman_error(
+          "NAME_INVALID",
+          "Invalid format. Organization label cannot be blank.",
+          :bad_request
+        )
+      end
+      org = Organization.where("LOWER(label) = '#{org_label}'") # convert to lowercase
+      # reject ambiguous orgs (possible due to lowercase conversion)
+      if org.length > 1
+        # Determine if the repo already exists in one of the possible products. If yes,
+        # inform the user they need to destroy the existing repo and use the ID format
+        unless props[:product].blank? || props[:name].blank?
+          org.each do |o|
+            products = get_matching_products_from_org(o, props[:product])
+            products.each do |prod|
+              root_repos = get_root_repo_from_product(prod, props[:name])
+              unless root_repos.empty?
+                return render_podman_error(
+                  "NAME_INVALID",
+                  "Due to a change in your organizations, this container name has become "\
+                    "ambiguous (org name '#{org_label}'). If you wish to continue using this "\
+                    "container name, destroy the organization in conflict with '#{o.name} (id "\
+                    "#{o.id}). If you wish to keep both orgs, destroy '#{o.label}/#{prod.label}/"\
+                    "#{root_repos.first.label}' and retry your push using the id format.",
+                  :conflict
+                )
+              end
+            end
+          end
+        end
+
+        # Otherwise tell them to try pushing with ID format
+        return render_podman_error(
+          "NAME_INVALID",
+          "Organization label '#{org_label}' is ambiguous. Try using an id-based container name.",
+          :conflict
+        )
+      end
+      if org.length == 0
+        return render_podman_error(
+          "NAME_UNKNOWN",
+          "Organization not found: '#{org_label}'",
+          :not_found
+        )
+      end
+      @organization = org.first
+      true
+    end
+
+    def check_blob_push_org_id(props)
+      org_id = props[:organization]
+      unless org_id.present? && org_id == org_id.to_i.to_s
+        return render_podman_error(
+          "NAME_INVALID",
+          "Invalid format. Organization id must be an integer without leading zeros.",
+          :bad_request
+        )
+      end
+      @organization = Organization.find_by_id(org_id.to_i)
+      if @organization.nil?
+        return render_podman_error(
+          "NAME_UNKNOWN",
+          "Organization id not found: '#{org_id}'",
+          :not_found
+        )
+      end
+      true
+    end
+
+    def check_blob_push_product_label(props)
+      prod_label = props[:product]
+      unless prod_label.present? && prod_label.length > 0
+        return render_podman_error(
+          "NAME_INVALID",
+          "Invalid format. Product label cannot be blank.",
+          :bad_request
+        )
+      end
+      product = get_matching_products_from_org(@organization, prod_label)
+      # reject ambiguous products (possible due to lowercase conversion)
+      if product.length > 1
+        # Determine if the repo already exists in one of the possible products. If yes,
+        # inform the user they need to destroy the existing repo and use the ID format
+        unless props[:name].blank?
+          product.each do |prod|
+            root_repos = get_root_repo_from_product(prod, props[:name])
+            unless root_repos.empty?
+              return render_podman_error(
+                "NAME_INVALID",
+                "Due to a change in your products, this container name has become ambiguous "\
+                  "(product name '#{prod_label}'). If you wish to continue using this container "\
+                  "name, destroy the product in conflict with '#{prod.name}' (id #{prod.id}). If "\
+                  "you wish to keep both products, destroy '#{@organization.label}/#{prod.label}/"\
+                  "#{root_repos.first.label}' and retry your push using the id format.",
+                :conflict
+              )
+            end
+          end
+        end
+
+        return render_podman_error(
+          "NAME_INVALID",
+          "Product label '#{prod_label}' is ambiguous. Try using an id-based container name.",
+          :conflict
+        )
+      end
+      if product.length == 0
+        return render_podman_error(
+          "NAME_UNKNOWN",
+          "Product not found: '#{prod_label}'",
+          :not_found
+        )
+      end
+      @product = product.first
+      true
+    end
+
+    def check_blob_push_product_id(props)
+      prod_id = props[:product]
+      unless prod_id.present? && prod_id == prod_id.to_i.to_s
+        return render_podman_error(
+          "NAME_INVALID",
+          "Invalid format. Product id must be an integer without leading zeros.",
+          :bad_request
+        )
+      end
+      @product = @organization.products.find_by_id(prod_id.to_i)
+      if @product.nil?
+        return render_podman_error(
+          "NAME_UNKNOWN",
+          "Product id not found: '#{prod_id}'",
+          :not_found
+        )
+      end
+      true
+    end
+
+    def get_matching_products_from_org(organization, product_label)
+      return organization.products.where("LOWER(label) = '#{product_label}'") # convert to lowercase
+    end
+
+    def get_root_repo_from_product(product, root_repo_name)
+      return product.root_repositories.where(label: root_repo_name)
+    end
+
+    def check_blob_push_container(props)
+      unless props[:name].present? && props[:name].length > 0
+        return render_podman_error(
+          "NAME_INVALID",
+          "Invalid format. Container name cannot be blank.",
+          :bad_request
+        )
+      end
+
+      @container_name = props[:name]
+      @container_push_name_format = props[:schema]
+      if @container_push_name_format == "label"
+        @container_path_input = "#{props[:organization]}/#{props[:product]}/#{props[:name]}"
+      else
+        @container_path_input = "id/#{props[:organization]}/#{props[:product]}/#{props[:name]}"
+      end
+
+      # If the repo already exists, check if the existing push format matches
+      root_repo = get_root_repo_from_product(@product, @container_name).first
+      if !root_repo.nil? && @container_push_name_format != root_repo.container_push_name_format
+        return render_podman_error(
+          "NAME_INVALID",
+          "Repository name '#{@container_name}' already exists in this product using a different naming scheme. Please retry your request with the #{root_repo.container_push_name_format} format or destroy and recreate the repository using your preferred schema.",
+          :conflict
+        )
+      end
+
+      true
+    end
+
+    def create_container_repo_if_needed
+      if get_root_repo_from_product(@product, @container_name).empty?
+        root = @product.add_repo(
+          name: @container_name,
+          label: @container_name,
+          download_policy: 'immediate',
+          content_type: Repository::DOCKER_TYPE,
+          unprotected: true,
+          is_container_push: true,
+          container_push_name: @container_path_input,
+          container_push_name_format: @container_push_name_format
+        )
+        sync_task(::Actions::Katello::Repository::CreateRoot, root, @container_path_input)
+      end
+    end
+
+    def blob_push_cleanup
+      # after manifest upload, index content and set version href using pulp api
+      root_repo = get_root_repo_from_product(@product, @container_name)&.first
+      instance_repo = root_repo&.library_instance
+
+      unless root_repo.present? && instance_repo.present?
+        return render_podman_error(
+          "BLOB_UPLOAD_UNKNOWN",
+          "Could not locate local uploaded repository for content indexing.",
+          :not_found
+        )
+      end
+
+      api = ::Katello::Pulp3::Repository.api(SmartProxy.pulp_primary, ::Katello::Repository::DOCKER_TYPE).container_push_api
+      api_response = api.list(name: @container_path_input)&.results&.first
+      latest_version_href = api_response&.latest_version_href
+      pulp_href = api_response&.pulp_href
+
+      if latest_version_href.empty? || pulp_href.empty?
+        return render_podman_error(
+          "BLOB_UPLOAD_UNKNOWN",
+          "Could not locate repository properties for content indexing.",
+          :not_found
+        )
+      end
+
+      instance_repo.update!(version_href: latest_version_href)
+      ::Katello::Pulp3::RepositoryReference.where(root_repository_id: instance_repo.root_id,
+        content_view_id: instance_repo.content_view.id, repository_href: pulp_href).create!
+      instance_repo.index_content
+
+      true
+    end
+
     def find_writable_repository
       Repository.docker_type.syncable.find_by_container_repository_name(params[:repository])
     end
@@ -205,17 +499,6 @@ module Katello
       redirect_client { Resources::Registry::Proxy.get(@_request.fullpath, headers, max_redirects: 0) }
     end
 
-    def push_manifest
-      headers = translated_headers_for_proxy
-      headers['Content-Type'] = request.headers['Content-Type'] if request.headers['Content-Type']
-      body = @_request.body.read
-      pulp_response = Resources::Registry::Proxy.put(@_request.fullpath, body, headers)
-      pulp_response.headers.each do |key, value|
-        response.header[key.to_s] = value
-      end
-      head pulp_response.code
-    end
-
     def start_upload_blob
       headers = translated_headers_for_proxy
       headers['Content-Type'] = request.headers['Content-Type'] if request.headers['Content-Type']
@@ -225,6 +508,7 @@ module Katello
       pulp_response.headers.each do |key, value|
         response.header[key.to_s] = value
       end
+
       head pulp_response.code
     end
 
@@ -268,6 +552,21 @@ module Katello
       head pulp_response.code
     end
 
+    def push_manifest
+      headers = translated_headers_for_proxy
+      headers['Content-Type'] = request.headers['Content-Type'] if request.headers['Content-Type']
+      body = @_request.body.read
+      pulp_response = Resources::Registry::Proxy.put(@_request.fullpath, body, headers)
+      pulp_response.headers.each do |key, value|
+        response.header[key.to_s] = value
+      end
+
+      cleanup_result = blob_push_cleanup if pulp_response.code.between?(200, 299)
+      return false unless cleanup_result
+
+      head pulp_response.code
+    end
+
     def ping
       response.headers['Docker-Distribution-API-Version'] = 'registry/2.0'
       render json: {}, status: :ok
@@ -278,10 +577,10 @@ module Katello
     end
 
     def v1_search
-      # Checks for podman client and issues a 404 in that case. Podman
+      # Checks for v2 client and issues a 404 in that case. Podman
       # examines the response from a /v1_search request. If the result
       # is a 4XX, it will then proceed with a request to /_catalog
-      if request.headers['HTTP_USER_AGENT'].downcase.include?('libpod')
+      if request.headers['HTTP_DOCKER_DISTRIBUTION_API_VERSION'] == 'registry/2.0'
         render json: {}, status: :not_found
         return
       end
@@ -423,8 +722,11 @@ module Katello
 
     def confirm_push_settings
       return true if SETTINGS.dig(:katello, :container_image_registry, :allow_push)
-      render_error('custom_error', :status => :not_found,
-                   :locals => { :message => "Registry push not supported" })
+      render_podman_error(
+        "UNSUPPORTED",
+        "Registry push is not enabled. To enable, add ':katello:'->':container_image_registry:'->':allow_push: true' in the katello settings file.",
+        :unprocessable_entity
+      )
     end
 
     def request_url
@@ -446,10 +748,19 @@ module Katello
       Rails.logger.debug "With body: #{filter_sensitive_data(response.body)}\n" unless route_name == 'pull_blob'
     end
 
+    def render_podman_error(code, message, status = :bad_request)
+      # Renders a podman-compatible error and returns false.
+      #     code: uppercase string code from opencontainer error code spec:
+      #         https://specs.opencontainers.org/distribution-spec/?v=v1.0.0#DISTRIBUTION-SPEC-140
+      #     message: a custom error string
+      #     status: a symbol in the 400 block of the rails response code table:
+      #         https://guides.rubyonrails.org/layouts_and_rendering.html#the-status-option
+      render json: {errors: [{code: code, message: message}]}, status: status
+      false
+    end
+
     def item_not_found(item)
-      msg = "#{item} was not found!"
-      # returning errors based on registry specifications in https://docs.docker.com/registry/spec/api/#errors
-      render json: {errors: [code: :invalid_request, message: msg, details: msg]}, status: :not_found
+      render_podman_error("NAME_UNKNOWN", "#{item} was not found!", :not_found)
     end
   end
 end

data/app/controllers/katello/api/v2/repositories_controller.rb

@@ -48,7 +48,7 @@ Pass [] to make repo available for clients regardless of OS version. Maximum len
       param :ssl_client_cert_id, :number, :desc => N_("Identifier of the content credential containing the SSL Client Cert"), :allow_nil => true
       param :ssl_client_key_id, :number, :desc => N_("Identifier of the content credential containing the SSL Client Key"), :allow_nil => true
       param :unprotected, :bool, :desc => N_("true if this repository can be published via HTTP")
-      param :checksum_type, String, :desc => N_("Checksum of the repository, currently 'sha1' & 'sha256' are supported")
+      param :checksum_type, String, :desc => N_("Checksum used for published repository contents. Supported types: %s") % Katello::RootRepository::CHECKSUM_TYPES.join(', ')
       param :docker_upstream_name, String, :desc => N_("Name of the upstream docker repository")
       param :include_tags, Array, :desc => N_("Comma-separated list of tags to sync for a container image repository")
       param :exclude_tags, Array, :desc => N_("Comma-separated list of tags to exclude when syncing a container image repository. Default: any tag ending in \"-source\"")

data/app/lib/actions/katello/capsule_content/sync_capsule.rb

@@ -69,8 +69,13 @@ module Actions
         end
 
         def update_content_counts(_execution_plan)
-          smart_proxy = ::SmartProxy.unscoped.find(input[:smart_proxy_id])
-          ::ForemanTasks.async_task(::Actions::Katello::CapsuleContent::UpdateContentCounts, smart_proxy)
+          if Setting[:automatic_content_count_updates]
+            smart_proxy = ::SmartProxy.unscoped.find(input[:smart_proxy_id])
+            ::ForemanTasks.async_task(::Actions::Katello::CapsuleContent::UpdateContentCounts, smart_proxy)
+          else
+            Rails.logger.info "Skipping content counts update as automatic content count updates are disabled. To enable automatic content count updates, set the 'automatic_content_count_updates' setting to true.
+To update content counts manually, run the 'Update Content Counts' action."
+          end
         end
 
         def resource_locks

data/app/lib/actions/katello/organization/manifest_delete.rb

@@ -16,10 +16,15 @@ module Actions
             repositories.each do |repo|
               plan_action(Katello::Repository::RefreshRepository, repo)
             end
-            plan_self
+            plan_self(:organization_name => organization.name)
           end
         end
 
+        def run
+          organization = ::Organization.find_by(name: input[:organization_name])
+          organization&.manifest_expiration_date(cached: false) # update organization.manifest_imported? value
+        end
+
         def failure_notification(plan)
           ::Katello::UINotifications::Subscriptions::ManifestDeleteError.deliver!(
             :subject => subject_organization,

data/app/lib/actions/katello/repository/create.rb

@@ -13,10 +13,13 @@ module Actions
 
           org = repository.organization
           sequence do
-            create_action = plan_action(Pulp3::Orchestration::Repository::Create,
-                                        repository, SmartProxy.pulp_primary, force_repo_create)
-
-            return if create_action.error
+            # Container push repositories will already be in pulp. The version_href is
+            # directly updated after a push.
+            unless root.is_container_push
+              create_action = plan_action(Pulp3::Orchestration::Repository::Create,
+                                          repository, SmartProxy.pulp_primary, force_repo_create)
+              return if create_action.error
+            end
 
             # when creating a clone, the following actions are handled by the
             # publish/promote process
@@ -32,13 +35,16 @@ module Actions
               end
             end
 
-            concurrence do
-              plan_self(:repository_id => repository.id, :clone => clone)
-              if !clone && repository.url.present?
-                repository.product.alternate_content_sources.with_type(repository.content_type).each do |acs|
-                  acs.smart_proxies.each do |smart_proxy|
-                    smart_proxy_acs = ::Katello::SmartProxyAlternateContentSource.create(alternate_content_source_id: acs.id, smart_proxy_id: smart_proxy.id, repository_id: repository.id)
-                    plan_action(Pulp3::Orchestration::AlternateContentSource::Create, smart_proxy_acs)
+            # Container push repos do not need metadata generation or ACS (they do not sync)
+            unless root.is_container_push
+              concurrence do
+                plan_self(:repository_id => repository.id, :clone => clone)
+                if !clone && repository.url.present?
+                  repository.product.alternate_content_sources.with_type(repository.content_type).each do |acs|
+                    acs.smart_proxies.each do |smart_proxy|
+                      smart_proxy_acs = ::Katello::SmartProxyAlternateContentSource.create(alternate_content_source_id: acs.id, smart_proxy_id: smart_proxy.id, repository_id: repository.id)
+                      plan_action(Pulp3::Orchestration::AlternateContentSource::Create, smart_proxy_acs)
+                    end
                   end
                 end
               end

data/app/lib/actions/katello/repository/create_root.rb

@@ -2,13 +2,15 @@ module Actions
   module Katello
     module Repository
       class CreateRoot < Actions::EntryAction
-        def plan(root)
+        def plan(root, relative_path = nil)
           root.save!
           repository = ::Katello::Repository.new(:environment => root.organization.library,
                                       :content_view_version => root.organization.library.default_content_view_version,
                                       :root => root)
-          repository.relative_path = repository.custom_repo_path
+          repository.container_repository_name = relative_path
+          repository.relative_path = relative_path || repository.custom_repo_path
           repository.save!
+
           action_subject(repository)
           plan_action(::Actions::Katello::Repository::Create, repository)
         end

data/app/lib/actions/katello/upstream_subscriptions/bind_entitlement.rb

@@ -4,7 +4,7 @@ module Actions
       class BindEntitlement < Actions::Base
         def run
           output[:response] = ::Katello::Resources::Candlepin::UpstreamConsumer
-            .bind_entitlement(pool)
+            .bind_entitlement(**pool)
         end
 
         def humanized_name

data/app/lib/actions/pulp3/orchestration/orphan_cleanup/remove_orphans.rb

@@ -14,6 +14,7 @@ module Actions
                   plan_action(Actions::Pulp3::OrphanCleanup::DeleteOrphanRemotes, proxy)
                 end
                 plan_action(Actions::Pulp3::OrphanCleanup::RemoveOrphans, proxy)
+                plan_action(Actions::Pulp3::OrphanCleanup::PurgeCompletedTasks, proxy)
               end
             end
           end

data/app/lib/actions/pulp3/orphan_cleanup/purge_completed_tasks.rb

@@ -0,0 +1,15 @@
+module Actions
+  module Pulp3
+    module OrphanCleanup
+      class PurgeCompletedTasks < Pulp3::AbstractAsyncTask
+        def plan(smart_proxy)
+          plan_self(:smart_proxy_id => smart_proxy.id)
+        end
+
+        def run
+          output[:pulp_tasks] = ::Katello::Pulp3::Api::Core.new(smart_proxy).purge_completed_tasks
+        end
+      end
+    end
+  end
+end

data/app/models/katello/content_view.rb

@@ -454,6 +454,8 @@ module Katello
           ).each do |facet|
             facet.update_applicability_counts
             facet.update_errata_status
+          rescue NoMethodError
+            Rails.logger.warn _('Errata statuses not updated for deleted content facet with UUID %s') % facet.uuid
           end
         end
       end

data/app/models/katello/glue/pulp/repos.rb

@@ -133,7 +133,14 @@ module Katello
 
         repo_param[:mirroring_policy] = Katello::RootRepository::MIRRORING_POLICY_ADDITIVE if repo_param[:mirroring_policy].blank?
 
-        RootRepository.new(repo_param.merge(:product_id => self.id))
+        repo_param = repo_param.merge(:product_id => self.id)
+
+        # Container push may concurrently call root add several times before the db can update.
+        if repo_param[:is_container_push]
+          RootRepository.create_or_find_by!(repo_param)
+        else
+          RootRepository.new(repo_param)
+        end
       end
     end
   end

data/app/models/katello/repository.rb

@@ -118,7 +118,7 @@ module Katello
     end}
 
     before_validation :set_pulp_id
-    before_validation :set_container_repository_name, :if => :docker?
+    before_validation :set_container_repository_name, :unless => :skip_container_name?
 
     scope :has_url, -> { joins(:root).where.not("#{RootRepository.table_name}.url" => nil) }
     scope :on_demand, -> { joins(:root).where("#{RootRepository.table_name}.download_policy" => ::Katello::RootRepository::DOWNLOAD_ON_DEMAND) }
@@ -268,6 +268,10 @@ module Katello
       self.content_view_version.content_view
     end
 
+    def skip_container_name?
+      self.library_instance? && self.root.docker? && self.root.is_container_push
+    end
+
     def library_instance?
       self.content_view.default?
     end

data/app/models/katello/root_repository.rb

@@ -17,7 +17,7 @@ module Katello
     DOWNLOAD_POLICIES = [DOWNLOAD_IMMEDIATE, DOWNLOAD_ON_DEMAND].freeze
 
     IGNORABLE_CONTENT_UNIT_TYPES = %w(srpm treeinfo).freeze
-    CHECKSUM_TYPES = %w(sha1 sha256).freeze
+    CHECKSUM_TYPES = %w(sha256 sha384 sha512).freeze
 
     SUBSCRIBABLE_TYPES = [Repository::YUM_TYPE, Repository::OSTREE_TYPE, Repository::DEB_TYPE].freeze
     SKIPABLE_METADATA_TYPES = [Repository::YUM_TYPE, Repository::DEB_TYPE].freeze
@@ -112,6 +112,8 @@ module Katello
         only_integer: true
       }
 
+    validates :container_push_name_format, inclusion: { in: ['label', 'id'].freeze, allow_nil: true}
+
     scope :subscribable, -> { where(content_type: RootRepository::SUBSCRIBABLE_TYPES) }
     scope :skipable_metadata_check, -> { where(content_type: RootRepository::SKIPABLE_METADATA_TYPES) }
     scope :has_url, -> { where.not(:url => nil) }
@@ -195,7 +197,7 @@ module Katello
     def ensure_docker_repo_unprotected
       unless unprotected
         errors.add(:base, _("Container Image Repositories are not protected at this time. " \
-                             "They need to be published via http to be available to containers."))
+                            "They need to be published via http to be available to containers."))
       end
     end
 

data/app/models/katello/trace_status.rb

@@ -36,7 +36,7 @@ module Katello
     end
 
     def to_status(_options = {})
-      traces = host.host_traces.pluck(:app_type)
+      traces = host.host_traces.reload.pluck(:app_type)
       traces.delete(Katello::HostTracer::TRACE_APP_TYPE_SESSION)
 
       if traces.include?(Katello::HostTracer::TRACE_APP_TYPE_STATIC)

data/app/services/katello/pulp3/api/core.rb

@@ -176,6 +176,14 @@ module Katello
           nil
         end
 
+        def purge_class
+          PulpcoreClient::Purge
+        end
+
+        def purge_completed_tasks
+          tasks_api.purge(purge_class.new(finished_before: DateTime.now - Setting[:completed_pulp_task_protection_days]))
+        end
+
         def delete_orphans
           [orphans_api.cleanup(PulpcoreClient::OrphansCleanup.new(orphan_protection_time: (smart_proxy.pulp_mirror? ? 0 : Setting[:orphan_protection_time])))]
         end

data/app/services/katello/pulp3/api/docker.rb

@@ -15,6 +15,10 @@ module Katello
         def recursive_add_api
           PulpContainerClient::ContainerRecursiveAddApi.new(api_client)
         end
+
+        def container_push_api
+          PulpContainerClient::RepositoriesContainerPushApi.new(api_client)
+        end
       end
     end
   end

data/app/services/katello/pulp3/repository/yum.rb

@@ -22,12 +22,7 @@ module Katello
 
         def publication_options(repository_version)
           options = super(repository_version)
-          options.merge(
-            {
-              metadata_checksum_type: root.checksum_type,
-              package_checksum_type: root.checksum_type
-            }
-          )
+          options.merge(checksum_type: root.checksum_type)
         end
 
         def specific_create_options

data/app/views/foreman/smart_proxies/_content_tab.html.erb

@@ -1,3 +1,5 @@
-<%= javascript_include_tag *webpack_asset_paths('katello', extension: 'js') %>
+<% content_for(:javascripts) do %>
+    <%= webpacked_plugins_js_for :katello %>
+<% end %>
 <% @smartProxyId= @smart_proxy.id %>
 <%= react_component('Content', smartProxyId: @smartProxyId, organizationId: Organization.current&.id,)  %>

data/db/migrate/20240520142245_add_container_push_props_to_repo.rb

@@ -0,0 +1,7 @@
+class AddContainerPushPropsToRepo < ActiveRecord::Migration[6.1]
+  def change
+    add_column :katello_root_repositories, :is_container_push, :boolean, default: false
+    add_column :katello_root_repositories, :container_push_name, :string, default: nil
+    add_column :katello_root_repositories, :container_push_name_format, :string, default: nil
+  end
+end

data/db/migrate/20240531193030_remove_sha1_repository_checksum_type.rb

@@ -0,0 +1,10 @@
+class RemoveSha1RepositoryChecksumType < ActiveRecord::Migration[6.1]
+  def up
+    ::Katello::Repository.where(saved_checksum_type: 'sha1').update(saved_checksum_type: nil)
+    ::Katello::RootRepository.where(checksum_type: 'sha1').update(checksum_type: nil)
+  end
+
+  def down
+    fail ActiveRecord::IrreversibleMigration
+  end
+end

data/engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/checksum.service.js

@@ -10,7 +10,12 @@
 angular.module('Bastion.repositories').service('Checksum',
     ['translate', function (translate) {
 
-        this.checksums = [{name: translate('Default'), id: null}, {id: 'sha256', name: 'sha256'}, {id: 'sha1', name: 'sha1'}];
+        this.checksums = [
+            {name: translate('Default'), id: null},
+            {id: 'sha256', name: 'sha256'},
+            {id: 'sha384', name: 'sha384'},
+            {id: 'sha512', name: 'sha512'}
+        ];
 
         this.checksumType = function (checksum) {
             if (checksum === null) {

data/engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/new/views/new-repository.html

@@ -371,9 +371,6 @@
                 ng-model="repository.checksum_type"
                 ng-options="type.id as type.name for type in checksums">
         </select>
-        <p class="help-block" translate>
-          For older operating systems such as Red Hat Enterprise Linux 5 or CentOS 5 it is recommended to use sha1.
-        </p>
       </div>
 
       <div class="checkbox" ng-hide="repository.content_type === 'docker' || repository.content_type === 'ansible_collection'">

data/lib/katello/plugin.rb

@@ -634,6 +634,12 @@ Foreman::Plugin.register :katello do
         full_name: N_('Orphaned Content Protection Time'),
         description: N_('Time in minutes before content that is not contained within a repository and has not been accessed is considered orphaned.')
 
+      setting 'completed_pulp_task_protection_days',
+        type: :integer,
+        default: 30,
+        full_name: N_('Completed pulp task protection days'),
+        description: N_('How many days before a completed Pulp task is purged by Orphan Cleanup.')
+
       setting 'remote_execution_prefer_registered_through_proxy',
         type: :boolean,
         default: false,
@@ -651,6 +657,12 @@ Foreman::Plugin.register :katello do
         default: true,
         full_name: N_('Distribute archived content view versions'),
         description: N_("If this is enabled, repositories of content view versions without environments (\"archived\") will be distributed at '/pulp/content/<organization>/content_views/<content view>/X.Y/...'.")
+
+      setting 'automatic_content_count_updates',
+        type: :boolean,
+        default: true,
+        full_name: N_('Calculate content counts on smart proxies automatically'),
+        description: N_("If this is enabled, content counts on smart proxies will be updated automatically after content sync.")
     end
   end
 

data/lib/katello/version.rb

@@ -1,3 +1,3 @@
 module Katello
-  VERSION = "4.13.0.rc1".freeze
+  VERSION = "4.13.0".freeze
 end

data/package.json

@@ -51,7 +51,6 @@
     "angular": "1.8.2",
     "bootstrap-select": "1.13.18",
     "ngreact": "^0.5.0",
-    "query-string": "^6.1.0",
     "react-bootstrap": "^0.32.1",
     "use-deep-compare-effect": "^1.6.1"
   }

data/webpack/components/Content/ContentTable.js

@@ -20,7 +20,6 @@ const ContentTable = ({ content, tableSchema, onPaginationChange }) => {
       loadingText={__('Loading')}
     >
       <Table
-        ouiaId="content-table-table"
         columns={tableSchema}
         rows={results}
         pagination={pagination}

data/webpack/components/Content/__tests__/__snapshots__/ContentTable.test.js.snap

@@ -15,7 +15,6 @@ exports[`Content Table should render and contain appropriate components 1`] = `
     }
     itemCount={2}
     onPaginationChange={[Function]}
-    ouiaId="content-table-table"
     pagination={Object {}}
     rows={
       Array [

data/webpack/scenes/ModuleStreams/ModuleStreamsPage.js

@@ -1,59 +1,53 @@
-import React, { Component } from 'react';
+import React, { useState, useEffect } from 'react';
 import PropTypes from 'prop-types';
-import qs from 'query-string';
+import { useUrlParams } from 'foremanReact/components/PF4/TableIndexPage/Table/TableHooks';
 import { translate as __ } from 'foremanReact/common/I18n';
 import { orgId } from '../../services/api';
 import TableSchema from '../ModuleStreams/ModuleStreamsTableSchema';
 import GenericContentPage from '../../components/Content/GenericContentPage';
 
-class ModuleStreamsPage extends Component {
-  constructor(props) {
-    super(props);
+const ModuleStreamsPage = (props) => {
+  const { searchParam } = useUrlParams();
+  const [searchQuery, setSearchQuery] = useState(searchParam || '');
+  const { getModuleStreams } = props;
 
-    const queryParams = qs.parse(this.props.location.search);
-    this.state = {
-      searchQuery: queryParams.search || '',
-    };
-  }
-
-  componentDidMount() {
-    this.props.getModuleStreams({
-      search: this.state.searchQuery,
+  useEffect(() => {
+    getModuleStreams({
+      search: searchQuery,
     });
-  }
+  }, [getModuleStreams, searchQuery]);
 
-  onPaginationChange = (pagination) => {
-    this.props.getModuleStreams({
+  const onPaginationChange = (pagination) => {
+    props.getModuleStreams({
       ...pagination,
     });
   };
 
-  onSearch = (search) => {
-    this.props.getModuleStreams({ search });
+  const onSearch = (search) => {
+    props.getModuleStreams({ search });
   };
 
-  updateSearchQuery = (searchQuery) => {
-    this.setState({ searchQuery });
+  const updateSearchQuery = (newSearchQuery) => {
+    setSearchQuery(newSearchQuery);
   };
 
-  render() {
-    const { moduleStreams } = this.props;
-    return (
-      <GenericContentPage
-        header={__('Module Streams')}
-        content={moduleStreams}
-        tableSchema={TableSchema}
-        onSearch={this.onSearch}
-        autocompleteEndpoint="/katello/api/v2/module_streams"
-        autocompleteQueryParams={{ organization_id: orgId() }}
-        bookmarkController="katello_module_streams"
-        updateSearchQuery={this.updateSearchQuery}
-        initialInputValue={this.state.searchQuery}
-        onPaginationChange={this.onPaginationChange}
-      />
-    );
-  }
-}
+  const { moduleStreams } = props;
+  return (
+    <GenericContentPage
+      header={__('Module Streams')}
+      content={moduleStreams}
+      tableSchema={TableSchema}
+      onSearch={onSearch}
+      autocompleteEndpoint="/katello/api/v2/module_streams"
+      autocompleteQueryParams={{ organization_id: orgId() }}
+      bookmarkController="katello_module_streams"
+      updateSearchQuery={updateSearchQuery}
+      initialInputValue={searchQuery}
+      onPaginationChange={onPaginationChange}
+    />
+  );
+};
+
 
 ModuleStreamsPage.propTypes = {
   location: PropTypes.shape({

data/webpack/scenes/ModuleStreams/__tests__/ModuleStreamPage.test.js

@@ -1,19 +1,21 @@
 import React from 'react';
 import { shallow } from 'enzyme';
 import toJson from 'enzyme-to-json';
+import * as hooks from 'foremanReact/components/PF4/TableIndexPage/Table/TableHooks';
 import ModuleStreamsPage from '../ModuleStreamsPage';
 import GenericContentPage from '../../../components/Content/GenericContentPage';
 
 describe('Module streams page', () => {
   it('should render and contain appropiate components', async () => {
     const moduleStreams = {};
-    const mockLocation = { search: '' };
+    jest.spyOn(hooks, 'useUrlParams').mockImplementation(() => ({
+      searchParam: '',
+    }));
     const getModuleStreams = () => {};
 
     const wrapper = shallow(<ModuleStreamsPage
       moduleStreams={moduleStreams}
       getModuleStreams={getModuleStreams}
-      location={mockLocation}
     />);
 
     expect(toJson(wrapper)).toMatchSnapshot();

data/webpack/scenes/ModuleStreams/__tests__/__snapshots__/ModuleStreamsTable.test.js.snap

@@ -88,7 +88,6 @@ exports[`Module streams table should render and contain appropiate components 1`
     }
     itemCount={0}
     onPaginationChange={[Function]}
-    ouiaId="content-table-table"
     pagination={Object {}}
     rows={Array []}
   />

data/webpack/scenes/Subscriptions/Manifest/ManageManifestModal.js

@@ -137,6 +137,8 @@ class ManageManifestModal extends Component {
       return name;
     };
 
+    const manifestExpiredMessage = manifestExpirationDate ? __('Your manifest expired on {expirationDate}. To continue using Red Hat content, import a new manifest.') : __('Your manifest has expired. To continue using Red Hat content, import a new manifest.');
+
     return (
       <ForemanModal id={MANAGE_MANIFEST_MODAL_ID} title={__('Manage Manifest')}>
         <Tabs id="manifest-history-tabs">
@@ -181,7 +183,7 @@ class ManageManifestModal extends Component {
                           title={__('Manifest expired')}
                         >
                           <FormattedMessage
-                            defaultMessage={__('Your manifest expired on {expirationDate}. To continue using Red Hat content, import a new manifest.')}
+                            defaultMessage={manifestExpiredMessage}
                             values={{
                               expirationDate: new Date(manifestExpirationDate).toDateString(),
                             }}
@@ -198,7 +200,7 @@ class ManageManifestModal extends Component {
                           {getManifestName()}
                         </Col>
                       </Row>
-                      {isManifestImported && manifestExpirationDate &&
+                      {isManifestImported && Boolean(manifestExpirationDate) &&
                         <Row>
                           <Col sm={5} />
                           <Col sm={7}>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: katello
 version: !ruby/object:Gem::Version
-  version: 4.13.0.rc1
+  version: 4.13.0
 platform: ruby
 authors:
 - N/A
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-30 00:00:00.000000000 Z
+date: 2024-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -965,6 +965,7 @@ files:
 - app/lib/actions/pulp3/orphan_cleanup/delete_orphan_remotes.rb
 - app/lib/actions/pulp3/orphan_cleanup/delete_orphan_repository_versions.rb
 - app/lib/actions/pulp3/orphan_cleanup/delete_orphaned_migrated_repositories.rb
+- app/lib/actions/pulp3/orphan_cleanup/purge_completed_tasks.rb
 - app/lib/actions/pulp3/orphan_cleanup/remove_orphans.rb
 - app/lib/actions/pulp3/orphan_cleanup/remove_unneeded_repos.rb
 - app/lib/actions/pulp3/repository/commit_upload.rb
@@ -2058,6 +2059,8 @@ files:
 - db/migrate/20240207191223_remove_entitlement_mode_host_statuses.rb
 - db/migrate/20240423112842_add_fields_to_katello_docker_manifest.rb
 - db/migrate/20240502192021_change_katello_repository_rpms_id_seq_to_big_int.rb
+- db/migrate/20240520142245_add_container_push_props_to_repo.rb
+- db/migrate/20240531193030_remove_sha1_repository_checksum_type.rb
 - db/seeds.d/101-locations.rb
 - db/seeds.d/102-organizations.rb
 - db/seeds.d/104-proxy.rb
@@ -5392,13 +5395,10 @@ files:
 - webpack/test-utils/nockWrapper.js
 - webpack/test-utils/react-testing-lib-wrapper.js
 - webpack/test_setup.js
-- webpack/utils/__tests__/useParamsWithHash.test.js
 - webpack/utils/helpers.js
-- webpack/utils/paramsFromHash.js
 - webpack/utils/useDebounce.js
 - webpack/utils/useEventListener.js
 - webpack/utils/useKatelloDocUrl.js
-- webpack/utils/useUrlParams.js
 homepage: http://www.katello.org
 licenses:
 - GPL-2.0
@@ -5417,9 +5417,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.4.19
 signing_key:

data/webpack/utils/__tests__/useParamsWithHash.test.js

@@ -1,22 +0,0 @@
-import paramsFromHash from '../paramsFromHash';
-
-test('can parse both hash and query params', () => {
-  const { hash, params: { foo } } = paramsFromHash('#filters?foo=bar');
-  expect(hash).toBe('filters');
-  expect(foo).toBe('bar');
-});
-
-test('can parse just hash', () => {
-  const { hash } = paramsFromHash('#filters');
-  expect(hash).toBe('filters');
-});
-
-test('can parse just query params', () => {
-  const { params: { foo } } = paramsFromHash('?foo=bar');
-  expect(foo).toBe('bar');
-});
-
-test("won't error with blank string", () => {
-  const { hash } = paramsFromHash('');
-  expect(hash).toBe('');
-});

data/webpack/utils/paramsFromHash.js

@@ -1,16 +0,0 @@
-import qs from 'query-string';
-
-/*
- For when you have a hash with your params in the URL
- pass in the the 'hash' object from react-router's useLocation();
- e.g. "mysite.com/foo#bar?baz=bop"
- will return { hash: 'bar', params: { baz: "bop" }}
-*/
-const paramsFromHash = (hash) => {
-  const [baseHash, queryParams = {}] = hash.split('?');
-  const params = qs.parse(queryParams);
-  const trimmedHash = baseHash.replace('#', '').replace('/', '');
-  return { hash: trimmedHash, params };
-};
-
-export default paramsFromHash;

data/webpack/utils/useUrlParams.js

@@ -1,14 +0,0 @@
-import qs from 'query-string';
-import { useLocation } from 'react-router-dom';
-
-// Allows hash and params e.g. "/foo#bar?query=baz"
-// returns { hash: "bar", params: { query: "baz" } }
-const useUrlParamsWithHash = () => {
-  const { hash: fullParams } = useLocation();
-  const [hash, queryParams = {}] = fullParams.split('?');
-  const params = qs.parse(queryParams);
-  const trimmedhash = hash.replace('#', '');
-  return { hash: trimmedhash, params };
-};
-
-export default useUrlParamsWithHash;